Personal Data Protection Policy

1. General provisions

1.1. This personal data processing Policy (hereinafter referred to as the Policy) has been developed in accordance with the Law of the Republic of Kazakhstan dated May 21, 2013 No. 94–V “On Personal Data and their Protection“ and defines the procedure for processing personal data and measures to ensure their security applied by Digital RUM (hereinafter referred to as the Operator).

1.2. The Operator considers the observance of human and civil rights and freedoms, including the right to privacy, personal and family secrets, to be the most important goal of its activities.

1.3. The Policy applies to all information that the Operator can receive about site visitors. cifrum.kz .

2. Basic concepts

2.1. Automated processing of personal data is the processing of data using computer technology.
2.2. Blocking of personal data is the temporary termination of data processing (except in cases when processing is necessary to clarify them).
2.3. Website – a set of graphic and informational materials, programs and databases available at cifrum.kz .
2.4. The personal data information system is a collection of data in databases and technologies that ensure their processing.
2.5. Depersonalization of personal data is an action in which it is impossible to determine whether the data belongs to a specific user without additional information.
2.6. Personal data processing – any actions with data, including collection, recording, systematization, storage, clarification, use, transfer, depersonalization, blocking, deletion or destruction.
2.7. The operator is a Digital RUM legal entity that organizes and processes personal data, determines the purposes and composition of the data.
2.8. Personal data – information related to the user of the website cifrum.kz .
2.9. The user is a site visitor
cifrum.kz 2.10. Provision of personal data – disclosure of data to a specific person or group of persons.
2.11. Dissemination of personal data – disclosure of data to an unspecified group of persons, including publication in the media or on the Internet.
2.12. Cross–border transfer of personal data is the transfer of data to a foreign country.
2.13. Destruction of personal data – actions that make data recovery impossible.

3. Personal data processed by the Operator

3.1. The operator can process:

Last name, first name, patronymic;

Email address;

Phone number;

Anonymous data about visitors (including cookies) collected through the services of Internet statistics (Yandex Metrika, Google Analytics, etc.).

3.2. The above data is hereinafter referred to as Personal Data.

4. Purposes of personal data processing

4.1. The main purpose is to inform the User by sending emails.
4.2. The Operator can notify the User about new products, services, promotions and events. The user can opt out of notifications by sending an email to info@cifrum.kz marked “Refusal of notifications about new products and services”.
4.3. Anonymized data is used to analyze User actions, improve the quality of the site and its content.

5. Legal grounds for processing

5.1. Personal data is processed only when the User fills out forms on the website. cifrum.kz . By filling out the forms, the User agrees to the Policy.
5.2. Depersonalized data is processed if it is allowed by the User’s browser settings (cookies and JavaScript files are enabled).

6. Personal data processing procedure

6.1. The Operator ensures data security by applying legal, organizational and technical measures in accordance with the law.
6.2. Personal data is not transferred to third parties, except in cases stipulated by law.
6.3. The User can update the data by sending a notification to info@cifrum.kz marked “Updating of personal data”.
6.4. The data processing period is unlimited. The user can revoke the consent by sending a notification to info@cifrum.kz marked “Withdrawal of consent to the processing of personal data”.

7. Cross-border transfer of personal data

7.1. Before the cross-border transfer, the Operator makes sure that the foreign state ensures the protection of the rights of data subjects.
7.2. Transfer to states that do not provide protection is possible only with the written consent of the User or for the performance of the contract.

8. Final provisions

8.1. The User can receive clarifications on data processing issues by contacting info@cifrum.kz .
8.2. The Policy can be updated, the current version is available at https://cifrum.kz/konfidenczialnost/
8.3. The Policy is valid indefinitely until it is replaced by a new version.