KIMEP logo

Privacy Policy

Last updated: October 15, 2024

General Provisions

This privacy policy is drafted in accordance with the law of the Republic of Kazakhstan dated May 21, 2013, No. 94-V “On Personal Data and Their Protection” and defines the procedure for processing personal data and measures to ensure their security undertaken by Olzhas Suleimenov (hereinafter referred to as "Operator").

The Operator makes it a priority to protect the rights and freedoms of individuals and citizens during the processing of personal data, including protecting their right to privacy, personal and family secrets.

This policy applies to all information that the Operator may obtain about visitors to the website https://agartu.space.

Definitions Used in the Policy

  • Automated processing of personal data: Processing using computer equipment.
  • Blocking personal data: Temporary termination of data processing, except when required for clarification.
  • Website: A collection of graphical, informational materials, and databases accessible via https://agartu.space.
  • Information system of personal data: A collection of personal data and their processing technologies.
  • Depersonalization of personal data: Actions that make it impossible to identify personal data without additional information.
  • Personal data processing: Any action or set of actions performed on personal data, including collection, storage, modification, use, and deletion.
  • Operator: A person or entity that organizes and/or performs personal data processing.
  • Personal data: Any information related to an identified or identifiable individual (User).
  • Public personal data: Data authorized for distribution by the individual through their consent.
  • User: Any visitor to the website https://agartu.space.
  • Cross-border transfer of personal data: Transfer of personal data to a foreign country.
  • Destruction of personal data: Actions resulting in the permanent destruction of personal data with no possibility of recovery.

Operator's Rights and Obligations

Operator’s Rights:

  • Receive truthful information and/or documents containing personal data from the data subject.
  • Continue processing personal data if the subject revokes consent, based on the provisions of the law.
  • Independently determine the necessary security measures to ensure compliance with the law.

Operator’s Obligations:

  • Provide the data subject with information about personal data processing upon request.
  • Organize the processing of personal data according to applicable law.
  • Respond to inquiries from data subjects and their legal representatives in accordance with the law.
  • Take legal, organizational, and technical measures to protect personal data from unauthorized access.

Data Subject Rights and Obligations

Data Subject Rights:

  • Receive information regarding their personal data processing.
  • Demand the correction or deletion of personal data that is inaccurate, incomplete, or outdated.
  • Withdraw consent for personal data processing at any time.
  • File complaints with the authorized body for data protection or take legal action regarding violations of their rights.

Data Subject Obligations:

  • Provide accurate and up-to-date personal data.
  • Inform the Operator of any changes to their personal data.

Principles of Personal Data Processing

Personal data processing must be conducted lawfully, and for the achievement of legitimate purposes. Combining databases that contain personal data, processed for incompatible purposes, is not allowed. The Operator ensures accuracy, adequacy, and relevance of personal data.

Purposes of Personal Data Processing

The purpose of processing personal data is to provide access to services, information, and/or materials on the website. This includes full name, email address, phone numbers, photos, resume, and professional competencies.

Conditions for Personal Data Processing

Personal data is processed with the consent of the individual, and in cases where necessary for fulfilling legal obligations. It may also be processed for public interest or legal protection purposes, without violating the rights and freedoms of the data subject.

Personal Data Security

The security of personal data processed by the Operator is ensured by legal, organizational, and technical measures that comply with the requirements of the law. Personal data will not be disclosed to third parties without the consent of the subject, except as required by law.

List of Actions with Personal Data

The Operator collects, records, systematizes, accumulates, stores, updates, extracts, uses, and transfers personal data for the purposes specified in this policy. This includes automated processing of personal data over telecommunication networks.

Cross-border Transfer of Personal Data

The Operator must notify the authorized body for data protection before transferring personal data across borders and obtain the necessary information from the foreign entities involved.

Confidentiality of Personal Data

Individuals who have access to personal data are prohibited from disclosing it to third parties without the consent of the data subject, unless otherwise required by law.

Final Provisions

The User may seek clarification on any issues related to the processing of their personal data by contacting the Operator via email at olzhas.sul@gmail.com. This policy is effective until replaced by a new version, and the current version is available on the website.