Privacy Policy

Privacy Policy

1. General Provisions

1.1. This policy of Aqtra Platform LLC regarding personal data (hereinafter referred to as the "Policy") is approved on the basis of the Georgian law on personal data and international legislation on personal data and applies to all information, including personal data within the meaning of the law applicable to Aqtra Platform LLC (hereinafter referred to as "Operator") may receive personal data from the subject (hereinafter referred to as "User" and/or “Customer”) in the process of using the website located on the Internet: market.aqtra.io, as well as in the process of performing any agreement and contract concluded by "Aqtra Platform" LLC, as well as using the site Based on the agreement between the operator and the customer.

1.2. The policy applies to personal data received before and after approval of this policy.

1.3. This policy is a public document that states the conceptual basis of the operator's activity in the processing and protection of personal data.

 2. Consent to the processing of personal data and their processing

 2.1 User, on the basis of this document, confirms that user is informed, with his/her consent, about the processing of his/her personal data, which user provides to operator when user uses operator’s Internet platforms and various services based on operator’s activities, including by filling in forms on operator’s website or otherwise providing his/her personal information. By providing data to operator, user confirm’s and declare’s operator’s consent to the processing of the personal data.

2.2 Please note that the personal data provided by user is processed by "Aqtra Platform" LLC, address: Georgia, Tbilisi City, Didube-Chugureti District, N200 Tsinamdzgvrishvili St.; Georgia, Tbilisi City, Vake-Saburtalo District, University St. N24 Identification number: 404639334 (hereinafter "Company").

2.3 By consenting to the processing of personal data, user confirm’s and declare’s that the personal data, including first and last name, legal entity name, organization name, address, e-mail address, telephone number, mobile number, bank card details, bank Account details and/or other types of personal information may be processed for the following purpose(s):

• The user registration on the site;

• providing customer support;

• receiving information about marketing events by the user;

• fulfillment of obligations by the seller to the buyer;

• сonducting audits and other internal studies to improve the quality of services provided;

• in order to improve the quality of service and/or update it;

• for conducting research, surveys, including statistical research and for analytical purposes;

• for the purpose of safe and convenient functioning of users, as well as efficiency of information provision;

• in order to effectively fulfill the assignment(s), contract(s), agreement(s) and other obligations(s) received by the company, for the purpose and within the scope necessary for your interests and the obligations assumed by Company in the past.

*Please note that if you are filling in information on behalf of another person, for example another legal entity, an organization, this will be perceived by the Company as the relevant authorized representative and that you have the authority to give us all the necessary consent for us to process the personal data in this document for the purposes given.

 3. Terms of personal data processing and their transfer to third parties

3.1. Personal data is processed automatically by the operator of "Aqtra Platform" LLC without any additional access to them. If such access is required, then it may be provided only to those employees of Aqtra Platform LLC who need it to perform their tasks. To protect and maintain data privacy, all employees must follow internal rules and procedures for handling personal data. They must also follow all technical and organizational security measures to protect user’s personal data.

3.2 The seller undertakes not to transfer the received personal data to third parties, except in the following cases:

            3.2.1 with the user's consent;

            3.2.2 in the cases provided for/by the current legislation;

            3.2.3 In order to be in compliance with the applicable laws and their provisions, including, based on the court/arbitration/mediation process and/or the existing request and/or the existing request by the state body;

            3.2.4 at the request of the authorized state bodies of Georgia only on the grounds and manner established by the internal legislation of Georgia and international legislation and/or for the purpose of protecting the legitimate interests of individuals;

            3.2.5 Strategic partners who work with the seller to provide products and services, or those    who help the seller sell products and services to customers. We provide third parties with the minimum amount of personal data required only to provide the required service or complete the required transaction.

            3.2.6 In other cases, when it is necessary to disclose and transfer such information to third parties, in compliance with the requirements of the applicable laws.

            3.2.7 The Seller reserves the right to unilaterally make changes to these rules, provided that the changes do not conflict with the applicable legislation of Georgia. Changes to these rules will be effective upon posting on the site.

3.3. When processing the user's personal data, the operator is guided by the Law of Georgia "On Protection of Personal Data", in accordance with the requirements of Georgian legislation, compliance with the requirements of international legislation in the field of processing and protection of personal data and this policy.

 4. Duration of personal data processing and storage

4.1 Operator will retain user’s personal data and process it for the purposes set out in this document for as long as is necessary to carry out the activities set out in this document, or for as long as otherwise notified to user, or for as long as is permitted by applicable law of Georgia. For example, operator may retain user’s personal data if it is necessary for the purposes of any legal obligation, legal request, dispute, court/arbitration/mediation process.

4.2 Unless otherwise provided by the current legislation, the maximum period of storage of personal data is 3 (three) years, from the moment of user receipt and initial processing. After the expiration of 3 (three) years, such personal data will be deleted or otherwise destroyed.

 5. Rights of the subject (user) of personal data

5.1. The user has the right to receive information about the processing of his personal data, including information that includes:

            5.1.1. Confirmation of the fact of personal data processing by the operator.

            5.1.2. Legal basis and purposes of personal data processing.

            5.1.3. Methods of personal data processing used by the operator.

            5.1.4. The name and location of the operator, information about the persons (excluding the operator's employees) who have access to personal data or to whom personal data may be disclosed based on the agreement with the operator or on the basis of the Law of Georgia "On Personal Data Protection".

            5.1.5. Terms of processing of personal data, including the terms of their storage. 

            5.1.6. The procedure for the exercise of the rights provided by the Law of Georgia "On Protection of Personal Data" by the subject of personal data.

5.2. Information regarding the processing of personal data of the subject of personal data provided to the subject of personal data shall not include personal data relating to other subjects of personal data, unless there is a legal basis for the disclosure of such personal data.

5.3 The personal data requested about the user shall be provided to the user and/or his/her legal representative in compliance with the procedures stipulated by the current version of the Law of Georgia "On Protection of Personal Data".

5.4. The subject of personal data has the right to request the operator to clarify, block or destroy his personal data if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the specified purpose of processing, as well. User’s may to ask operator to take legal measures to protect their rights.

 6. Information on personal data protection requirements

6.1. The most important condition for the implementation of the objectives of the operator's activities is to ensure the necessary and sufficient level of security of personal data information systems, the confidentiality, integrity and availability of processed personal data and generally the security of data carriers containing personal data., also stages of working with them.

6.2. The conditions created by the operator and the mode of protection of information classified as personal data make it possible to ensure the protection of processed personal data.

6.3. The operator, in accordance with the current legislation of Georgia, has developed and implemented a set of organizational, administrative, functional and planning documents that regulate and ensure the security of processed personal data.

6.4. A safety regime for the processing and processing of personal data has been introduced, as well as a regime for the protection of premises in which personal data carriers are processed and stored.

6.5. A person responsible for organizing personal data processing, personal data information system administrators and a personal data information system security administrator were appointed, they defined responsibilities and developed instructions for ensuring information security.

6.6. The circle of persons with the right to process personal data were defined, instructions were developed for users on working with personal data, anti-virus protection and actions in crisis situations.

6.7. The requirements for personnel, the degree of responsibility of employees to ensure the safety of personal data are established.

6.8. The employees involved in the processing of personal data have familiarized themselves with the provisions of the legislation of Georgia on ensuring the security of personal data. Data and personal data protection requirements, documents defining the policy of the operator of personal data processing, local acts on personal data processing. These employees are periodically trained on the rules of personal data processing.

6.9. Necessary and sufficient technical measures are taken to ensure the security of personal data against accidental or unauthorized access, destruction, modification, access blocking and other unauthorized actions:

            6.9.1. An access control system was introduced.

            6.9.2. Protection against unauthorized access to workstations, information networks and  personal databases has been created.

            6.9.3. Anti-malware and anti-mathematical influences are installed.

            6.9.4. Backups of information and databases are made regularly.

            6.9.5. Information is transmitted through public networks using cryptographic information protection means.

6.10. A system of control over the procedure of personal data processing and ensuring their security was organized. Planned inspection of the compliance of the personal data protection system, audit of the level of protection of personal data in information systems of personal data, operation of information protection means, identification of changes in the mode of processing and protection of personal data also were organized.

 7. Changes to Privacy Policy

We reserve the right to change this Privacy Policy at any time. Any changes to the Privacy Policy will be posted immediately on the Privacy Policy page and in other places we believe will keep you informed about what information we collect, how we use it, and when we disclose it (where required by law). In addition, you will be notified of any significant changes to the Privacy Policy by email or by posting an appropriate notice on our home page. It is your responsibility to check the Privacy Policy periodically.

 8. Legislation

This document is regulated and interpreted based on the current legislation of Georgia, including the Law of Georgia on Personal Data Protection, taking into account the international legislation on Personal Data Processing and Protection.

 9. Communication

If you have any questions, comments or requests regarding this document or arising from it, please contact us at the following address: info@aqtra.io