Privacy Policy of Freedom Pay LLC Kyrgyzstan
2. This Policy is aimed at ensuring the protection of the rights and freedoms of the personal data subject when processing his/her personal data, and applies to all operations with personal data performed by the Holder/Processor, whether in automated mode or not.
3. Basic rights and obligations of personal data subjects:
1) Personal data subjects have the right:
- to receive full information about their personal data processed by the Holder/Processor;
- to access their personal data, including the right to receive a copy of any record containing their personal data, except for cases stipulated by the Law of the Kyrgyz Republic "On Personal Information";
- to clarify their personal data, block or destroy it if their personal data is incomplete, outdated, inaccurate, has been obtained illegally or is not necessary for the stated purpose of processing;
- to take measures provided by law to protect their rights, including enquiries about personal data to the authorized state body;
- to exercise other rights provided for by the laws of the Kyrgyz Republic.
2) Personal data subjects shall:
- provide the Holder/Processor only with reliable information about them;
- provide documents containing personal data to the extent necessary for the processing purposes;
- inform the Holder/Processor about clarification (updates, changes) of their personal data.
4. Basic rights and obligations of the Holder/Processor.
1) The Holder/Processor may:
- receive reliable information and/or documents containing personal data from the personal data subject;
- clarify the personal data provided by the subject.
2) The Holder/Processor shall:
- process personal data in the manner set by the Law of the Kyrgyz Republic "On Personal Information";
- review requests from the personal data subject on issues of personal data processing and provide responses within 7 days from the date of filing the application;
- provide the personal data subject with the opportunity to access his/her personal data free of charge;
- take measures to update personal data in connection with the request of the personal data subject;
- organize the protection of personal data in accordance with the requirements of the laws of the Kyrgyz Republic.
5. The Holder/Processor shall collect, use and protect the personal data provided by the personal data subject during any communication in accordance with this Policy and the laws of the Kyrgyz Republic.
2. The scope and categories of processed personal data; categories of personal data subjects.
6. The Holder/Processor processes personal data of the following personal data subjects:
- User
7. The personal data processed by the Holder/Processor include:
- full name
- date of birth
- photo
- address
- passport data (series, passport number, issuing authority and date of issue)
- cookies
- phone number
8. The Holder ensures that the content and the scope of the personal data processed correspond to the stated processing purposes and, if necessary, takes measures to eliminate its redundancy in relation to the stated processing purposes.
9. The Holder/Processor does not process/ processes in strict accordance with Article 8 of the Law of the Kyrgyz Republic “On Personal Information” the special categories of personal data that reveal racial or ethnic origin, nationality, political views, religious or philosophical beliefs, as well as those related to health and sexual life.
10. The lists of personal data and categories of personal data subjects may be revised by the Holder with the mandatory introduction of changes to this Policy and notification of personal data subjects by any available means (official website, announcement, push notification, emails, etc.)
3. Personal data collection purposes
11. Personal data shall be processed by the Holder/Processor for the following predetermined and legitimate purposes:
- informing the User by sending emails
- concluding, performing, and terminating civil contracts
- providing the User with access to services, information and/or materials available on the website
4. Legal grounds for personal data processing
12. The legal grounds for personal data processing by the Holder/Processor include:
- Constitution of the Kyrgyz Republic;
- Civil Code of the Kyrgyz Republic;
- Law of the Kyrgyz Republic "On Personal Information";
- constituent documents of the Holder/Processor;
- agreements concluded between the Holder/Processor and personal data subjects;
- consents of personal data subjects to the processing of personal data;
- Law on combating the financing of terrorism and legalization (laundering) of proceeds from crime
5. Personal Data Processing Procedure and Conditions
13. The Holder/Processor shall process personal data in the following manners:
- Mixed
14. The personal data processing carried out by the Holder/Processor involves any operations or sets of operations performed regardless of the methods, whether automated or not, for the purpose of collecting, recording, storing, updating, grouping, blocking, erasing, and destroying personal data.
15. The personal data shall be processed by the Holder/Processor subject to the consent of the personal data subject (hereinafter referred to as the Consent), except for cases set by law, when processing of personal data may be carried out without such Consent.
16. The personal data subject decides on the provision of his/her personal data and submits such decision in writing in hard copy or in the form of an electronic document signed with an electronic signature in accordance with the laws of the Kyrgyz Republic.
17. The termination of personal data processing may be based on the achievement of the processing personal data goals, updating of personal data, as well as the identification of illegal personal data processing.
18. The Holder/Processor, in order to achieve the processing purposes, may transfer personal data to third parties with the consent of the personal data subject, provided that the recipient of the data is obliged to keep the data confidential.
19. When processing personal data, the Holder/Processor shall take or ensure the adoption of the necessary legal, organizational and technical measures to protect personal data against unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution, as well as other illegal actions in relation to personal data.
20. Personal data shall not be stored longer than necessary to achieve the purposes of its collection. Storage periods may be extended only to serve the interests of the personal data subject or if this is provided for by the laws of the Kyrgyz Republic.
6. Updating, correcting, deleting and destroying personal data upon requests for access to personal data from personal data subjects.
21. If the fact of inaccuracy of personal data or illegality of its processing is confirmed, personal data is subject to updating, blocking or destruction depending on the legality of its collection, storage and processing by the Holder/Processor, unless its processing shall be terminated accordingly.
22. In case of inaccuracy of personal data or illegality of its processing, the personal data subject may contact the Holder or the competent public authority.
23. Upon written request of the personal data subject, the Holder/Processor shall provide information about the personal data processing carried out by it, containing the following:
23.1. confirmation of the fact of personal data processing by the holder (owner) of the personal data array;
23.2. legal grounds and purposes of personal data processing;
23.3. purposes and methods of personal data processing used by the holder (owner) of the personal data array;
23.4. name and location of the holder (owner) of the personal data array, and information about the persons (except for employees of the holder/owner) who have access to personal data or to whom personal data may be transferred under a contract with the holder (owner) of the personal data array or under the law;
23.5. processed personal data related to the relevant personal data subject, its source;
23.6. time frames for processing personal data, including the storage periods;
23.7. procedure for exercising the rights provided for by this Law by the personal data subject;
23.8. information about any completed or intended cross-border data transfer;
23.9. other information provided for by this Law and/or other legal acts.
24. If the subject does not have the rights to access the requested information, a reasoned refusal shall be sent.
25. Upon expiration of the storage period and achievement of the purposes of collecting personal data, it shall be destroyed within two weeks. Destruction is confirmed by a document, a copy of which may be provided to the personal data subject upon his/her written request.
7. Final Provisions
26. All relations concerning the personal data processing that are not covered by this Policy shall be governed in accordance with the provisions of the Law of the Kyrgyz Republic "On Personal Information."
27. The Holder/Processor may introduce changes to this Policy. When introducing changes to the current version, the date of the last update shall be indicated. The new version of the Policy shall come into force from the date it becomes available to the public, subject to the mandatory preliminary announcement of the planned changes at least 14 business days prior to the date of publication of the new version of the Policy.
Notification about the use of cookies
Our website, like most others, uses cookies and other similar technologies (pixel tags, etc.) to provide services that best suit your interests and needs, and to collect statistical and marketing information to analyse and improve our services and websites.
By using this site, you consent to the use of cookies and other similar technologies in accordance with this Notice.
If you do not agree to us using this type of cookie, you must adjust your browser settings accordingly or not use our website.
Please note that if you block or delete cookies, we cannot guarantee that our website will work correctly on your browser.
Cookies that are stored through the website do not contain information that can be used to identify you.
What is a cookie and other similar technologies
A cookie is a small text file stored on your computer, smartphone or other device that you use to visit websites.
Some pages you visit may also collect information using pixel tags and web beacons, which are electronic images called single-pixel (1×1) or blank GIF images.
Cookies may be placed on your device by us ("own" cookies) or by other operators ("third party" cookies).
We use two types of cookies on the website: 'session cookies' and 'persistent cookies'. Session cookies are temporary cookies that remain on your device until you leave the site. A persistent cookie stays on your device for a long time or until you manually delete it (how long a cookie stays on your device will depend on the length or "lifetime" of the particular cookie and your browser settings).
Cookies come in different types:
Necessary. These files are necessary to ensure the proper operation of the site, the use of its functions. Disabling the use of such files will lead to a drop in site performance, inability to use its components and services.
Cookies related to performance, efficiency and analytics. These cookies allow us to analyse visitors' interaction with the site, optimise the content of the site, measure the effectiveness of advertising campaigns by providing information on the number of visitors to the site, the time of use, and errors that occur.
Functional cookies remember users who have already visited our site, their individual parameters (such as language and region, for example) and preferences, and help to personalise the content of the site.
Social Media Access Buttons. These are used to allow users to share a link to a social media page or bookmark an email. These buttons are links to social media websites owned by third parties, which in turn may record information about your online activity, including on our website. Please review the respective terms of use and privacy policies of such sites to understand how they use your data and how you can opt-out or delete your data.
Third Party Web Services. We sometimes use third-party web services on this website. For example, to display certain elements (images, videos, presentations, etc.), to organise surveys, etc. As with social media buttons, we cannot prevent these sites or external domains from collecting information about how you use the content on the site.
How do I manage cookies?
Most internet browsers are initially set to automatically accept cookies.
At any time, you can change your browser settings to block cookies or to alert you when cookies are sent to your device (refer to your specific browser's usage guide). Disabling cookies may affect your browsing experience.
If you use multiple devices and/or browsers to access the Internet, the appropriate settings must be changed in each of them.
Final Terms
At our sole discretion, we may change this Notice from time to time.
If you have any questions, we can be contacted using the contacts on our website.
Payment system operator license – №2022160218 dated 16.02.2018.
Payment company license - №3027111019 dated 11.02.2019.