The Privacy policy – Techno Women

GENERAL PROVISIONS

1.1. This Privacy Policy regarding the processing of personal data has been developed in accordance with the Law of the Republic of Kazakhstan dated May 21, 2013 No. 94-V “On Personal Data and their Protection” (hereinafter – the Law) and defines the procedure for processing personal data of users of an Internet resource located on the Internet at http://technowomen.kz /, conditions and the principles of personal data processing, the rights of users, information about the measures being implemented to protect the personal data being processed.

1.2. This Privacy Policy applies to all personal data that the Non–profit Organization TechnoWomen (hereinafter referred to as the Organization) receives from users of the Internet resource.

1.3. In case of disagreement with the terms of the Privacy Policy, the user must immediately stop any use of the Internet resource.

TERMS AND DEFINITIONS

2.1. The following terms are used in the Privacy Policy:

1) personal data – information related to a certain or determined on the basis of personal data subject, recorded on electronic, paper and (or) other material media;

2) the subject of personal data is an individual to whom personal data relate;

3) a third party is a person who is not a subject, owner and/or operator, but is associated with them (him) by circumstances or legal relations for the collection, processing and protection of personal data;

4) the user is a visitor to an Internet resource, the subject of personal data;

5) user’s account – a set of protected pages of an Internet resource created as a result of user registration and available when entering authentication data (password, login);

6) provision of personal data – actions aimed at disclosing personal data to a certain person or a certain circle of persons;

7) blocking of personal data – actions to temporarily stop the collection, accumulation, modification, addition, use, dissemination, depersonalization and destruction of personal data;

8) accumulation of personal data – actions to systematize personal data by entering them into a database containing personal data;

9) collection of personal data – actions aimed at obtaining personal data;

10) destruction of personal data – actions, as a result of which it is impossible to restore personal data;

11) depersonalization of personal data – actions, as a result of which it is impossible to determine the identity of personal data to the subject of personal data;

12) personal data base – a set of ordered personal data;

13) the owner and operator of the personal data database is an Organization that collects, processes and protects personal data;

14) protection of personal data – a set of measures, including legal, organizational and technical, carried out for the purposes established by the legislation of the Republic of Kazakhstan;

15) processing of personal data – actions aimed at accumulation, storage, modification, addition, use, dissemination, depersonalization, blocking and destruction of personal data;

16) use of personal data – actions with personal data aimed at realizing the goals of the owner, operator and a third party;

17) storage of personal data – actions to ensure the integrity, confidentiality and accessibility of personal data;

18) dissemination of personal data – actions that result in the transfer of personal data, including through the media or providing access to personal data in any other way;

19) Internet resource – information (in text, graphic, audiovisual or other form) placed on a hardware and software complex having a unique network address and (or) domain name and functioning on the Internet.

LEGAL GROUNDS AND PURPOSES OF PERSONAL DATA PROCESSING

3.1. The legal grounds for processing personal data are:

The Civil Code of the Republic of Kazakhstan;

Law of the Republic of Kazakhstan dated May 21, 2013 No. 94-V “On Personal data and their protection”;

Law of the Republic of Kazakhstan dated November 24, 2015 No. 418-V “On Informatization”;

Other applicable legal acts;

Internal regulatory documents of the Organization;

The user’s consent to the processing of personal data.

3.2. The Organization processes the user’s personal data exclusively for the following purposes:

3.2.1. registration and identification of the user on the Internet resource, providing the user with the opportunity to fully use the Internet resource;

3.2.2. displaying the user profile for other users of the Internet resource;

3.2.3. establishing and maintaining communication between the user and the Organization, advising on the provision of services to the Organization;

3.2.4. sending newsletters about the Organization’s services to the user;

3.2.5. improving the quality of user service and upgrading the Internet resource by processing requests and requests from the user;

3.2.6. statistical and other research based on depersonalized information provided by users.

CONDITIONS AND PROCEDURE FOR GRANTING CONSENT TO THE PROCESSING OF PERSONAL DATA

4.1. The Organization does not verify the personal data provided by the user. In this regard, the Organization assumes that when providing personal data on an Internet resource, the user:

4.1.1. is a legally capable person. In case of incapacity of the person using the Internet resource, consent to the processing of personal data is provided by the legal representative of the user, who has read and accepted the conditions for processing personal data specified in this Privacy Policy;

4.1.2. indicates reliable information about himself or about the represented incapacitated person (clause 4.1.1) in the amounts necessary to use the Internet resource. The user independently maintains the provided personal data up to date;

4.1.3. is aware that the information on the Internet resource posted by the user about himself and the company may become available to other users of the Internet resource, may be copied and distributed by such users in cases provided for by the Privacy Policy.

4.2. The User accepts the terms of this Privacy Policy and gives the Organization informed and informed consent to the processing of his personal data on the terms provided for by the Privacy Policy and the legislation of the Republic of Kazakhstan:

4.2.1. when registering and identifying on an Internet resource – for personal data that the user provides to the Organization, the user is considered to have given consent to the processing of his personal data at the time of clicking the “Register” button;

4.2.2. when entering or changing data, when editing or supplementing information in the “Company Data” section. The specified personal data may be used to fulfill the Organization’s obligations under the user agreement and service agreements. The user is considered to have given consent to the processing of their newly entered or modified personal data at the time of completion of their editing. After filling in any of the columns specified in the “Company Data” section, personal data is updated automatically;

4.2.3. for any use of the Internet resource – for personal data that is automatically transmitted during the use of the Internet resource using the software installed on the user’s device. the user is considered to have given consent to the processing of his personal data at the time of the start of using the Internet resource.

4.3. By performing the actions specified in clause 4.2 of this Privacy Policy, the User gives the Organization consent to the processing of relevant personal data, including collection, recording, systematization, accumulation, storage, updating, modification, use, distribution, provision to third parties, access, depersonalization, blocking, deletion, destruction of personal data using and without using automation tools in accordance with the purposes specified in Section 3 of this Privacy Policy.

4.4. The consent provided by the user in accordance with this Privacy Policy for the processing of personal data is valid from the date of such consent and for the period necessary to achieve the purposes of personal data processing or until the user withdraws the consent, unless otherwise provided by the legislation of the Republic of Kazakhstan.

4.5. The consent provided by the user, in accordance with this Privacy Policy, to the processing of personal data may be revoked by the user at any time. The User can revoke the consent previously provided to the Organization for the processing of personal data in one of the following ways:

by sending a corresponding application by mail to the address: Republic of Kazakhstan, Nur-Sultan city, 010000, Mangelik el Street 58, office 174;

by sending the relevant application in the form of an electronic document to the e-mail address aziza.astana@gmail.com

PERSONAL DATA PROCESSED BY THE ORGANIZATION

The processing of personal data of users is carried out as follows:

Registration on the Internet resource:

last name and first name;

phone number;

email address;

password;

place of work;

post;

bank card number;

BIN;

name of the organization;

description of the type of activity of the company;

user type (enterprise, IT company, research institute);

the legal address of the company;

the official Internet resource (if available).

PROCESSING OF PERSONAL DATA

6.1. The Organization processes personal data based on the following principles:

legality;

restrictions on the processing of personal data to achieve predetermined and legitimate goals;

preventing the processing of personal data incompatible with the purposes of their collection;

processing only those personal data that meet the purposes of their processing;

ensuring the accuracy, sufficiency and relevance of personal data;

destruction or depersonalization of personal data upon achievement of the purposes of their processing or in case of loss of the need to achieve these goals, receipt from users of a request for the destruction of personal data, receipt from the user of a revocation of consent to the processing of personal data.

6.2. The processing of the User’s personal data includes the following actions by the Organization: collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision to third parties, access), depersonalization, blocking, deletion, destruction.

6.3. The storage of personal data of users is carried out on electronic media. When processing personal data in order to fulfill obligations under agreements with users, the Organization has the right to extract personal data and store it on tangible media. The storage of such personal data is carried out during the period established by the legislation of the Republic of Kazakhstan. Personal data is stored (depending on which event comes first):

until the moment of their destruction, the Organization, in case of receipt from the user of a revocation of consent to the processing of personal data or a request for their destruction;

until the user’s consent expires.

PERSONAL DATA PROTECTION MEASURES

7.1. The Organization takes necessary and sufficient legal, organizational and technical measures to protect personal data provided by users from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. Such actions, in particular, include:

appointment of the person responsible for the processing of personal data;

application of organizational and technical measures to ensure the security of personal data during their processing;

monitoring the facts of unauthorized access to personal data and taking measures to prevent such incidents in the future;

control over the measures taken to ensure the security of personal data.

USER RIGHTS

8.1. The User decides to provide his personal data and consents to their processing freely, of his own free will and in his own interests. The User agrees to the processing of his personal data in accordance with the procedure provided for in this Privacy Policy.

8.2. The User has the right to receive information from the Organization regarding the processing of his personal data.

8.3. The User has the right to send to the Organization his requests and requirements regarding the use of his personal data, as well as revocation of consent to the processing of personal data in the manner specified in clause 4.5.

UPDATING, CORRECTION, DELETION AND DESTRUCTION OF PERSONAL DATA

9.1. The Organization undertakes to inform the user or his representative in accordance with the procedure provided for by the legislation of the Republic of Kazakhstan, information on the availability of personal data related to this user, as well as to provide an opportunity to familiarize with these personal data when contacting the user or his representative within 15 (fifteen) days from the date of receipt of the user’s request or his representative.

9.2. The Organization undertakes to provide, free of charge, the user or his representative with the opportunity to familiarize themselves with personal data related to this user.

9.3. Within a period not exceeding one business day from the date the user or his representative provides information confirming that personal data is incomplete, inaccurate or irrelevant, the Organization undertakes to make the necessary changes to them.

9.4. Within a period not exceeding one business day from the date of submission by the user or his representative of information confirming that such personal data is illegally obtained or is not necessary for the stated purpose of processing, the Organization undertakes to destroy such personal data. The Organization also undertakes to notify the user or his representative of the changes made and the measures taken and to take reasonable measures to notify third parties to whom the personal data of this user has been transferred.

9.5. In case of confirmation of the fact of inaccuracy of personal data, the Organization, on the basis of information provided by the user or his representative or the authorized body for the protection of the rights of personal data subjects or other necessary documents, undertakes to make appropriate adjustments to personal data.

9.6. The Organization undertakes to stop processing personal data:

in case of detection of unlawful processing of personal data carried out by an Organization or a person acting on behalf of the Organization, within a period not exceeding 3 (three) working days from the date of such detection;

if the user withdraws consent to the processing of his personal data;

if the purpose of processing personal data is achieved.

9.7. The Organization undertakes to destroy the user’s personal data or ensure their destruction within a period not exceeding 15 (fifteen) days from the date of achievement of the purpose of personal data processing.

9.8. If there is no possibility of destroying personal data within the specified period, the Organization blocks such personal data and ensures their destruction within a period of no more than 6 (six) months, unless another period is established by the legislation of the Republic of Kazakhstan.

POLICY CHANGE

10.1. The Organization reserves the right to make changes to the Privacy Policy. The User is obliged to familiarize himself with the text of this Privacy Policy at each new use of the Internet resource.

10.2. The new version of the Privacy Policy comes into force from the moment it is posted on the Internet resource. Continued use of the Internet resource or its services after the publication of a new version of the Policy means acceptance of the Policy and its terms by the user. In case of disagreement with the terms of the Privacy Policy, the user must immediately stop using the Internet resource and its services.