Privacy policy

Privacy Policy

The Personal Data Operator is

Individual Entrepreneur

Ilya Anatolyevich Sanaev

OGRNIP: 324774600405951

TIN: 771576258405

Mailing address: Moscow, Russian Federation

E-mail: info@sanaevmoscow.com

Phone: +7 495 095 10 88

1. General Provisions

This Personal Data Processing Policy has been drafted in accordance with Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter — the “Personal Data Law”) and defines the procedure for processing personal data and measures taken to ensure the security of personal data by the Operator (hereinafter — the “Operator”).

1.1. The Operator considers compliance with human and civil rights and freedoms when processing personal data, including protection of privacy and personal and family secrets, as its highest priority.

1.2. This Policy applies to all information that the Operator may obtain about visitors of the website:

https://sanaevmoscow.com

2. Key Definitions Used in this Policy

2.1. Automated processing of personal data — processing using computer technology.

2.2. Blocking of personal data — temporary suspension of personal data processing (except where processing is necessary for clarification).

2.3. Website — a set of graphic and informational materials, as well as software and databases ensuring their availability on the Internet at: https://sanaevmoscow.com

2.4. Personal Data Information System — a set of personal data contained in databases and the information technologies and technical means ensuring their processing.

2.5. Depersonalization of personal data — actions resulting in the impossibility of determining, without additional information, whether personal data belongs to a specific user.

2.6. Personal data processing — any action (operation) or set of actions performed with or without automation, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion and destruction.

2.7. Operator — a state authority, municipal authority, legal entity or individual independently or jointly organizing and/or carrying out personal data processing and determining its purposes, scope and methods.

2.8. Personal data — any information directly or indirectly relating to an identified or identifiable user of the website.

2.9. Personal data permitted for dissemination — personal data made publicly available by the data subject through separate consent in accordance with the Personal Data Law.

2.10. User — any visitor of the website.

2.11. Provision of personal data — disclosure of personal data to a specific person or group of persons.

2.12. Dissemination of personal data — disclosure of personal data to an indefinite group of persons, including publication on the Internet.

2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state.

2.14. Destruction of personal data — actions resulting in irreversible destruction of personal data.

3. Rights and Obligations of the Operator

3.1. The Operator has the right to:

– obtain reliable information and/or documents containing personal data from the data subject;

– continue processing personal data without consent if permitted by law;

– independently determine necessary measures to ensure compliance with personal data legislation.

3.2. The Operator is obliged to:

– provide information regarding personal data processing upon request;

– organize processing in accordance with Russian law;

– respond to requests of data subjects;

– publish this Policy;

– implement legal, organizational and technical security measures;

– cease processing and destroy personal data when required by law.

4. Rights and Obligations of Data Subjects

4.1. Data subjects have the right to:

– obtain information about their personal data processing;

– request clarification, blocking or destruction of inaccurate or unlawfully obtained data;

– withdraw consent;

– appeal actions of the Operator to the authorized authority (Roskomnadzor) or in court;

– exercise other rights provided by Russian law.

4.2. Data subjects are obliged to provide accurate data and update it when necessary.

5. Categories of Personal Data Processed

The Operator may process the following personal data:

– full name;

– email address;

– phone number;

– date and place of birth;

– photographs;

– event date and personal preferences;

– passport data, birth certificate data, SNILS (if required for vehicle rental agreements);

– other data submitted via website forms or messaging services (WhatsApp, Telegram, VK, etc.).

The website also collects anonymized data (including cookies) via analytics services (Yandex Metrica, Google Analytics and others).

The Operator does not process special categories of personal data unless required by law.

Consent for personal data permitted for dissemination is obtained separately in accordance with Article 10.1 of the Personal Data Law.

6. Principles of Personal Data Processing

Processing is carried out:

– lawfully and fairly;

– only for specific and legitimate purposes;

– without excessive data collection;

– ensuring accuracy and relevance;

– for no longer than necessary to achieve processing purposes.

7. Purposes of Processing

Personal data is processed for:

– communication with users;

– conclusion and execution of civil law contracts;

– providing access to website services;

– sending informational messages (with the right to opt-out);

– improving website performance and content quality.

Legal grounds:

– consent of the data subject (Art. 6(1)(1) of the Law);

– contract execution (Art. 6(1)(2));

– legitimate interests of the Operator (Art. 6(1)(7)).

8. Legal Grounds

Processing is based on:

– agreements with data subjects;

– Russian legislation;

– user consent provided via website forms (checkbox confirmation).

9. Conditions of Processing

Processing is carried out:

– with consent;

– for contract performance;

– for legal compliance;

– for legitimate interests not violating rights of data subjects.

The Operator may carry out cross-border transfer of personal data to countries ensuring adequate protection, including the United States (in connection with the use of Google Analytics), in compliance with Russian law.

10. Security Measures

The Operator ensures data security by implementing:

– appointment of a responsible person;

– access restriction;

– antivirus protection;

– password-based access control;

– internal compliance monitoring.

Personal data is not transferred to third parties unless required by law or consented to by the user.

Users may update or withdraw consent via email: info@sanaevmoscow.com

11. Actions Performed with Personal Data

The Operator performs:

collection, recording, storage, clarification, use, transfer, depersonalization, blocking, deletion and destruction.

Processing may be automated or non-automated. 

12. Cross-Border Transfer

Before cross-border transfer, the Operator ensures adequate protection in the recipient country.

Transfer to countries without adequate protection is allowed only with written consent or for contract execution.

13. Confidentiality

The Operator and authorized persons shall not disclose personal data without consent, except as required by law. 

14. Final Provisions

Users may request clarification via info@sanaevmoscow.com

The Policy is effective indefinitely until replaced by a new version.

The current version is available at:

https://sanaevmoscow.com/politika-konfidenczialnosti/

Date of publication and last update: February 15, 2026.