Privacy Policy

PRIVACY POLICY
FOR THE MOBILE APPLICATION
"VISIT KYRGYZ"
Dated April 01, 2023

1. Definition of the concepts

"Law" - the Law of the Kyrgyz Republic "On Personal Information" with all amendments and

additions, as well as other legislative acts of the Kyrgyz Republic.

"Mobile Application" is software (with all existing additions and improvements) designed to work on smartphones, tablets and other mobile devices, and developed for a specific platform (iOS, Android, Windows). For the purposes of this Policy, the Mobile Application means the following software: "VISIT KYRGYZ".

"Personal Data" means a set of personal data about the User provided by the User to the Copyright Holder and/or automatically collected by the Copyright Holder and/or third parties.

"Policy" means the present Privacy Policy of the mobile application (with all existing additions and changes).

"User" means an individual who has downloaded a Mobile Application to a smartphone, tablet or any other mobile device and/or has activated such a Mobile Application on one of these devices.

"User Agreement" means an agreement concluded between the Copyright Holder and the User regarding the procedure, rules and features of the User's use of the Mobile Application. The User joins such an agreement and has no right to make and/or require any changes or additions to it. The user can read the terms of the User Agreement for the "VISIT KYRGYZ" application at the following link: https://www.visitkyrgyz.com /.

"Copyright Holder" means the party who owns the exclusive rights of ownership of the Mobile Application – OJSC "Tourism Development Support Fund of The Kyrgyz Republic". Kyrgyz Republic, Bishkek city, 1/33 Igemberdieva Street, building A.

“The Cloud” performs storage and/or processing of Personal Data received from Users.

"Cookies" means small files sent to any mobile applications or website and placed on the User's smartphones, tablets and other mobile devices to improve the operation of such applications or websites, as well as the quality of the content posted in them.

2. General provisions

2.1. This Policy is implemented by OJSC "Tourism Development Support Fund of The Kyrgyz Republic" in relation to the receipt, processing and protection of personal information of individuals (subjects of personal data) received from the User in connection with the use of a Mobile Application.

2.2. The purpose of the Policy is to provide the individuals providing their personal data with the necessary information to assess what personal data and for what purposes are processed by the Copyright holder, what methods of ensuring their security are implemented, as well as the establishment of basic principles and approaches to the processing and security of personal information in the Organization (Copyright holder).

2.3. The provisions of this Policy are aimed at:

determination of the types and types of Personal Data received, directions and purposes of use (processing) Personal Data, as well as sources of obtaining such Personal Data;

determination of the User's rights regarding the protection of the confidentiality of the Personal Data transmitted to them; and

identification of parties responsible for the processing and storage of Personal Data, as well as third parties to whom such data is disclosed (in whole or in part).

2.4. By installing and/or activating a Mobile Application on a smartphone, tablet or other mobile device, the User agrees to the terms of this Policy and gives his consent to the Copyright Holder to collect, process, retain and store Personal Data in accordance with the procedure and conditions provided for in this Policy.

2.5. This Policy may be changed by the Copyright holder. The Copyright holder has the right at any time at its sole discretion to make changes to this Policy without prior notice to the User about it. When making changes in the current version, the date of the last update is indicated. The new version of the Policy comes into force from the moment it is posted on the web server, unless otherwise provided by the new version of the Policy.

2.6. If the User does not agree with the terms of the Policy and /or individual terms of the Policy are not clear to him, in this case the User is obliged to immediately stop using the Mobile Application.

2.7. This Policy applies only to User information obtained during the use of this Mobile Application. The Copyright holder does not control and is not responsible for the processing of User information by third-party websites to which the User can click on links available on the Mobile Application itself and/or the official web server of the Copyright holder.

3. The concept and composition of personal data

3.1. For the purposes of this Policy, personal data means any information relating directly or indirectly to a certain individual (subject of personal data/information).

3.2. Depending on the subject of personal data, the Copyright Holder may process personal data of Users of this Mobile Application to carry out its activities and to fulfill its obligations.

4. The rights of the user, the copyright holder for the protection of personal data

4.1. In connection with the provision of Personal Data, the User automatically receives the rights:

receive information concerning the processing of his personal data in the manner, form and time limits established by the Legislation on Personal information;

demand clarification of their personal information, its Blocking or Destruction if the personal information is incomplete, outdated, unreliable, illegally obtained, is not necessary for the stated purpose of processing or is used for purposes not previously stated when the Subject of personal information consents to the processing of personal data;

take legal measures to protect their rights;
withdraw your consent to the processing of personal data.
4.2. The copyright holder has the right to:
process the User's personal data of a personal nature in accordance with the stated purpose;

require the User of personal information to provide reliable personal data necessary for the performance of the contract, the provision of services, the identification of the User of personal data, as well as in other cases provided for by the Legislation on personal data;

to process personal data subject to publication or mandatory disclosure in accordance with the legislation of the Kyrgyz Republic;

entrust the processing of personal information to another person with the consent of the User of personal data.

4.3. In case of confirmation of the fact of inaccuracy of personal information or the illegality of their processing, personal information is subject to updating by the operator, and processing must be terminated.

4.4. Upon achieving the purposes of processing personal information, as well as in the case of withdrawal by the User of personal information of consent to its processing, personal information is subject to destruction if:

nothing else is provided for by the contract, the party to which, the beneficiary or the guarantor, according to which the subject of personal information is;

The organization does not have the right to process personal information without the consent of the subject on the grounds provided for by the legislation of the Kyrgyz Republic;

nothing else is provided for by another agreement between the Copyright Holder and the User of personal information.

The Copyright Holder also has other rights and has other obligations established by the law "On Personal Information".

5. List of personal data collected

5.1. In connection with the use of the Mobile Application, the Copyright Holder may automatically collect and process the following non-personalized information about the User:

traffic information, possible number of clicks, login and other data;

information about the User's location (geolocation). The User's location can be used for the User's safety when staying on the territory of the Kyrgyz Republic and responding quickly if necessary to provide medical and other assistance in an emergency situation. The user can disable geolocation at any time by changing the settings of the device from which the Mobile Application is logged in. Geolocation is used by a Mobile Application only when the User is actively using such an application. Geolocation stops functioning when you exit the Mobile App;

information about the device (identification number, mobile operator network) from which the login is performed, operating system, platform, browser type and other information about the browser, IP address.

5.2. Personal data about users. The User provides the Copyright Holder with the following personal data about himself:

full surname, first name and patronymic; date of birth and age;
email address;

mobile phone number;
User's citizenship;
a photo with the User's image. User's Gender;

5.3. Data from the following social network: Facebook. The Copyright Holder may collect, process and store the User ID of any of the social networks used by the User within the framework of the Mobile Application. If the User's registration in the Mobile Application is carried out using one of his accounts in social networks, the User thereby provides the Copyright Holder with automatic consent to the collection, processing and storage of Personal Data that became available to the Copyright Holder through the selected social network.

5.4. Data about orders made to Users/purchases and/or services received/paid for, carried out only through this Mobile Application.

5.5. Data on all publications made by the User in the Mobile Application, including, but not limited to, comments, ratings, reviews, publication of reports, videos and photos, likes, ratings and/or any other forms of activity available to the User in the Mobile Application and/or created content.

5.6. Data and information obtained as a result of combining certain Personal Data of a particular User, as well as data and information received about the User received from third parties (partners, marketers, researchers).

The User is the only person responsible for the completeness of the personal (personal) data provided and is obliged to change them in a timely manner (update, check, correction) on a regular basis.

The Copyright Holder assumes that all personal (personal) data provided by the User is reliable, and that the User maintains such information up to date.

6. Internal functions

6.1. Information about transactions:

The User can pay for services through the Mobile Application by entering information about the payment card and the identification data of the owner of such card into a special field. The user can make a payment in the Mobile Application in the following way:

by bank cards: VISA, Mastercard Union pay, Mir.

The User gives his consent to access and collection by the Copyright Holder and the relevant payment system or banking institution through which the payment is made to such Personal Data, and also agrees to the privacy policy of the relevant payment system or banking institution. The application does not save bank card data on its resources and uses the services of a Payment System Operator.

6.2. Use of cookies

This Mobile Application uses certain cookies to store the IP address, User preferences or the type of device used for the purpose of (1) maintaining statistics of site visits and traffic, and (2) personalizing the data displayed on the User's screen, and (3) storing data necessary for User identification, including when accessing from different devices, and (4) display ads according to

the User's interests and preferences. The mobile application can use both its own cookies belonging to the Copyright Holder and Cookies of third parties.

7. Purposes of personal data collection and processing

7.1. The collection and processing of Personal Data is carried out for the following purposes:

to analyze the User's behavior, as well as to identify the User's preferences for a certain type of content;
for the prompt and correct operation of the Mobile Application, improving the functioning of the Mobile Application, improving the content of the Mobile Application, improving the internal architecture and functionality of the Mobile Application;

to identify the User;
to provide personalized advertising and marketing materials;
to send personalized advertising and marketing materials to the specified email address and/or mobile phone of the User;
to comply with the requirements of the Law;
to track orders/purchases made by the User through the Mobile App;
to determine the User's location and provide medical and other assistance if necessary;
for technical support of the Mobile application, identification of problems in its operation and their elimination;
to keep in touch with the User (communication);
to fulfill other obligations of the Copyright Holder that have arisen before the User;
for conducting statistical research;
for any other purposes, subject to obtaining separate consent from the User.
7.2. The processing of personal information by the Organization is carried out on the basis of the following principles:

legality of the purposes and methods of Processing personal information;
integrity of the Organization as an operator of personal information, which is achieved by meeting the requirements of the legislation of the Kyrgyz Republic regarding the Processing of personal information;
compliance of the composition and volume of personal information processed, as well as methods of Processing personal Information with the stated Processing purposes;
the accuracy and sufficiency, and, if necessary, the relevance of personal information in relation to the stated purposes of their Processing;
destruction of personal information upon achievement of Processing purposes in a way that excludes the possibility of their recovery;
the inadmissibility of combining databases containing personal information, the processing of which is carried out for purposes incompatible with each other.
7.3. Employees of the Copyright Holder who are allowed to Process personal information are required to know and comply with the provisions of:

Legislation of the Kyrgyz Republic in the field of personal information, this Policy;
Local acts of the Copyright Holder on the processing and security of personal information;
Process personal information only as part of the performance of their official duties;
Not to disclose personal information processed in the Copyright Holder;
Report actions of other persons that may lead to a violation of the provisions of this Policy;
Report known facts of violation of the requirements of this Policy to the Person Responsible for organizing the Processing of personal information in the Copyright Holder.

7.4. The security of personal information in the Copyright Holder is ensured by the implementation of agreed measures aimed at preventing (neutralizing) and eliminating threats to the security of personal information, minimizing possible damage.

7.5. The Copyright Holder has the right to disclose Personal Data:

1) its affiliated persons, branches and representative offices opened both on the territory of the Kyrgyz Republic and on the territory of other states;
2) the legal successors of the Rightholder who have arisen as a result of its liquidation, reorganization or bankruptcy, and who have received exclusive rights of ownership of the Mobile Application;

3) payment service providers or banking (financial) institutions to conduct User transactions through a Mobile Application;
4) to third parties solely for the purpose of providing the User with certain content or access to it; 5) to third parties when the User has given consent to the disclosure, transfer or processing of his Personal Data, as well as in other cases expressly provided for by Law or this Policy.

The Copyright Holder discloses Personal Data only if:

1) I am sure that third parties will comply with the terms of this Policy and take the same measures to protect the confidentiality of Personal Data that the Copyright Holder himself takes;

2) consent to such disclosure has been previously expressed by the User and/or is allowed on the basis of the Law.

8. Terms and procedure for storing personal data

8.1. Storage is carried out by third parties on behalf of the Copyright Holder. The User gives his consent to the storage of his Personal Data by third parties on behalf of the Copyright Holder, provided that such third parties preserve the confidentiality of the Personal Data received. The Information storage functions are assigned to the following person: Amazon Web Services (hereinafter referred to as the "Custodian"). Since the person storing Personal Data is located outside the Kyrgyz Republic, the User hereby gives his consent to the cross-border transfer of his Personal Data and to their storage outside the Kyrgyz Republic. The User is hereby notified that the Copyright Holder is taking all necessary protective measures to prevent the disclosure of data.

8.2. Storage is carried out for the entire period necessary to achieve the stated purposes of Personal Data processing.

8.3 The Rightholder undertakes to destroy or depersonalize Personal Data immediately after achieving the purposes of processing.

9. Personal data protection procedure

9.1. Protecting the confidentiality of Personal Data is a primary and important task for the Copyright Holder. The Copyright Holder adheres to all required international standards, rules and recommendations for the protection of Personal Data.

9.2. The Copyright Holder has implemented a number of technical and organizational methods aimed at protecting Personal Data from disclosure or unauthorized access to them by third parties.

10. Final position

Users can read the terms of this Policy at the following link: https://www.visitkyrgyz.com/

This Policy can be translated into a foreign language for those Users who access the Mobile Application outside the Kyrgyz Republic. In case of discrepancy between the original text (Russian) and its translation, the original language shall prevail.

This Policy is valid indefinitely until it is replaced by a new version.

This Policy may be changed from time to time. The Copyright Holder does not bear any responsibility to the User for changing the terms of this Policy without the permission and/or consent of the User.

The User himself undertakes to regularly check the provisions of this Policy for possible changes or additions.

Applicable law:

This Policy has been developed in accordance with the current Law of the Kyrgyz Republic "On Personal Information" dated April 14, 2008 No. 58 (As amended by the Laws of the Kyrgyz Republic dated July 20, 2017 No. 129, November 29, 2021 No. 142, June 30, 2022 No. 53, July 12, 2022 No. 61); Republic of the Kyrgyz Republic dated July 14, 2014 No. 136 "On Biometric registration of Citizens of the Kyrgyz Republic"; Resolution of the Government of the Kyrgyz Republic dated November 21, 2017 No. 759 "On approval of the Procedure for obtaining the consent of a personal data subject to the collection and processing of his personal data, the procedure and form of notification of personal data subjects about the transfer of their personal data to a third party".