ALM Drive - Luxury car rental with a driver in Yekaterinburg.

Home

Services

Fleet

About the company

Book

15:46

Last modified: September 17, 2025

Consent to the processing of personal data

on the procedure for storing and protecting users' personal data

1. Terms and Definitions

Website – a compilation of computer software and hardware that provides publication for public viewing of information and data united by a common intended purpose via technical means used for communication between computers on the Internet.

Under the Website, this Regulation refers to the Website located on the Internet at: https://www.almdrive.pro

User – an Internet user and, in particular, a Website user who has submitted a request for the provision of services.

Request - a form filled out by the Customer when placing an order on the Contractor's website, sending an email, or sending information to a manager.

Federal Law (FL) – Federal Law of 27 July 2006, No. 152-FZ "On Personal Data".

Personal Data – any information relating directly or indirectly to a specific or identifiable natural person (subject of personal data).

Operator – an organization that independently or jointly with other persons organizes the processing of personal data, as well as determines the purposes of processing personal data to be processed, actions (operations) performed with personal data. The Operator is LLC "ALM-TRANS", (OGRN 1256600028981, INN 6685227650), registered in accordance with the legislation of the Russian Federation at: Russia, Sverdlovsk Region, Yekaterinburg, Engels st., 36, unit 526/1. 620026.

Processing of Personal Data – any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including the collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.

Automated Processing of Personal Data – the processing of personal data using computer technology.

Distribution of Personal Data – an action aimed at disclosing personal data to a specific circle of persons upon prior consent, in cases stipulated by law.

Provision of Personal Data – actions aimed at disclosing personal data to a specific person or a specific circle of persons.

Blocking of Personal Data – temporary termination of personal data processing (except the cases when processing is necessary for clarification of personal data).

Destruction of Personal Data – actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and/or as a result of which tangible carriers of personal data are destroyed.

Depersonalization of Personal Data – actions as a result of which it becomes impossible to determine, without the use of additional information, the ownership of personal data by a specific subject of personal data.

Personal Data Information System (PDIS) – a compilation of personal data contained in databases and of the information technologies and technical means ensuring their processing.

2. General Provisions

2.1. The Regulation on the procedure for storing and protecting the personal data of Website Users (hereinafter — the Regulation) has been developed in order to comply with the requirements of the legislation of the Russian Federation containing personal data and to identify Users on the Website.

2.2. The Regulation is developed in accordance with the Constitution of the Russian Federation, the Civil Code of the Russian Federation, and current legislation of the Russian Federation in the field of personal data protection.

2.3. The Regulation defines the policy regarding the processing of personal data, the implemented requirements for personal data protection, and establishes the procedure for processing personal data of Website Users: collection, systematization, accumulation, storage, clarification (updating, changing), and destruction of personal data.

2.4. The Regulation establishes general requirements and rules mandatory for the Operator's employees involved in maintaining the Website, for working with all types of media containing personal data of Website Users.

2.5. The Regulation does not address the security issues of personal data classified in accordance with the established procedure as state secrets of the Russian Federation.

2.6. The purposes of the Regulation are:

● ensuring the protection of human and civil rights and freedoms when processing personal data, including the protection of the right to privacy, personal and family secrets;

● excluding unauthorized actions by the Operator's employees and any third parties regarding the collection, systematization, accumulation, storage, clarification (updating, modification) of personal data and other forms of illegal interference with the Operator's info-resources and local computing network, as well as ensuring a legal and regulatory regime of confidentiality of undocumented info of Website Users;

● protecting the constitutional rights of citizens to personal privacy, confidentiality of information constituting personal data, and preventing any potential security threat to Website Users.

2.7. Principles of Personal Data Processing:

● processing of personal data must be carried out on a lawful and fair basis;

● processing of personal data must be limited to achieving specific, predetermined, and legitimate purposes. Processing of personal data incompatible with the purposes of gathering personal data is not permitted;

● it is not permitted to combine databases containing personal data that are processed for incompatible purposes;

● only personal data that meet the purposes of their processing are subject to processing;

● the content and volume of processed personal data must comply with the declared purposes of processing. The processed personal data must not be redundant in relation to the declared purposes of their processing;

● accuracy, sufficiency, and relevance (where necessary) of personal data in relation to the purposes of processing must be ensured when processing personal data;

● storage of personal data must be carried out no longer than required by the purposes of personal data processing, unless the storage period of personal data is established by Federal Law or an agreement to which the User is a party;

● the processed personal data are subject to destruction or depersonalization upon achieving the purposes of processing or in case of loss of necessity in achieving these purposes, unless otherwise provided by Federal Law.

2.8. Conditions for Personal Data Processing.

2.8.1. Processing of personal data of Website Users is carried out on the basis of the Civil Code of the Russian Federation, the Constitution of the Russian Federation, and current legislation of the Russian Federation in the field of personal data protection.

2.8.2. Processing of personal data on the Website is carried out in compliance with the principles and rules provided for by the Regulation and the legislation of the Russian Federation.

Processing of personal data is allowed in the following cases:

● processing of personal data is necessary to use the Website, to which the User is a party;

● processing of personal data is necessary to protect the life, health, or other vital interests of the Website User, if obtaining consent is impossible;

● processing of personal data is necessary to exercise the rights and legitimate interests of the Operator or third parties, or to achieve socially significant goals, provided that the rights and freedoms of the Website Users are not violated;

● processing of personal data is carried out for statistical or other research purposes, with the exception of personal data processing for the purpose of promoting goods, works, and services in the market by making direct contacts with potential consumers using communication means, as well as for political agitation purposes, subject to mandatory depersonalization of personal data.

2.9. Purposes of Personal Data Processing.

2.9.1. Processing of personal data of Website Users is carried out solely for the purpose of providing the User with the opportunity to interact with the Website.

2.9.2. Information constituting personal data on the Website is any information relating to a specific or identifiable natural person (subject of personal data) based on such information.

2.10. Sources of Obtaining Users' Personal Data.

2.10.1. The source of information about all personal data of the User is directly the User himself.

2.10.2. The source of information about the User's personal data is the information obtained as a result of the Operator granting the User the right to use the Website.

2.10.3. User Personal Data is classified as confidential information of restricted access.

2.10.4. Ensuring the confidentiality of personal data is not required in the event of their depersonalization, or in relation to publicly available personal data.

2.10.5. The Operator has no right to collect and process the User's personal data about their racial or ethnic origin, political opinions, religious or philosophical beliefs, or private life, except in cases provided for by current legislation.

2.10.6. The Operator has no right to obtain and process the User's personal data regarding their membership in public associations or trade union activities, except in cases provided for by Federal Law.

2.11. Methods of Personal Data Processing.

2.11.1. Personal data of Website Users are processed solely with the use of automation tools.

2.12. Rights of Personal Data Subjects (Users).

2.12.1. The User has the right to obtain information about the Operator, their location, the availability of personal data relating to a specific personal data subject (User) from the Operator, as well as to familiarize themselves with such personal data, except in cases provided for in part 8 of article 14 of the Federal Law "On Personal Data".

2.12.2. The User has the right to receive from the Operator, upon personal request or upon receipt of a written request from the User, the following information regarding the processing of their personal data, including that containing:

● confirmation of the fact of personal data processing by the Operator, as well as the purpose of such processing;

● legal grounds and purposes of personal data processing;

● the purposes and methods of personal data processing applied by the Operator;

● the name and location of the Operator, information about persons (other than Operator's employees) who have access to personal data or to whom personal data may be disclosed pursuant to an agreement with the Operator or under Federal Law;

● the processed personal data relating to the respective personal data subject, the source of their acquisition, unless a different procedure for providing such data is provided for by Federal Law;

● timeframes of personal data processing, including the terms of their storage;

● the procedure for the personal data subject to exercise the rights provided for by Federal Law;

● information about the actual or expected cross-border transfer of data;

● the name or last name, first name, middle name, and address of the person processing personal data on behalf of the Operator, if the processing is or will be delegated to such a person;

● other information provided for by Federal Law or other federal laws;

● demand editing, refinement, destruction of information about oneself;

● appeal against unlawful actions or omissions in personal data processing and claim appropriate compensation in court;

● to supplement personal data of an evaluative nature with a statement expressing their own point of view;

● determine representatives for the protection of their personal data;

● require the Operator to notify about all modifications made in them or exclusions from them.

2.12.3. The User has the right to appeal to the authorized body for the protection of the rights of personal data subjects or in court against the actions or omissions of the Operator, if they believe that the latter processes their personal data in violation of the requirements of the Federal Law "On Personal Data" or otherwise violates their rights and freedoms.

2.12.4. The personal data subject has the right to protect their rights and legitimate interests, including compensation for damages and (or) moral damage in court.

2.13. Obligations of the Operator.

2.13.1. Upon personal application or upon receipt of a written request from the personal data subject or their representative, the Operator is obliged, if there are grounds, to provide information within 30 days from the date of application or receipt of the request of the personal data subject or their representative in the scope established by Federal Law. Such information must be provided to the personal data subject in an accessible form, and it must not contain personal data relating to other personal data subjects, except in cases where there are legal grounds for disclosing such personal data.

2.13.2. All appeals of personal data subjects or their representatives are registered in the Logbook of Citizens' Appeals (personal data subjects) on Personal Data Processing issues.

2.13.3. In case of refusal to provide information on the availability of personal data about the corresponding personal data subject to the subject or their representative upon application or receipt of a request, the Operator is obliged to provide a motivated written response containing a reference to the provision of part 8 of article 14 of the Federal Law "On Personal Data" or another federal law, which is the basis for such refusal, within a period not exceeding 30 days from the day of application of the personal data subject or their representative, or from the date of receipt of the request of the personal data subject or their representative.

2.13.4. In the event of receiving a request from an authorized body for the protection of personal data subjects' rights for information necessary for the execution of the activities of the specified body, the Operator is obliged to report such information to the authorized body within 30 days from the date of receiving such request.

2.13.5. In the case of detecting unlawful processing of personal data upon application or request of a personal data subject or their representative or an authorized body for protection of personal data subjects' rights, the Operator is obliged to block unlawfully processed personal data relating to this personal data subject from the moment of such application or receipt of the specified request for the verification period.

2.13.6. In the case of detecting unlawful processing of personal data carried out by the Operator, the latter is obliged to stop unlawful processing of personal data within a period not exceeding three working days from the date of such detection. The Operator is obliged to notify the personal data subject or their representative of the elimination of committed violations, and if the application of the personal data subject or their representative or the request of the authorized body for the protection of the rights of personal data subjects were sent by the authorized body for the protection of the rights of personal data subjects, also the specified body.

2.13.7. In case the purpose of personal data processing is achieved, the Operator is obliged to stop processing personal data and destroy personal data within a period not exceeding 30 working days from the date of achieving the purpose of personal data processing, unless otherwise provided by an agreement to which the personal data subject is a party.

2.13.8. It is prohibited to make decisions based solely on automated processing of personal data that generate legal consequences for the personal data subject or otherwise affect their rights and legitimate interests.

2.14. Confidentiality Regime of Personal Data.

2.14.1. The Operator ensures the confidentiality and security of personal data during their processing in accordance with the requirements of the legislation of the Russian Federation.

2.14.2. The Operator does not disclose to third parties or distribute personal data without the consent of the personal data subject, unless otherwise provided by Federal Law.

2.14.3. In accordance with the list of personal data processed on the website, the personal data of Website Users are confidential information.

2.14.4. Persons carrying out the processing of personal data are obliged to comply with the requirements of the Operator's regulatory documents in terms of ensuring the confidentiality and security of personal data.

3. Personal Data Processing

3.1. List of processed personal data of Users:

● last name;

● first name;

● middle name (patronymic);

● payment details;

● delivery address;

● contact phone number;

● email address.

3.2. Persons with the Right to Access Personal Data.

3.2.1. The right of access to the personal data of subjects is possessed by persons endowed with corresponding powers in accordance with their job duties.

3.2.2. The list of persons having access to personal data is approved by the General Director of the Operator.

3.3. Procedure and Timeframes for Storing Personal Data on the Website.

3.3.1. The Operator only carries out the storage of personal data of Users on the Website.

3.3.2. Terms of storage of personal data of Website Users: no longer than required by the purposes of personal data processing, unless the storage period of personal data is established by federal law, an agreement to which the subject of personal data is a party, beneficiary, or guarantor.

3.3.3. In case of deletion of data from the Website at the initiative of one of the parties, namely the termination of using the Website, the User's personal data are stored in the Operator's databases for five years in accordance with the legislation of the RF.

3.3.4. Upon expiration of the above-mentioned storage period, the User's personal data are deleted automatically by an algorithm specified by the Operator.

3.3.5. The Operator does not process personal data of Users on paper media.

3.4. Blocking of Personal Data.

3.4.1. Blocking of personal data refers to the temporary suspension by the Operator of operations for their processing at the request of the User when detecting inaccuracy of the processed information or, in the opinion of the personal data subject, unlawful actions regarding their data.

3.4.2. The Operator does not transfer personal data to third parties and does not delegate personal data processing to external persons and organizations. Personal data of Website Users are processed only by the Operator's employees (database administrators, etc.) admitted to processing personal data of Users in the established order.

3.4.3. Blocking of personal data on the Website is carried out on the basis of a written application from the personal data subject.

3.5. Destruction of Personal Data.

3.5.1. Destruction of personal data means actions as a result of which it becomes impossible to restore the personal data content on the Website and/or as a result of which tangible carriers of personal data are destroyed.

3.5.2. The personal data subject is entitled to demand in writing the destruction of their personal data if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or is not necessary for the declared purpose of processing.

3.5.3. In the event that it is impossible to destroy personal data, the Operator carries out the blocking of such personal data.

3.5.4. Destruction of personal data is carried out by erasing information using certified software with guaranteed destruction (in accordance with specified characteristics for installed software with guaranteed destruction).

4. Personal Data Security System

4.1. Measures to ensure the safety of personal data during processing.

4.1.1. When processing personal data, the Operator is obliged to take necessary legal, organizational, and technical measures or ensure their adoption to protect personal data from unlawful or accidental access to them, destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions in relation to personal data.

4.1.2. Ensuring the security of personal data is achieved, in particular, by:

● determining security threats to personal data during their processing in personal data information systems;

● applying organizational and technical measures to ensure the security of personal data during their processing in personal data information systems, necessary to meet the requirements for personal data protection;

● applying information protection tools that have undergone compliance assessment procedures in accordance with the established procedure;

● evaluating the effectiveness of measures taken to ensure the security of personal data prior to putting the personal data information system into operation;

● keeping records of machine media of personal data;

● detecting facts of unauthorized access to personal data and taking measures;

● restoring personal data modified or destroyed as a result of unauthorized access to them;

● establishing rules for access to personal data processed in the personal data information system, as well as ensuring registration and recording of all actions performed with personal data in the personal data information system;

● monitoring measures taken to ensure the security of personal data and the level of protection of personal data information systems.

4.1.3. For the purposes of the Regulation, security threats to personal data refer to a set of conditions and factors that create danger of unauthorized, including accidental, access to personal data, which may result in destruction, modification, blocking, copying, provision, distribution, as well as other illegal actions during their processing in the personal data information system. The level of personal data security is understood as a complex indicator characterizing requirements, the fulfillment of which ensures neutralization of certain security threats to personal data when they are processed in the personal data information system.

4.2. Protected Information about the Personal Data Subject.

The protected information about the personal data subject on the Website includes data allowing to identify the personal data subject and/or obtain additional information about them, provided for by legislation and the Regulation.

4.3. Protected Objects of Personal Data.

4.3.1. Protected objects of personal data on the Website include:

● objects of informatization and technical means of automated processing of information containing personal data;

● information resources (databases, files, etc.) containing info on information and telecommunication systems in which personal data circulate, on events occurred with managed objects, on plans to ensure uninterrupted operation and procedures for transitioning to management in emergency modes;

● communication channels used to transfer personal data in the form of informative electrical signals and physical fields;

● alienable media on magnetic, magneto-optical, and other bases used for personal data processing.

4.3.2. Technological information about information systems and elements of the personal data protection system to be protected includes:

● information on the access control system to informatization objects where personal data processing is carried out;

● control information (configuration files, routing tables, security system settings, etc.);

● technological information of access tools to management systems (authentication info, keys and access attributes, etc.);

● attributes of communication channels used to transmit personal data in the form of analytical electrical signals and physical fields;

● information on personal data protection tools, their composition and structure, principles and technical solutions of protection;

● service data (metadata) appearing during software operation, messages and protocols of network interaction, as a result of personal data processing.

4.4. Requirements for the Personal Data Protection System.

The personal data protection system must comply with the requirements of the Decree of the Government of the Russian Federation dated 1 November 2012 No. 1119 "On Approval of Requirements for Personal Data Protection During Processing in Personal Data Information Systems".

4.4.1. The personal data protection system must ensure:

● timely detection and prevention of unauthorized access to personal data and (or) transfer of them to persons who do not have the right to access such information;

● prevention of impact on technical means of automated processing of personal data, as a result of which their functioning can be disrupted;

● the possibility of immediate recovery of personal data modified or destroyed due to unauthorized access to them;

● constant monitoring of ensuring the level of personal data security.

4.4.2. Information security tools used in information systems must undergo conformity assessment procedures in accordance with the established procedure.

4.5. Methods and Means of Information Protection in Personal Data Information Systems.

4.5.1. Methods and means of information protection in the personal data information systems of the Operator must comply with the requirements of:

● the Order of FSTEK RF of 18 February 2013 No. 21 "On Approval of the Composition and Content of Organizational and Technical Measures to Ensure the Security of Personal Data during their Processing in Personal Data Information Systems";

● the Order of FSB of Russia dated 10 July 2014 No. 378 "On Approval of the Composition and Content of Organizational and Technical Measures to Ensure the Security of Personal Data during their Processing in Personal Data Information Systems using Cryptographic Information Security Tools, Necessary to Comply with the Requirements for Personal Data Protection Established by the Government of the Russian Federation for Each of the Security Levels" (in case the Operator determines the need to use cryptographic information protection tools to ensure personal data security).

4.5.2. The main methods and ways of protecting information in information systems of Users' personal data are the methods and ways of protecting info from unauthorized, including accidental, access to personal data, the result of which may be destruction, modification, blocking, copying, distribution of personal data, as well as other unauthorized activities (hereinafter referred to as methods and ways of information protection from UAC).

4.5.3. Selection and implementation of methods and ways of information protection on the Website is carried out in accordance with recommendations of regulators in the field of information protection – FSTEK of Russia and FSB of Russia, taking into account security threats to personal data determined by the Operator (threat models) and depending on the class of the information system.

4.5.4. Selected and implemented methods and ways of information protection on the Website must ensure neutralization of expected personal data security threats during processing.

4.6. Protection Measures for Information Constituting Personal Data.

4.6.1. Measures to protect databases containing personal data taken by the Operator shall include:

● determining the list of information constituting personal data;

● limiting access to information containing personal data by establishing a procedure for handling this info and controlling compliance with such order.

4.6.2. Measures to protect the confidentiality of information are recognized as reasonably sufficient if:

● access to personal data of any third parties without the consent of the Operator is excluded;

● the possibility of using info containing personal data without violating the personal data legislation is provided;

● when working with the User, such a procedure of the Operator's actions is established under which the safety of data containing personal details of the User is ensured.

4.6.3. Personal data cannot be used for purposes contradicting the requirements of Federal Law, protection of constitutional order bases, morality, health, rights and legal interests of other persons, and ensuring the country's defense and state security.

4.7. Liability.

4.7.1. All Operator employees carrying out the processing of personal data are obliged to keep secrets about information containing personal data in accordance with the Regulation, requirements of the Russian Federation legislation.

4.7.2. Indivuals guilty of violating the requirements of the Regulation bear the responsibility provided for by the legislation of the RF.

4.7.3. Liability for compliance with the personal data regime towards personal data in the Website databases is borne by those responsible for personal data processing.

5. Final Provisions

5.1. In case of changes in the current legislation of the RF, amendments to regulatory documents on personal data protection, this Regulation remains in force in the part that does not contradict the current legislation until it is brought into compliance with such.

5.2. Requirements of this Regulation are set, modified, and cancelled by the Operator unilaterally without prior notice to the User. From the moment a new edition of the Regulation is posted on the Website, the previous edition is considered to have lost its force. In the event of a significant change in the conditions of this Regulation, the Operator notifies Users of this by posting a relevant notice on the Website.

5.3. If the User does not agree with the terms of this Regulation, they must immediately delete their profile from the Website; otherwise, continued use of the Website by the User means that the User agrees with the terms of this Regulation.

Discover the perfect trips with ALM DRIVE

Book a trip

Company

Contacts

Cooperation

become a driver

write to us

Contacts

+7 (993) 104 14 14

alm-trans@mail.ru

User Agreement

Offer Agreement

Alm-Trans LLC

OGRN: 1256600028981

TIN: 6685227650

Manage your trips in one click via smartphone.
Coming soon.

The information on this website does not constitute a public offer.

Discover the perfect trips with ALM DRIVE

Book a trip

Company

Contacts

Cooperation

become a driver

write to us

Contacts

+7 (993) 104 14 14

alm-trans@mail.ru

User Agreement

Offer Agreement

Alm-Trans LLC

OGRN: 1256600028981

TIN: 6685227650

Manage your trips in one click via smartphone.
Coming soon.

The information on this website does not constitute a public offer.

Discover the perfect trips with ALM DRIVE

Book a trip

Navigation

Home

Fleet

About

Company

Contacts

Cooperation

become a driver

write to us

Telegram

Contacts

+7 (993) 104 14 14

alm-trans@mail.ru

Manage your trips in one click via smartphone.
Coming soon.

Discover the perfect trips with ALM DRIVE

Book a trip

Navigation

Home

Fleet

About

Company

Contacts

Cooperation

become a driver

write to us

Telegram

Contacts

+7 (993) 104 14 14

alm-trans@mail.ru

Manage your trips in one click via smartphone.
Coming soon.

Discover the perfect trips with ALM DRIVE

Book a trip

Navigation

Company

Contacts

Cooperation

become a driver

write to us

Contacts

Manage your trips in one click via smartphone.Coming soon.

Discover the perfect trips with ALM DRIVE

Book a trip

Navigation

Company

Contacts

Cooperation

become a driver

write to us

Contacts

Manage your trips in one click via smartphone.Coming soon.

Manage your trips in one click via smartphone.
Coming soon.

Manage your trips in one click via smartphone.
Coming soon.