Privacy Policy
LLC. “Geoinstrumenti”
“Megageohub” store
Personal data protection policy
Definition of terms
1.1. Data processor -LLC. Geoinstrumenti (hereinafter the company);
1.2. Personal data (hereinafter – data) – any information related to an identified or identifiable natural person. A person is identifiable when it is possible to identify him or her directly or indirectly, in particular, with an identification number or a characteristic of a person with physical, physiological, psychological, economic, cultural or social signs;
1.3. Data processing – any action performed on data using automatic, semi-automatic or non-automatic means, in particular, collection, recording, organization, storage, modification, recovery, retrieval, use or disclosure by transmission, distribution or otherwise making data available, grouping or combination, block, delete or destroy;
1.4. Automatic data processing – data processing using information technologies;
1.5. Semi-automatic data processing – data processing using information technology and non-automatic means;
1.6. Data subject – any natural person about whom data is processed;
1.7. Consent – after receiving the relevant information by the data subject, the voluntary consent expressed orally, by telecommunication or other appropriate means to the processing of data about him for a specified purpose, by which it is possible to clearly determine the will of the data subject;
1.8. Written consent of the data subject – voluntary consent expressed by the data subject to the processing of data about him for a specified purpose after receiving relevant information, which the data subject signed or otherwise indicated in writing or in a form equivalent to it;
1.9 Authorized person – any natural or legal person who processes data for or on behalf of the company;
1.10. Third party – any natural or legal person, public institution, except for the data subject, state inspector service, data processor and authorized person;
1.11. Data blocking – temporary suspension of data processing;
1.12. Depersonalization of data – modification of data in such a way that it is impossible to connect them to the data subject or establishing such a connection requires disproportionately large efforts, costs and time;
1.13. Identification number – personal identification number;
1.14. State Inspector – an official provided by the Law of Georgia “On the State Inspector Service”, who is responsible for supervising the implementation of data protection regulatory legislation;
1.15. Direct marketing – offering goods, services, employment or temporary work through mail, telephone calls, e-mail or other telecommunications means.
2. Policy and purpose of personal data processing
2.1. This Policy (hereinafter “Policy”) applies to all natural persons (such as “Company’s” customers, employees, contractors and others – hereinafter also “Data Subject”) about whom “Company” processes personal data (hereinafter “Data”).
3. Rules for processing personal data
3.1. “Company” processes the personal data of the data subject in order to provide services to the user, such as:
3.1.1. Name and surname;
3.1.2. Personal number;
3.1.3. Unique features and/or copy of ID card, passport, the same electronic document;
3.1.4. Personal email address;
3.1.5. Telephone number;
3.1.6. Legal/actual address;
3.1.7. Other information and/or data, the processing of which is allowed by the legislation of Georgia, allows the personal identification of a person and is required for the purposes of entering into a transaction with the “Company”.
3.2. Data processing is any operation performed on data using automatic, semi-automatic or non-automatic means, namely collection, recording, organization, storage, alteration, retrieval, retrieval, use or disclosure by means of transmission, distribution or otherwise making available, grouping or combination of data , block, delete or destroy.
3.3. The consent of the data subject shall be expressed orally, in writing, by telecommunication or other appropriate means, in a manner that can determine the will of the data subject.
3.4. The data subject declares and confirms that the telephone number and/or e-mail address specified by him during the activation of the personal account on the company’s website (and the telephone number and/or e-mail address subsequently updated in the personal account) is authentic, valid and really belongs to the data subject . Accordingly, the data subject confirms that the mentioned telephone number and/or e-mail address will be his remote communication channels in the legal relationship with the company. Thus, the message sent by the company from the mentioned channels (means) will be considered as sending a message from the data subject and is unconditionally considered as an expression of the will of the data subject. In addition, the company is entitled to send a message to the data subject and/or provide information and/or communicate other content to the mentioned phone number and/or e-mail address, which will be considered as receiving/delivery of the message/information by the data subject.
3.5. “Company” may process the data depending on the service needs.
4. Principles of data processing
4.1. When processing data in the “Company”, the requirements established by the legislation and this policy must be taken into account;
4.2. The following principles are observed during data processing in the “Company”:
4.2.1. Data is processed fairly and legally, respecting the rights of the data subject and not infringing his dignity;
4.2.2. Data will be stored for the period necessary to achieve the purpose of data processing;
4.2.3. Data is processed for specific, clearly defined, legal purposes;
4.2.4. data processing is adequate and proportionate to the purpose;
4.2.5. Data is processed only to the extent necessary to achieve the relevant legal purpose;
4.2.6. The data is true and accurate and, if necessary, subject to updating;
4.3. Further processing of data for other purposes incompatible with the original purpose is not allowed. Data collected without a legal basis and irrelevant to the purpose of processing must be blocked, deleted or destroyed;
4.4. After achieving the purpose for which the data is processed, they must be blocked, deleted or destroyed or stored in a form that excludes the identification of a person, unless otherwise established by law.
5. Data collection and recording
5.1. Data collection is mainly carried out:
5.1.1. When interacting with the employees/contractors of the “Company” in person and through various means of communication;
5.1.2. while using the Internet and other electronic applications or facilities and carrying out relevant transactions or actions at the same time;
5.1.3. In order to establish labor relations when interacting with different means of communication;
5.1.4. when attempting to enter into a transaction with the “Company”;
5.1.5. by all other means when transferring data from the data subject to the “Company”;
5.2. In the event that the data subject provides the “Company” with information about third parties, the data subject confirms that he has obtained full permission and accepts responsibility for the processing of said data by the “Company”;
5.3. Data recording can be done manually or by various electronic means;
5.4. The provided data must contain complete and correct information, otherwise the provision of services by the “Company” may be delayed or impossible;
6. Basics of data processing
6.1. Data processing is necessary for the “Company” to fulfill its obligations under the law;
6.2 Data processing is necessary to protect the vital interests of the data subject;
6.3 Data processing is necessary to protect the legitimate interests of the “Company” or a third party, unless there is an overriding interest in protecting the rights and freedoms of the data subject;
6.4. According to the law, the data is publicly available or the data subject has made it available;
7. Data storage
In “Company” data is stored only for the period necessary to achieve the purpose of data processing, unless otherwise established by law.
During the data storage period, the data will be available for the purposes of professional and business needs only authorized by the “Company”.
The storage of data is mainly carried out within the scope of the right to challenge the statute of limitations established by law, as well as taking into account the principles of protecting the goals and interests of the “Company”.
Use or Disclosure of Data
The data is used and disclosed only in accordance with the agreement concluded with the data subject, the consent(s) expressed when using the relevant products and/or services, and in accordance with the law.
Use of data for marketing or informational purposes
Data obtained from publicly available sources may be processed for direct marketing purposes.
Regardless of the purpose of data collection, the following data may be processed for direct marketing purposes: name(s), address, telephone number, e-mail address, fax number.
Based on the written consent given by the data subject in accordance with this law, any data may be processed for direct marketing purposes.
The data subject has the right to request the “Company” at any time to stop using data about him for direct marketing purposes.
The “Company” is obliged to stop the processing of data for direct marketing purposes and/or ensure the termination of data processing for direct marketing purposes by an authorized person no later than 10 working days after receiving the request of the data subject.
When processing data for direct marketing purposes, the “Company” is obliged to notify the data subject 9.4. on the right provided for in the paragraph and ensure that the data subject has the possibility to request the termination of data processing for direct marketing purposes in the same form in which direct marketing is carried out, and/or to determine an available and adequate means for requesting the termination of data processing for direct marketing purposes.
Data modification and retrieval
The data subject informs the “Company” about the change of the data, the notification of which constitutes an obligation within the framework of the contractual relationship concluded with the “Company”.
The data change is carried out in the case when the information about the data subject in the “Company” is incorrect or incomplete or changes the personal data itself.
The data subject has the right to request about it:
Change/restoration of data in case of existence of proper basis and presentation of relevant supporting documents.
Transfer of information in the “Company” regarding the existing data about him.
The “Company” may have a service fee for providing information, except in cases where the obligation to provide information free of charge is defined by legislation.
7.1 Data processing is required by the “Company” to fulfill its obligations under the law;
7.2 Data processing is necessary to protect the vital interests of the data subject;
7.3 Data processing is necessary to protect the legitimate interests of the “Company” or a third party, unless there is an overriding interest in protecting the rights and freedoms of the data subject;
7.4 In accordance with the law, the data is publicly available or the data subject has made it available;
7.5 Data processing is necessary to protect important public interest in accordance with the law;
Correcting, updating, adding, blocking, deleting and destroying data
Data transfer to other states and international organizations
Data can be transferred to another state and international organization if there are grounds for data processing provided for by this law and if appropriate data protection guarantees are provided in the relevant state or international organization.
Data may be transferred to another state and international organization if:
Data transfer is stipulated by the international agreement and agreement of Georgia;
The data processor provides appropriate guarantees of data protection and the protection of the basic rights of the data subject based on the agreement concluded between the data processor and the relevant state, a legal or natural person of such state or an international organization. In such a case, data can be transferred only after obtaining the permission of the State Inspectorate;
Data security
In accordance with the rules and procedures established by the legislation of Georgia, the “Company” takes adequate measures to prevent accidental or illegal destruction, alteration, disclosure, acquisition, or any other form of illegal use of protected data.
All rights and permissions reserved.