Legal Documents & Policies

This Personal Data Processing Policy, together with the User Agreement and its other integral parts, is made in accordance with the requirements of the Law of April 14, 2008, No. 58 “On Personal Information” and defines the personal data processing procedures and measures to ensure the security of personal data carried out by the Service. The Service makes the most important goal and condition of its activities the observance of the rights and freedoms of an individual and a citizen during the processing of their personal data, including the protection of the rights to privacy, personal and family secrets. This policy of the Service regarding the processing of personal data (hereinafter - Policy) applies to all information that the Service can receive about the visitors of the website alfabit.org.

The AlfaBit Service and its Affiliates are committed to doing their best to protect the privacy of Users. AlfaBit uses the information collected about Users to fulfill its contractual obligations and improve customer service.

Please read this document carefully. The purpose of this Privacy Policy is to explain to the visitors of this website how and for what purpose AlfaBit collects, stores, protects and uses the personal information of its Users.

Basic concepts and terms used in this policy

Personal Data - any information related to a directly or indirectly identified or identifiable individual (subject of personal data);

- Operator - a legal entity that alone or jointly with others organizes and/or conducts the processing of personal data for the Alfabit service, the composition of personal data to be processed, actions performed with personal data;
- Processing of personal data - any action or set of actions performed with or without the use of automation with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, removal, destruction of personal data;
- Website means a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address alfabit.org;
- Automated system of personal data collection is a complex of tools designed for processing of personal data by means of computer equipment;
- Dissemination of personal data - actions aimed at disclosure of personal data to an indefinite range of persons;
- Blocking of personal data - temporary termination of processing of personal data (except in cases where the processing is necessary to clarify personal data);
- Information system of personal data - a set of personal data contained in databases of personal data and information technologies and technical means ensuring its processing;
- Disclosure of personal data - actions, as a result of which it is impossible to determine, without the use of additional information, whether the personal data belongs to a particular User or another subject of personal data;
- Provision of personal data - actions aimed at disclosure of personal data to a certain person or a certain circle of persons;
- Dissemination of personal data - any action aimed at disclosure of personal data to an indefinite range of persons (transfer of personal data) or to familiarize with personal data to an unlimited range of persons, including the publication of personal data in the media, placing in information and telecommunications networks or provide access to personal data in any other way;
- Trans-border transfer of personal data - transfer of personal data to a foreign country to a foreign authority, a foreign individual or a foreign legal entity;
- Destruction of personal data - any actions, as a result of which personal data is destroyed irretrievably with impossibility of further restoration of personal data content in the information system of personal data and (or) as a result of which tangible carriers of personal data are destroyed.

General Provisions

The most important condition for realizing the objectives of the Service (hereinafter - the Service) is to ensure the necessary and sufficient level of information security of the assets, which include personal data and the processes by which they are processed.

Ensuring the security of personal data is one of the Service's priorities.

The Service appreciates the relationship with its current and potential Users (hereinafter - the Users) and visitors of Internet resources of the Service, and understands the importance of security and confidentiality in respect of their personal data.

By agreeing to the terms and conditions of the User Agreement and/or using the Service, the User thereby gives the Service their full consent to the collection, storage, protection and use of their personal data in accordance with this Privacy Policy, including the receipt of newsletters, including those of an advertising nature.

In case of disagreement with this Privacy Policy the use of services of the Service should be terminated.

The Service assumes that the User who initiates an appeal to the online resources of the Service:

Uses the Service's Internet resources on his or her own behalf and provides accurate personal information where appropriate;

- Determines and controls the settings of the software it uses;
- Has the opportunity to read this Privacy Policy by clicking on the hypertext link "Privacy Policy" on the Service Internet resource.

The concept and composition of personal data

Information constituting personal data is any information relating to, directly or indirectly identified or defined by an individual (the subject of the personal data).

Personal data includes - personal information, which is specified by the Client when placing (entering) their personal data, documents (copies of documents, including in electronic form) when filling out electronic forms on the Internet resources of the Company, as well as written requests to the Company, requests via online chat form on the Company's Internet resources, etc.

Such information also includes, but is not limited to:

Full name;

- Cell phone number;
- E-mail address;
- Home address;
- Mailing address;
- Details of the identity document and the data contained therein;
- Bank account details and details of the bank account agreement;
- Photo and video images of the client;
- And/or other data.

Documents necessary to identify the User:
- Details of the identity document and the data contained therein;
- Wallet addresses from which funds were sent;
- utility bill and/or bank statement or constituent documents of the legal entity;
- Standard data, automatically received by http-server when accessing Internet resources of the Service (ip-address of the host, the address of the requested resource, time, type and information about the viewer that sent the resource request, the user's operating system, the address of the page from which the transition to the requested resource was made);
- Information automatically obtained when accessing the Company's Internet resources (cookies).

Purposes of processing of personal data

Service carries out processing of personal data in the following cases:

For identification of the User;

- In order to implement protective measures against fraud and other unlawful activities;
- For operative informing about news, about the expansion of the list of the Services, promotions and advertising proposals of the Service, as well as for consultation of the Users on a wide range of issues;
- Informing about promotional and/or marketing actions, surveys, questionnaires, marketing researches regarding the services provided by the Service and/or persons for whose benefit the Service acts;
- In order to maintain a correct registration database of Users;
- In order to analyze statistical data on the use of Internet resources of the Service, their performance and efficiency in order to offer the Users products and services of higher quality.

Principles of processing, storage and protection of personal data

Processing of personal data by the Service is based on the principles:

Legality and fairness of the purposes and methods of personal data processing;

- Compliance of the purpose of processing of personal data to the predetermined and stated at the time of collection of personal data, as well as the authority of the Service;
- Compliance of the amount and nature of processed personal data, methods of processing personal data to the purpose of personal data processing;
- Reliability of personal data, its sufficiency for processing purposes, inadmissibility of processing of personal data, redundant in relation to the purposes stated in the collection of personal data;
- Inadmissibility of combining databases containing personal data, established for incompatible purposes;
- Personal data shall be stored in a form enabling identification of the personal data subject, for no longer than required by the purposes of personal data processing, unless the storage period of personal data is established by law, contract, which party, beneficiary or recipient, under which the personal data subject is;
- Destruction upon attainment of the processing of personal data or in case of loss of necessity in their attainment, unless otherwise provided by law.
- The Service carries out processing of personal data with the use of means of automation, including the use of information technologies and technical means, including computer equipment, information and technical complexes and networks, means and systems of transfer, reception and processing of personal data, software (operating systems, database management systems, etc.), information protection means used in information systems, as well as without use of means of automation.
- The Service may transfer personal data on the subject of personal data to subsidiaries/affiliates, banks, agents of the Service, including payment agents, or other trusted organizations and persons (hereinafter - the Trustees) only for the purpose of processing orders created by the User. The Service guarantees that the Authorized Persons will comply with this Policy and that they will take the necessary measures to protect the confidential information of their Users. The Service has the right to provide confidential information about the User's personal information to third parties who are not the Trusted Parties only in case of an official request from administrative and/or judicial authorities.
- The Service undertakes not to provide access to the personal data of Users to anyone other than employees, agents, partners of the Service insofar as it is required for business, including, but not limited to, banking and credit relations. The Company guarantees the observance of this Privacy Policy by the specified persons, including taking adequate measures to store and protect personal data of Users.
- Service doesn't place the personal data of the subject of personal data in public sources without his preliminary consent.
- The Service has the right to disclose the personal data of Users to federal or state regulatory and law enforcement bodies, in the jurisdiction of which the Service is located, in response to relevant legally issued requests for such information, as well as the right to disclose information about the User in response to court orders or summons to appear in court.
- The Company takes all necessary organizational and technical measures to ensure the security of personal data from accidental or unauthorized access, modification, disclosure or destruction, block access and other unauthorized actions. These measures include, in particular, internal reviews of data collection, storage and processing processes and security measures, including appropriate encryption and physical security measures to prevent unauthorized access to the storage of personal data.

Links to third-party Internet resources

The Service's Internet resources may contain hypertext links to other (unaffiliated) companies' Internet resources. When going to another online resource by any of these links, the User leaves the Service's online resource. Service does not manage the Internet resources of other companies and has no control over their privacy practices, which may differ from those adopted by the Service. The personal data which the User will inform other companies, does not fall under the scope of this Privacy Policy. The Service recommends that you familiarize yourself with the privacy policies of other companies before submitting your personal information to them.

Correspondence sent to the Service

All correspondence sent by the Users or visitors of Internet resources of the Service to the latter (letters in the usual or electronic form, comments on the materials of the Service, etc.), is perceived as information of restricted access and can be published only with the written consent of the sender. The address, phone number and other personal information of the sender cannot be used without his/her express consent other than to respond to the subject of the received correspondence.

Cookies

By registering on the website of the Service and using its services without registration, in accordance with this Policy, the User:

Gives consent to the use of his personal data, as well as their processing: collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, removal, destruction of any information relating directly or indirectly to the User, its transactions and payments.

- Is aware that the processing of personal data will be carried out by the Service in the interest of the User and for the purpose of providing/providing any advice (explanations) to the User and/or for the purpose of offering the User the services provided by the Service and/or services provided by persons for whose benefit the Service acts, and/or for the purposes of polls, surveys, advertising and marketing research in relation to the services provided by the Service and/or persons for whose benefit the Service acts, as well as for informing about the ongoing.
- The User confirms that he is duly acquainted with the purpose of the processing of his personal data.
- The User confirms that he is notified that the processing of personal data is carried out by the Service by any means, including both with the use of automation (including software) and without the use of automation (using various tangible media, including paper media).
- The User acknowledges that the processing of personal data may be carried out as the Service, and other persons who have entered into an agreement with the Service of confidentiality and responsibility for disclosure of personal data.

This right (consent) is valid for 10 years and may be revoked by sending a written notice to the Service. This consent is considered withdrawn after 30 (thirty) days from the date of receipt by the Service of a written notice of withdrawal of this consent. The day of receipt of the notice is not included in the thirty-day period.

Final Provisions

This Privacy Policy is a publicly available and accessible document. The current version is available online at the Service's website.

The Service reserves the right to change this Privacy Policy by giving notice on the page located at this address. Changes made to the Privacy Policy will be published on this page. In case of significant changes, the Service will notify Users in a more explicit way (e.g., through an email newsletter).

This Policy is subject to change, amendment in the case of changes in existing legislation and the emergence of new legislative acts, and special regulatory documents on the processing and protection of personal data.

Licenses and registrations

The AlfaBit service currently has the following regulatory licenses, registrations, permits and approvals:

Kyrgyz division of the AlfaBit Fintech service (registration number 226492-3301-LLC), registered as a Limited Liability Company with the Ministry of Justice of the Kyrgyz Republic

Confidentiality agreement