1. General Provisions
This Privacy Policy (hereinafter referred to as the "Policy") governs the processing and protection of personal data of users of the website https://kestel.space/ (hereinafter referred to as the "Website").
This Policy has been developed in accordance with:

• Federal Law of the Russian Federation No. 152-FZ "On Personal Data";
• The General Data Protection Regulation (GDPR);
• The Turkish Personal Data Protection Law No. 6698 (KVKK).

The Data Controller is:
Alexander Nikolaevich Metelkin
Email: Info@kestel.space
By using the Website and submitting a booking request, the user confirms their acceptance of this Policy.

2. Key Terms

• Personal Data means any information relating to an identified or identifiable natural person.
• Processing of Personal Data means any operation performed on Personal Data, including collection, storage, use, transfer, or erasure.
• User means any individual who visits the Website.

3. Personal Data We Collect
The Website collects only the minimum amount of data necessary.

3.1 Data Provided by the User
When submitting the booking form, the user may provide:

• Full name;
• Email address;
• Phone number;
• Intended dates of stay;
• Additional information in the comment section.

3.2 Technical Data
The following data may be collected automatically:

• IP address;
• Browser type;
• Browser language;
• Device type;
• Cookie data;
• Information about website pages visited.

4. Purposes of Personal Data Processing
Personal Data is used for the following purposes:

• Processing apartment booking requests;
• Communicating with the user;
• Clarifying booking details;
• Communication via email, phone, or messaging apps (e.g., WhatsApp or Telegram);
• Improving website functionality;
• Ensuring website security.

Online payment is not processed on the Website. Users' payment data is neither collected nor processed.

5. Legal Basis for Processing
The processing of Personal Data is carried out based on:

• The user's consent;
• The necessity of processing to respond to a user's request;
• The legitimate interests of the Data Controller.

By submitting a form on the Website, the user provides consent for the processing of their Personal Data.

6. Conditions for Data Processing and Storage
Personal Data is processed:

• Lawfully and fairly;
• Solely for the specified purposes;
• In adherence to the principle of data minimization.

Personal Data may be stored:

• On the servers of the hosting provider;
• In the Data Controller's email system;
• Within communication systems (email and messaging apps).

Data is retained no longer than necessary to fulfill the user's request.

7. Disclosure of Data to Third Parties
Personal Data may be disclosed to third parties only in the following cases:

• When necessary to process the user's request;
• When required by law;
• When using website infrastructure services.

Such services may include:

• Hosting provider;
• Analytics services;
• Email services;
• Messaging apps.

Data may be transferred to and processed in countries outside the user's country of residence.

8. International Data Transfer
As users may be located in different countries, Personal Data may be processed on servers situated in various jurisdictions. The Data Controller takes reasonable measures to protect data during such transfers.

9. Use of Cookies
The Website may use cookies for:

• Ensuring proper website functionality;
• Analyzing traffic;
• Enhancing user experience.

Users may disable cookies through their browser settings.

10. User Rights
The user has the right to:

• Obtain information about their Personal Data;
• Request rectification of their data;
• Request erasure of their data;
• Restrict the processing of their data;
• Withdraw consent to processing;
• Lodge a complaint with a supervisory authority.

To exercise these rights, the user may contact the Data Controller at: metialex@gmail.com

11. Data Security
The Data Controller implements necessary technical and organizational measures to protect Personal Data, including:

• Restricting access to data;
• Securing servers;
• Using secure data transfer protocols.

However, the transmission of information over the internet cannot guarantee absolute security.

12. Erasure of Personal Data
Personal Data is subject to erasure upon:

• Achievement of the processing purposes;
• The user's request;
• Withdrawal of consent for data processing.

13. Links to Third-Party Websites
The Website may contain links to external resources. The Data Controller assumes no responsibility for the privacy practices of such websites.

13.1. Use of Google Maps
The Website may utilize the Google Maps service provided by Google LLC. When a page containing a map is loaded, Google may process users' technical data, including IP addresses and cookie data. The use of Google Maps is governed by Google's Privacy Policy available at: https://policies.google.com/privacy

14. Changes to the Policy
The Data Controller reserves the right to make changes to this Policy. The current version is always available at: https://kestel.space/policy

15. Contact Information
Data Controller:
Alexander Nikolaevich Metelkin
Email: Info@kestel.space
Website: https://kestel.space/