Privacy Policy

Revision dated January 28, 2026

This Privacy Policy (hereinafter referred to as the Policy) has been developed in accordance with Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" and is intended to define the procedure for processing personal data and measures to ensure the security of personal data of individuals that may be received by LIONES LLC, TIN: 7719066437, PSRN: 1027739389600

If you have any questions related to the Policy, including questions about the processing and protection of your personal data, you can send us a request by email at hotel-leon-spa@mail.ru

The Policy is posted in the footer of the main page of the website: hotel-leon.ru

1. Basic Concepts

1.1. Personal data — any information relating directly or indirectly to a specific or identifiable individual (the Data Subject).

1.2. Website — a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at: hotel-leon.ru and all subdomains created based on it.

1.3. Processing of personal data — any action (operation) or set of actions performed with or without automation with personal data, including: collection, recording, systematization, accumulation, extraction, storage, clarification (update, modification), use, transfer (distribution, provision, access), deletion, destruction of personal data, anonymization, blocking.

1.4. Data Subject — an individual to whom the relevant personal data relates.

1.5. Destruction of personal data — actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which material carriers of personal data are destroyed.

1.6. Blocking of personal data — temporary cessation of processing of personal data (except when processing is necessary for clarification of personal data).

1.7. Provision of personal data — actions aimed at disclosing personal data to a certain person or a certain circle of persons.

1.8. Anonymization of personal data — actions as a result of which it becomes impossible to determine the ownership of personal data to a specific Data Subject without using additional information.

1.9. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing.

1.10. Customer — any legally capable individual who has accepted the offer.

1.11. Personal Data Operator — an Organization that independently or jointly with other persons organizes and (or) carries out the processing of personal data, as well as determines the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data.

1.12. Automated processing of personal data — processing of personal data using computer technology.

1.13. User — an individual to whom the relevant personal data relates, viewing the content of the website and/or using the functionality of the website.

1.14. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign state authority, a foreign individual or a foreign legal entity.

2. General Provisions

2.1. The Policy is intended to inform the Data Subject about the Operator's actions for collecting, processing and protecting personal data of subjects to achieve the stated purposes of processing personal data on the website: hotel-leon.ru. By clicking the "Submit" button, the Data Subject confirms that they have read the consent to the processing of personal data and the Policy.

2.2. Cases of personal data processing to which the Policy applies are listed in the section "Purpose of processing and composition of information about data subjects that the Operator receives and processes".

2.3. The transfer of personal information by the Data Subject means unconditional consent of the Data Subject to the terms of the Privacy Policy and the conditions for processing their personal data specified therein. In case of disagreement with the terms of the Policy, the Data Subject must refrain from transferring personal information to the Operator.

2.4. The Policy (including any part thereof) may be changed by the Operator without any special notice and without payment of any compensation in connection therewith. The new version of the Policy comes into force from the moment of its posting on the Operator's website.

2.5. By accepting the terms of the Policy, the Data Subject expresses their consent to the processing by the Operator of data about the Data Subject for the purposes provided for by the Policy.

2.6. For website usage analytics, the following tools are used: Yandex Metrica https://yandex.ru/legal/confidential/

2.7. Using the Website and its services through a web browser that accepts cookie data means the Data Subject expresses consent that the Operator may collect and process cookie data to improve the Website, its content, and its functionality. Disabling and/or blocking the web browser option to receive cookie data by the Data Subject means that the Data Subject's use of the Website may be limited, in particular, some of its functions.

2.8. Cookie Notice

By visiting the Website, you agree that the Operator uses certain monitoring and tracking technologies such as cookies, beacons, pixels, tags, and scripts (collectively "Cookies"). These technologies are used to provide, maintain and improve the Operator's Website, to optimize offers and marketing activities.

2.9. Cookie Management. Opting Out of Cookies.

You can prohibit the installation of some or all cookies. In most browsers, cookies are accepted automatically, but you have the ability to manage browser settings to block or delete cookies.

2.10. The Operator does not verify the accuracy of personal information provided by the Data Subject.

3. Purposes of Processing and Composition of Personal Data Information

Purpose 1: Processing and sending an application on the Website for consultation via feedback and further provision of services.

Category of personal data: name, phone number, email, data collected via metric programs.

Processing and storage period: 10 years.

Purpose 2: Conclusion and execution of a civil law contract with the Data Subject.

Category of personal data: full name, phone number, email, TIN, registration address, identity document data.

Processing and storage period: 5 years.

Purpose 3: Sending messages, notifications, requests, responses, documents, advertising or informational messages to the Data Subject.

Category of personal data: name, phone number, email.

Processing and storage period: 10 years.

Purpose 4: Website administration, data analysis, testing, system maintenance, support, reporting, statistics collection.

Category of personal data: cookies, IP address, data collected via metric programs.

Processing and storage period: 10 years.

4. Legal Grounds for Processing Personal Data

4.1. The Policy was developed in accordance with clause 2, part 1, article 18.1 of the Federal Law "On Personal Data".

4.2. The Policy contains information subject to disclosure in accordance with part 1 of article 14 of the Federal Law "On Personal Data" and is a publicly available document.

5. Data Subject Rights

In accordance with the Federal Law "On Personal Data", the Data Subject has the following rights:

• right to access personal data;
• right to rectification of personal data;
• right to blocking and deletion of personal data;
• right to appeal our actions or inaction;
• right to withdraw consent.

6. Data Security

Personal data collected and stored by the Operator is considered confidential information. It is protected from loss, alteration or unauthorized access in accordance with the legislation of the Russian Federation in the field of personal data.

7. Contact Information

LIONES LLC

TIN: 7719066437, PSRN: 1027739389600

109431, Moscow, Zhulebinskiy Boulevard, 36, bldg. 1

Email: hotel-leon-spa@mail.ru