Personal-data processing policy
1. General provisions
This Personal-data processing policy (the «Policy») defines how personal data is processed by the Operator of the UZDATA service (the «Operator», «we») on uzdata.online (the «Service»), in accordance with applicable personal-data legislation.
Operator:
Administration of the UZDATA service.
Contact — via the contact form on the website.
2. Categories of data subjects
- Visitors of uzdata.online;
- Registered users of the Service;
- Payers for paid plans and services;
- Persons who submitted requests via feedback forms or e-mail.
3. Categories of personal data processed
The Operator processes the following categories of data:
- Identification data: surname, first name, patronymic;
- Contact data: e-mail, phone number;
- User's company data: name, TIN, employee's position;
- Technical data: IP address, browser and device type, operating system, pages visited, session identifiers (cookies);
- Payment information: the fact and amount of payment, order identifier. The Operator does not receive or store the bank-card number, CVV/CVC code or expiry date — they are entered on the side of the acquiring bank.
4. Purposes of processing
- User registration and authentication on the Service;
- Provision of services and performance of contractual obligations to the user;
- Processing of payments and refunds;
- Informing about order status, Service changes and replies to requests;
- Improving the Service's quality, statistics and traffic analytics;
- Compliance with statutory requirements (tax and accounting records).
5. Legal grounds for processing
- Consent of the data subject, given by registering on the Service or submitting data via the website forms;
- Performance of a contract to which the subject is a party — the public offer;
- Fulfilment of obligations imposed by applicable law.
6. Methods of processing
Processing is carried out both with and without automation and includes: collection, recording, systematisation, accumulation, storage, clarification, retrieval, use, transfer (provision), anonymisation, blocking, deletion and destruction.
7. Transfer of personal data to third parties
The Operator does not sell or transfer personal data to third parties, except:
- Transfer to the acquiring bank to the extent necessary to process a payment;
- Transfer to organisations providing services to the Operator (hosting, e-mail delivery, accounting) under confidentiality terms;
- Transfer at the request of authorised government bodies in cases provided for by law.
Cross-border transfer of personal data is not carried out.
8. Storage periods
- Registration and contact data — for the period of using the Service and for 3 years after account deletion;
- Payment information — 5 years (the storage period for primary accounting documents);
- Cookies and technical data — no more than 12 months;
- After these periods, data is anonymised or destroyed.
9. Protection measures
The Operator applies legal, organisational and technical protection measures:
- Encryption of data transfer over HTTPS / TLS;
- Access-rights segregation for employees handling personal data;
- Backups and data-integrity control;
- Appointment of a person responsible for personal-data processing;
- Regular review of organisational procedures and staff training.
10. Rights of the data subject
You have the right to:
- Obtain information about the fact of processing of your personal data;
- Request the clarification, blocking or destruction of your data if it is incomplete, outdated, inaccurate or no longer necessary for the purposes of processing;
- Withdraw consent to the processing of personal data;
- Appeal the Operator's actions to the competent authority or in court.
To exercise your rights, send a written request via the contact form on the website. A response is provided within 30 days.
11. Cookies
The Service uses cookies for correct interface operation, remembering settings and collecting anonymised visit statistics. You can disable cookies in your browser settings — in that case some Service functions may become unavailable.
12. Changes to the policy
The Operator may amend this Policy. The current revision is always available at https://uzdata.online/legal/privacy. Material changes are published with a notice on the Service's home page at least 7 days before they take effect.