1. General Provisions
This Personal Data Processing Policy has been prepared in accordance with Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” (hereinafter, the “Personal Data Law”) and defines the procedures for processing personal data and measures to ensure its security undertaken by Emirates Dreams (hereinafter, the “Operator”).
1.1. The Operator considers compliance with the rights and freedoms of individuals when processing their personal data—including protection of the right to privacy, personal and family confidentiality—to be a key objective and condition for its activities.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the website https://emirate-dreams.com/.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing using computer technology.
2.2. Blocking of personal data — temporary cessation of personal data processing (except where processing is necessary to clarify personal data).
2.3. Website — a collection of graphic and informational materials, as well as computer programs and databases ensuring their availability on the Internet at https://emirate-dreams.com/.
2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means that ensure its processing.
2.5. Depersonalization of personal data — actions making it impossible to determine personal data ownership by a specific User or other subject of personal data without additional information.
2.6. Processing of personal data — any action (operation) or set of actions performed with or without automation involving personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, alteration), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction.
2.7. Operator — a state body, municipal body, legal entity, or individual who organizes and/or performs the processing of personal data, and determines the purposes, the composition of personal data processed, and actions performed on personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://emirate-dreams.com/.
2.9. Personal data permitted for distribution — personal data accessible to an unlimited circle of persons based on the subject’s consent given in accordance with the Personal Data Law.
2.10. User — any visitor to the website https://emirate-dreams.com/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Distribution of personal data — actions aimed at disclosing personal data to an indefinite group of persons or making it available to an unlimited group of persons (including publication, online placement, or providing access).
2.13. Cross-border transfer of personal data — transfer to the territory of a foreign state to its authority, a foreign individual, or a foreign legal entity.
2.14. Destruction of personal data — actions resulting in irreversible destruction of personal data with the impossibility of further restoration and/or destruction of physical media.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to: (i) receive reliable information and/or documents containing personal data from the subject; (ii) continue processing without consent in cases provided by the Personal Data Law; (iii) independently determine the measures necessary to comply with the Law unless otherwise provided by law.
3.2. The Operator is obligated to: (i) provide the subject with information concerning processing; (ii) organize processing in accordance with the laws of the Russian Federation; (iii) respond to requests from subjects and their legal representatives; (iv) provide the authorized body with information within 10 days of request; (v) publish and/or ensure unrestricted access to this Policy; (vi) adopt legal, organizational, and technical measures to protect personal data; (vii) cease transmission/processing and destroy personal data in cases provided by law; (viii) perform other duties prescribed by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Subjects have the right to: obtain information on processing; require clarification/blocking/destruction of data if incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary; require prior consent for marketing; withdraw consent and request cessation; appeal to the authorized body or court; exercise other rights under Russian law.
4.2. Subjects are obligated to provide reliable information about themselves and notify the Operator of updates (changes) to their personal data.
4.3. Persons who provide unreliable information about themselves or about another subject without consent bear responsibility under Russian law.
5. Principles of Personal Data Processing
5.1. Processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, and legitimate purposes. Processing incompatible with the purposes of collection is not permitted.
5.3. Merging databases processed for incompatible purposes is prohibited.
5.4. Only personal data that corresponds to the purposes of processing shall be processed.
5.5. The content and scope of processed personal data must correspond to the stated purposes; excessiveness is not permitted.
5.6. Accuracy, sufficiency, and, where necessary, relevance of personal data are ensured; incomplete/inaccurate data are removed or clarified.
5.7. Storage is limited to the period required for the purposes of processing unless a longer period is required by law or contract; data is destroyed or depersonalized upon achieving purposes or when no longer needed.
6. Purposes of Personal Data Processing
| Purpose of processing | Informing the User via email |
| Personal data | Surname, name, patronymic (middle name), email address, phone numbers |
| Legal basis | Federal Law No. 149-FZ of July 27, 2006 “On Information, Information Technologies and Protection of Information” |
| Types of processing | Collection, recording, systematization, accumulation, storage, destruction, and depersonalization of personal data; sending informational emails to the email address |
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the subject’s consent.
7.2.–7.7. Processing may also be necessary to achieve goals stipulated by international treaties or law; to administer justice or enforce acts; to fulfill or conclude a contract; to exercise rights and legitimate interests of the Operator or third parties without violating rights and freedoms; for publicly accessible data; and where publication or mandatory disclosure is required by federal law.
8. Procedure for Collecting, Storing, Transferring and Other Types of Processing
The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures to fully comply with applicable legislation on personal data protection.
8.1. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access.
8.2. The User’s personal data will never be transferred to third parties except as required by law or with the subject’s consent to fulfill obligations under a civil law contract.
8.3. If inaccuracies are identified, the User may update the data by emailing the Operator at info@emirate-dreams.com marked “Updating personal data”.
8.4. The processing period is determined by the purposes for which personal data was collected unless otherwise specified by contract or law. The User may withdraw consent at any time by emailing the Operator at info@emirate-dreams.com marked “Withdrawal of consent for personal data processing”.
8.5. All information collected by third-party services (payment systems, communication tools, service providers) is stored and processed by those entities under their User Agreement and Privacy Policy. The Operator is not liable for actions of third parties.
8.6. Prohibitions/conditions established by the subject regarding processing of personal data permitted for distribution do not apply in cases of processing in state, public and other public interests as defined by Russian law.
8.7. The Operator ensures confidentiality when processing personal data.
8.8. Personal data is stored no longer than required for the purposes of processing unless otherwise established by law or contract.
8.9. Grounds for terminating processing include achieving purposes, expiration/withdrawal of consent, a request to cease processing, or detection of unlawful processing.
9. List of Actions Performed by the Operator
9.1. Collection, recording, systematization, accumulation, storage, clarification (updating, alteration), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction.
9.2. Automated processing with or without transmission via telecommunication networks.
10. Cross-border Transfer of Personal Data
10.1. Before starting cross-border transfer activities, the Operator must notify the authorized body for protection of personal data subjects’ rights (separately from the notification of intent to process personal data).
10.2. Before submitting the notification, the Operator must obtain relevant information from foreign state authorities, foreign individuals, or foreign legal entities intended to receive cross-border transfers.
11. Confidentiality of Personal Data
The Operator and other persons who have gained access to personal data are obligated not to disclose or disseminate personal data without the subject’s consent unless otherwise provided by federal law.
12. Final Provisions
12.1. The User may obtain clarifications regarding the processing of his/her personal data by contacting the Operator via email at info@emirate-dreams.com.
12.2. Any changes to the Operator’s policy will be reflected in this document. The Policy remains in effect indefinitely until replaced by a new version.
12.3. The current version of the Policy is freely accessible online at https://emirate-dreams.com/privacy-policy/.