Personal data processing — template

The Controller (Operator) of personal data of the loyalty programme Member is the legal entity stated below. TTE.Loyalty (TravelTechExpert) acts as Data Processor under a Data Processing Agreement (DPA).

Operator details:

• Legal name: {{OPERATOR_LEGAL_NAME}}
• Tax / company ID: {{OPERATOR_INN}} / {{OPERATOR_OGRN}}
• Registered address: {{OPERATOR_ADDRESS}}
• Data-operator registry number (regulator): {{OPERATOR_REGISTRATION_NUMBER}}
• Contact email: {{OPERATOR_EMAIL}}
• Data Protection Officer (DPO): {{OPERATOR_DPO_NAME}}, {{OPERATOR_DPO_EMAIL}}
• Phone: {{OPERATOR_PHONE}}

Processor details (TTE.Loyalty):

• Legal name: {{PROCESSOR_LEGAL_NAME}} (TravelTechExpert)
• Contact: {{PROCESSOR_EMAIL}}
• DPA agreement no. {{DPA_NUMBER}} dated {{DPA_DATE}}

Data-processing requests are directed to the Controller via the contacts above or through the programme member account.

Identification: full name, date of birth, contact data (email, phone).

Transactional: history of stays, F&B, SPA, ancillary; points earning and spending; programme tier.

Behavioural: preferences, reviews, engagement actions, communication preferences.

Technical: IP address, cookies, device fingerprint, user-agent (see Cookies Policy).

Special categories (dietary restrictions, allergies) are processed only with explicit consent and used to ensure service quality.

(a) Loyalty programme operation: earning, redemption, tier calculation, reward issuance.

(b) Communications with the Member on transactions, status and benefits.

(c) Marketing communications — based on separate per-channel consent.

(d) Analytics and service improvement — on aggregated or pseudonymised data.

(e) Protection of Operator's rights and legitimate interests (fraud prevention, audit).

Processing is based on (a) Member consent given at registration, (b) contract performance (Programme Rules), (c) Operator's legitimate interests. In GDPR jurisdictions — Art. 6(1)(a), 6(1)(b), 6(1)(f); in Russia — equivalent grounds under 152-FZ.

The Member has the right to:

• access their data and receive a copy;
• request rectification of inaccurate data;
• request erasure (right to be forgotten) — while preserving financially binding information as required by law;
• restrict processing;
• object to processing for marketing purposes;
• receive data in machine-readable form (data portability);
• lodge a complaint with a supervisory authority.

Requests are sent to the Controller via the member account or programme email. Response time — 30 days.

Member data is stored during participation in the Programme and 5 years thereafter (for financially binding reporting). Once the period ends — data is anonymised or deleted.

Cookies and device data — 12 months from last interaction. Marketing consents — until withdrawn.

Data is shared with:

• TTE.Loyalty (Processor) — under a DPA;
• Operator's PMS (Fidelio / OPERA / 1C-Hotel / other) — for profile sync;
• email/SMS provider (on behalf of the Operator, for communications);
• auditors / governmental authorities — as required by law.

Cross-border transfers are made only with adequate safeguards (Standard Contractual Clauses / Binding Corporate Rules / Adequacy Decision).

TTE.Loyalty applies technical and organisational measures:

• encryption at rest (AES-256) and in transit (TLS 1.2+);
• segregation: PII in a separate table with RLS;
• access controls + audit log;
• two-phase deletion architecture (right to be forgotten);
• regular pentests and vulnerability scanning;
• incident response procedure with Controller notification within 24 hours.

Membership requires age 18+. For family programmes, children under 14 are included only with confirmed parental/legal-guardian consent; their data is processed with additional restrictions.

The Operator may amend the policy with 30-day notice to Members via the programme website and email. Changes detrimental to Member rights — only with explicit consent.