Privacy Policy
Privacy Policy
1. General Provisions
1.1. This policy of Aqtra Platform LLC regarding personal data (hereinafter referred to as the "Policy") is approved on the basis of the Georgian law on personal data and international legislation on personal data and applies to all information, including personal data within the meaning of the law applicable to Aqtra Platform LLC (hereinafter referred to as "Operator") may receive personal data from the subject (hereinafter referred to as "User" and/or “Customer”) in the process of using the website located on the Internet: market.aqtra.io, as well as in the process of performing any agreement and contract concluded by "Aqtra Platform" LLC, as well as using the site Based on the agreement between the operator and the customer.
1.2.
The policy applies to personal data received before and after approval of this
policy.
1.3.
This policy is a public document that states the conceptual basis of the
operator's activity in the processing and protection of personal data.
2. Consent to the processing of personal data and their processing
2.1 User, on the basis of this document, confirms that user is informed, with his/her consent, about the processing of his/her personal data, which user provides to operator when user uses operator’s Internet platforms and various services based on operator’s activities, including by filling in forms on operator’s website or otherwise providing his/her personal information. By providing data to operator, user confirm’s and declare’s operator’s consent to the processing of the personal data.
2.2
Please note that the personal data provided by user is processed by "Aqtra
Platform" LLC, address: Georgia, Tbilisi City, Didube-Chugureti District,
N200 Tsinamdzgvrishvili St.; Georgia, Tbilisi City, Vake-Saburtalo District,
University St. N24 Identification number: 404639334 (hereinafter
"Company").
2.3 By
consenting to the processing of personal data, user confirm’s and declare’s that
the personal data, including first and last name, legal entity name,
organization name, address, e-mail address, telephone number, mobile number,
bank card details, bank Account details and/or other types of personal
information may be processed for the following purpose(s):
• The
user registration on the site;
•
providing customer support;
•
receiving information about marketing events by the user;
•
fulfillment of obligations by the seller to the buyer;
• сonducting audits and other internal studies to improve the quality of services
provided;
•
in order to improve the quality of service and/or update it;
•
for conducting research, surveys, including statistical research and for
analytical purposes;
•
for the purpose of safe and convenient functioning of users, as well as
efficiency of information provision;
• in
order to effectively fulfill the assignment(s), contract(s), agreement(s) and
other obligations(s) received by the company, for the purpose and within the
scope necessary for your interests and the obligations assumed by Company in
the past.
*Please
note that if you are filling in information on behalf of another person, for example
another legal entity, an organization, this will be perceived by the Company as
the relevant authorized representative and that you have the authority to give
us all the necessary consent for us to process the personal data in this
document for the purposes given.
3. Terms of personal data processing and their transfer to third parties
3.1.
Personal data is processed automatically by the operator of "Aqtra
Platform" LLC without any additional access to them. If such access is
required, then it may be provided only to those employees of Aqtra Platform LLC
who need it to perform their tasks. To protect and maintain data privacy, all
employees must follow internal rules and procedures for handling personal data.
They must also follow all technical and organizational security measures to
protect user’s personal data.
3.2 The seller undertakes
not to transfer the received personal data to third parties, except in the
following cases:
3.2.1 with the user's consent;
3.2.2 in the cases provided for/by
the current legislation;
3.2.3 In order to be in compliance
with the applicable laws and their provisions, including, based on the
court/arbitration/mediation process and/or the existing request and/or the existing request by the state body;
3.2.4 at the request of the
authorized state bodies of Georgia only on the grounds and manner established by the internal
legislation of Georgia and international legislation and/or for the purpose of protecting the legitimate
interests of individuals;
3.2.5 Strategic partners who work
with the seller to provide products and services, or those who help the seller sell products and
services to customers. We provide third parties with the minimum amount of personal data
required only to provide the required service or complete the required transaction.
3.2.6 In other cases, when it is
necessary to disclose and transfer such information to third parties, in compliance with the requirements
of the applicable laws.
3.2.7
The Seller reserves the right to unilaterally make changes
to these rules, provided that the changes do not
conflict with the applicable legislation of Georgia. Changes to these rules will
be effective upon posting on the site.
3.3.
When processing the user's personal data, the operator is guided by the Law of
Georgia "On Protection of Personal Data", in accordance with the
requirements of Georgian legislation, compliance with the requirements of
international legislation in the field of processing and protection of personal
data and this policy.
4. Duration of personal data processing and storage
4.1
Operator will retain user’s personal data and process it for the purposes set
out in this document for as long as is necessary to carry out the activities
set out in this document, or for as long as otherwise notified to user, or for
as long as is permitted by applicable law of Georgia. For example, operator may
retain user’s personal data if it is necessary for the purposes of any legal
obligation, legal request, dispute, court/arbitration/mediation process.
4.2
Unless otherwise provided by the current legislation, the maximum period of
storage of personal data is 3 (three) years, from the moment of user receipt
and initial processing. After the expiration of 3 (three) years, such personal
data will be deleted or otherwise destroyed.
5. Rights of the subject (user) of personal data
5.1.
The user has the right to receive information about the processing of his
personal data, including information that includes:
5.1.1. Confirmation of the fact of
personal data processing by the operator.
5.1.2. Legal basis and purposes of
personal data processing.
5.1.3. Methods of personal data
processing used by the operator.
5.1.4. The name and location of the
operator, information about the persons (excluding the operator's employees) who have access to personal data or to
whom personal data may be disclosed
based on the agreement with the operator or on the basis of the Law of Georgia
"On Personal Data Protection".
5.1.5. Terms of processing of personal data, including the terms of their storage.
5.1.6. The procedure for the
exercise of the rights provided by the Law of Georgia "On Protection of Personal Data" by
the subject of personal data.
5.2.
Information regarding the processing of personal data of the subject of
personal data provided to the subject of personal data shall not include
personal data relating to other subjects of personal data, unless there is a
legal basis for the disclosure of such personal data.
5.3
The personal data requested about the user shall be provided to the user and/or
his/her legal representative in compliance with the procedures stipulated by
the current version of the Law of Georgia "On Protection of Personal
Data".
5.4.
The subject of personal data has the right to request the operator to clarify,
block or destroy his personal data if the personal data is incomplete,
outdated, inaccurate, illegally obtained or not necessary for the specified
purpose of processing, as well. User’s may to ask operator to take legal
measures to protect their rights.
6. Information on personal data protection requirements
6.1.
The most important condition for the implementation of the objectives of the
operator's activities is to ensure the necessary and sufficient level of
security of personal data information systems, the confidentiality, integrity
and availability of processed personal data and generally the security of data
carriers containing personal data., also stages of working with them.
6.2.
The conditions created by the operator and the mode of protection of
information classified as personal data make it possible to ensure the
protection of processed personal data.
6.3.
The operator, in accordance with the current legislation of Georgia, has
developed and implemented a set of organizational, administrative, functional
and planning documents that regulate and ensure the security of processed
personal data.
6.4. A
safety regime for the processing and processing of personal data has been
introduced, as well as a regime for the protection of premises in which
personal data carriers are processed and stored.
6.5. A
person responsible for organizing personal data processing, personal data
information system administrators and a personal data information system
security administrator were appointed, they defined responsibilities and
developed instructions for ensuring information security.
6.6.
The circle of persons with the right to process personal data were defined,
instructions were developed for users on working with personal data, anti-virus
protection and actions in crisis situations.
6.7.
The requirements for personnel, the degree of responsibility of employees to
ensure the safety of personal data are established.
6.8.
The employees involved in the processing of personal data have familiarized
themselves with the provisions of the legislation of Georgia on ensuring the
security of personal data. Data and personal data protection requirements,
documents defining the policy of the operator of personal data processing,
local acts on personal data processing. These employees are periodically
trained on the rules of personal data processing.
6.9.
Necessary and sufficient technical measures are taken to ensure the security of
personal data against accidental or unauthorized access, destruction,
modification, access blocking and other unauthorized actions:
6.9.1. An access control system was
introduced.
6.9.2. Protection against
unauthorized access to workstations, information networks and personal databases has been created.
6.9.3. Anti-malware and
anti-mathematical influences are installed.
6.9.4. Backups of information and
databases are made regularly.
6.9.5. Information is transmitted
through public networks using cryptographic information protection means.
6.10.
A system of control over the procedure of personal data processing and ensuring
their security was organized. Planned inspection of the compliance of the
personal data protection system, audit of the level of protection of personal
data in information systems of personal data, operation of information
protection means, identification of changes in the mode of processing and
protection of personal data also were organized.
7. Changes to Privacy Policy
We
reserve the right to change this Privacy Policy at any time. Any changes to the
Privacy Policy will be posted immediately on the Privacy Policy page and in
other places we believe will keep you informed about what information we
collect, how we use it, and when we disclose it (where required by law). In
addition, you will be notified of any significant changes to the Privacy Policy
by email or by posting an appropriate notice on our home page. It is your
responsibility to check the Privacy Policy periodically.
8. Legislation
This
document is regulated and interpreted based on the current legislation of
Georgia, including the Law of Georgia on Personal Data Protection, taking into account the international
legislation on Personal Data Processing and Protection.
9. Communication
If you
have any questions, comments or requests regarding this document or arising
from it, please contact us at the following address: info@aqtra.io