The rules for processing personal data of “—–” (abbreviated name – LLC “—–” (TIN —–, OGRN —–) have been developed in accordance with the provisions of the legislation of the Republic of Uzbekistan and the Privacy Policy posted on the website https://kelyanmedia.com/ at the address: ____________ (hereinafter referred to as the Privacy Policy),

Terms and definitions.
***
Parties – the Operator and any User registered in the Application.
Personal data (PD) is any information relating directly or indirectly to a specific or identifiable individual (subject of personal data).
Processing of personal data is any action (operation) or set of actions (operations) performed with the use of automation tools or without the use of such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
Dissemination of personal data is actions aimed at disclosing personal data to an indefinite number of persons.
Provision of personal data - actions aimed at disclosing personal data to a specific person or a specific group of persons.
Blocking of personal data is a temporary cessation of the processing of personal data (except in cases where the processing is necessary to clarify personal data);
Destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material carriers of personal data are destroyed;
Depersonalization of personal data is an action that makes it impossible to determine the ownership of personal data by a specific subject of personal data without using additional information.
Information is data (messages, data) regardless of the form of its presentation.
Documented information is information recorded on a tangible medium by documenting, with details that make it possible to identify such information or its tangible medium.
Confidentiality of personal data is a mandatory requirement for the Operator or another person who has gained access to personal data to prevent their dissemination without the consent of the subject of the personal data or the presence of another legal basis.

1. General Provisions.
1.1. The PD Rules establish the Operator’s obligations to non-disclosure and ensuring the protection of the confidentiality of personal data that the User provides.
1.2. The use of the Service by the User means consent to the PD Rules and the terms of processing of the User’s personal data by the Operator.
In case of disagreement with the terms of the PD Rules, the User undertakes to stop using the Service.
1.3. Personal data permitted for processing within the framework of these PDn Rules are provided by the User voluntarily by filling in various forms during registration in the Application and using the Service and include the following information: last name, first name, patronymic, date, month and year of birth, details of the identity document (passport), TIN number, photo and video of their personal image, telephone number, registration address, other similar information provided by the User about themselves, and on the basis of which identification of the subject of personal data is possible.
1.4. The Operator has the right to carry out all legally necessary actions with the received personal data of Users, related exclusively to achieving the goals specified in Section 2 of the Rules.
1.5. Any other personal and confidential information not specified above is subject to secure storage and non-dissemination by the Operator and the User.
2. Basic principles and purposes of collecting personal information. 2.1. The Operator processes personal data that is necessary to provide the Service to the User. 2.2. The User hereby instructs the Operator and agrees that the Operator:
– processes the User’s personal data for the purpose of providing access to the Service and its functionality, checking, researching and analyzing such data, allowing to maintain and improve the current functionality of the Service, develop new functionality, as well as for other purposes stipulated by these PDn Rules;
– takes all necessary measures to protect the User’s personal data from unauthorized access, modification, disclosure or destruction;
– provides access to the User’s personal data only to those employees, contractors and agents of the Operator who need this information to ensure the functioning of the Service and provide Users with access to its use;
– will and has the right to use the information provided by the User, including personal data, in order to ensure compliance with the requirements of the current legislation of the Republic of Uzbekistan (including for the purpose of preventing and/or suppressing illegal and/or unlawful actions of Users).
2.3. Principles of processing personal data of Users:
– the processing of personal data must be carried out exclusively on legal grounds and in the interests of Users;
– the processing of personal data must be limited to the achievement of specific legitimate purposes;
– when processing personal data, the accuracy, sufficiency and, where necessary, relevance of personal data is ensured;
– personal data must be stored in a form that allows the identification of the subject of personal data, no longer than required by the purposes of processing personal data.
2.4. The Operator processes the User’s personal data for the following purposes:
– execution of agreements with the User to provide access to the functionality of the Service, for administration of the Service;
– identification of the User when registering in the Application and authentication of the User when using the Service;
– provision of services, processing requests and applications from the User;
– establishing feedback with the User, including sending notifications and requests;
– confirmation of the completeness of the personal data provided by the User;
– concluding agreements with the User, making mutual settlements;
– collecting statistics;
– improving the quality of the Service, its ease of use and developing new services;
- conducting marketing (advertising) events, sending offers, promoting services in the market
by making direct contacts with potential consumers.
2.5. The User is aware and agrees that for the purposes provided for in the PD Rules, the Operator has the right to:
– collect and use additional information related to the User, received during the User’s access to the Service or from third parties, and including data on technical means (including mobile devices) and methods of technological interaction with the Service (including the host IP address, the type of the User’s operating system, browser type, geographic location, provider data, etc.), on the User’s activity on the Service, Cookies, information on errors issued to Users, downloaded files, videos, tools, as well as other data obtained in the ways established by the PDn Rules;
– manage statistical information related to the functioning of the Service, as well as information of Users for the purposes of organizing the functioning and technical support of the Service and fulfilling the terms of these Rules.

3. Terms of processing personal information.
3.1. The processing of the User's personal data is carried out within the timeframes specified in paragraph 3.5 of the PD Rules, in any legal way, including in personal data information systems, using automation tools (in the form of electronic images of documents), except for cases when non-automated processing of personal data is necessary in connection with the implementation of legal requirements. The processing of Users' personal data is carried out in accordance with the Law of the Republic of Uzbekistan dated 02.07.2019 No. ЗРУ-547 "On Personal Data".
3.2. The source of information about all personal data of the User is the User of the Service himself. By filling out any form and/or attaching a file when registering in the Application and when using the Service, the User thereby consents to the processing of his personal data for the purposes specified in Section 2 of the PD Rules. The User confirms the rights and obligations in relation to his account created in this way.
3.3. The User's personal information is kept confidential, except in cases where the User voluntarily provides information about themselves for general access to an unlimited number of persons. When using the Service, the User agrees that a certain part of their personal information, as a result of the User's actions, becomes publicly available to other Users of the Service and Internet users, and may be copied and/or distributed by such Users, taking into account the available privacy settings.
The following personal information of Users is publicly available, in particular: last name, first name, patronymic, telephone number, passport series and number, covered by a mask (for example, 65** 04***2). 3.4. The Operator takes the necessary organizational and technical measures to protect the User's personal information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.
3.5. The Operator stores information about the User for the period of the latter's access to the Service, as well as 3 (three) months from the date of termination of such access for any reason. If the Operator receives an application from the User to revoke consent to the processing of PD, the Operator stops processing the User's PD from the date specified in the application, but not earlier than the date following the date of actual receipt by the Operator of the revocation.
3.6. The Operator stores the personal data of the User and his employees. In this case, the User guarantees that he has received the consent of each of his employees to transfer his personal data to the Operator.
The Operator, being the processor of personal data on behalf of the User, is not obliged to obtain the consent of the User's employees to process their personal data. By unconditionally accepting the terms of these Rules, the User confirms that he has received the consent of his employees in advance to transfer their personal data to the Operator.
The User shall bear sole responsibility to the User's employees whose personal data is processed by the Operator on behalf of the User.
The Operator processes the personal data of the User’s employees in full accordance with the provisions provided for in these Rules.
3.7. The Operator processes personal data in the following ways: collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of the User’s personal data.
The storage of Users' Personal Data is carried out exclusively on electronic media and processed using automated systems, except in cases where non-automated processing of personal data is necessary in connection with compliance with legal requirements.
3.8. The Operator may transfer personal data of Users, including cross-border transfer to the territory of foreign states, subject to obtaining the consent of the User and ensuring the necessary protection of the rights of personal data subjects, to the Operator’s counterparties, who are engaged by the Operator to provide services to maintain the proper technical condition, operability, and modification of the Service.
3.9. If the User does not agree with the processing of his/her personal data, including biometric data, by the Operator, the User must not publish this information or provide this data when registering in the Application and using the Service. As soon as the User provides his/her personal data, including biometric data, when registering in the Application and using the Service to the Service, they will be available to the Operator and other users of the Service.

4. Obligations of the parties.
4.1. The User is obliged to:
– Provide correct information about personal data necessary for the purposes specified in Section 2 of the Personal Data Rules.
– Update and supplement the provided information on personal data in the event of changes to this information.
4.2. The operator is obliged to:
– Use the information received solely for the purposes specified in Section 2 of the Personal Data Rules.
– Ensure that confidential information is kept secret.
– Take precautions to protect the confidentiality of the User’s personal data in accordance with the procedure usually used to protect such information in existing business practices.
– Block personal data related to the relevant User from the moment of the User’s request or appeal, or of their legal representative, or of the authorized body for the protection of the rights of personal data subjects for the period of verification, in the event of detection of inaccurate personal data or illegal actions.
4.3. When processing personal data, the operator is obliged to take the necessary legal, organizational and technical measures to protect personal data from unauthorized, illegal or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data, by:
– development and implementation in the organization of documents regulating work with personal data;
– restrictions and regulations on the composition of employees who have access to personal data;
– implementation of a permit system for access by Users to information resources, software and hardware for processing and protecting information;
– implementation of anti-virus control, prevention of the introduction of malicious programs (virus programs) and software backdoors into the corporate network;
– detection of intrusions into the Operator’s corporate network that violate or create preconditions for the violation of established requirements for ensuring the security of personal data;
– backup of information.
4.4. When determining the volume and content of personal data processed, the Operator is guided by the Law of the Republic of Uzbekistan dated 02.07.2019 No. ЗРУ-547 "On Personal Data".
4.5. The Operator undertakes to ensure that unauthorized and inappropriate access to the personal data of the Service Users is prevented.
In this case, authorized and targeted access to the personal data of the Service Users will be considered to be access by persons authorized by the Operator within the framework of the objectives of the activities and subject matter of the Service.

5. Responsibility of the parties and dispute resolution.
5.1. The Operator that has failed to fulfill its obligations shall be liable to the User for direct actual damage in connection with the illegal use of personal data in accordance with the legislation of the Republic of Uzbekistan.
5.2. In case of loss or disclosure of personal data, the Operator shall not be liable if this information:
– became publicly known prior to its loss or disclosure;
– was received from a third party prior to its receipt by the Operator;
– was disclosed with the consent of the User.
5.3. The current legislation of the Republic of Uzbekistan shall apply to the Personal Data Rules and the relations between the User and the Operator.
In the event of any disputes or disagreements related to the implementation of the PDn Rules, the User and the Operator will make every effort to resolve them through negotiations between them. In the event that disputes are not resolved through negotiations, disputes are subject to resolution in the manner established by the current legislation of the Republic of Uzbekistan.
5.4. Before filing a claim in court regarding disputes arising from the relationship between the User and the Operator, it is mandatory to file a claim.
If no agreement is reached, the dispute will be referred to a judicial body in accordance with the current legislation of the Republic of Uzbekistan.

6. Final provisions.
6.1. These PD Rules are valid for an indefinite period, and in terms of the User's consent to the processing of PD - until it is revoked by the User by sending a corresponding notice to the Operator's e-mail address, as well as by written request to the Operator's legal address. The selected method of communication must guarantee the Operator's ability to reliably identify the person who has applied. 6.2. The PD Rules are an open and publicly available document, located on the website PRILOGAZENIE.ru at the address: _________________.
6.3. The User may contact the Operator with a request to clarify, change, block, revoke, etc. their personal data by email at [email protected].