1. INTRODUCTION
1.1 All Data will be collected, processed and protected in accordance with the Acting Law of the AIFC, including AIFC Data Protection Regulations No.10 of 2017 dated 20 December 2017 and AIFC Data Protection Rules No.1 of 2018 dated 22 January 2018.
1.2 Advanced Payment Solutions Ltd. (“APS, ”“we”, “us”, “our”) operates APS website (the “Site”). This page informs users of the Site (“you”, “your”, the “User”) of our policies regarding the collection, use, and disclosure of Personal Data when you use our Site and the choices you have associated with that data.
1.3 We reserve the right to make changes to this Privacy Policy at any time and for any reason. Any changes or modifications will be effective immediately upon posting the updated Privacy Policy on the Site, and you waive the right to receive specific notice of each such change or modification.
1.4 You are encouraged to periodically review this Privacy Policy to stay informed of updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes in any revised Privacy Policy by your continued use of the Site after the date such revised Privacy Policy is posted.
1.5 By “Personal Data”, we mean any data referring to an Identifiable Natural Person. Personal data may include, but is not limited to information which, either alone or in combination with other data, enables you to be directly or indirectly identified, for example your name, email address, username, contact details or any unique identifier such as an IP address, device ID or other online identifier, racial or ethnic origin, communal origin, criminal record, health.
1.6 Please read the following carefully to understand what data we collect, how that data is used and the ways it can be shared by us. If you do not wish for your Personal Data to be used in the ways described within this Privacy Policy then you should not access or use the Site or use the services, functions, or features offered from time to time on the Site (“Service”).
2. INTERPRETATION
2.1.The following definitions and rules of interpretation apply in this Policy.
Definitions
Acting Law of the AIFC: has the meaning given by article 4 of the Constitutional Statute.
AFSA means the Astana Financial Services Authority.
AIFC means the Astana International Financial Centre.
AIFC Regulations means regulations adopted by the Management Council or the Governor, and includes, for example, these Regulations.
AIFC Rules means rules adopted by the Board of Directors of the AFSA, the Board of Directors of the AIFCA or the Governor.
Constitutional Statute means the Constitutional Statute of the Republic of Kazakhstan dated 7 December 2015 entitled On Astana International Financial Centre.
Commissioner of Data Protection means the individual who is appointed as Commissioner of Data Protection under section 22 (Appointment of Commissioner etc.) AIFC Data Protection Regulations No.10 of 2017 dated 20 December 2017.
Data means any information:
(a) that is being Processed by means of equipment operating automatically in response to instructions given for the purpose; or
(b) that is recorded with intention that it should be Processed by means of equipment mentioned in paragraph (a); or
(c) is recorded as part of a Relevant Filing System or with intention that it should form part of Relevant Filing System.
Data Subject, in relation to Personal Data, means the individual to whom the Personal Data relates.
Identifiable Natural Person means a living natural person who can be identified, directly or indirectly, in particular by reference to an identification number or to 1 or more factors specific to the person’s biological, physical, biometric, physiological, mental, economic, cultural or social identity.
Person includes any natural person or incorporated or unincorporated body, including a company, partnership, unincorporated association, government or state.
Personal Data means any Data referring to an Identifiable Natural Person.
Process, in relation to Personal Data, means perform any operation or set of operations on the Personal Data, whether or not by automatic means, and includes, for example, the collection, recording, organization, storage, adaptation or alteration, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of the Personal Data.
Recipient, in relation to Personal Data, means any Person to whom the Personal Data is disclosed (whether or not a Third Party), but does not include a regulator, the police or another government agency of any jurisdiction if the agency receives the Personal Data in the framework of a particular inquiry.
Relevant Filing System means any set of information relating to an Identifiable Natural Person to the extent that, although the information is not Processed by means of equipment operating automatically in response to instructions given for the purpose, the set is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible.
Sensitive Personal Data means Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade union membership, and health or sex life.
Writing includes:
(a) in relation to a certificate, instrument, notice or other thing—the thing in any form that preserves a record of the information contained in it and is capable of being reproduced in tangible form, including by electronic means; and
(b) in relation to a communication—any method of communication that preserves a record of the information contained in it and is capable of being reproduced in tangible form, including by electronic means.
Year means a calendar year according to the Gregorian calendar.
1. Clause, Schedule and paragraph headings shall not affect the interpretation of the Policy.
2. Capitalized terms, not otherwise defined herein shall have the meaning assigned to them in accordance with the Acting Law of the AIFC, including the AIFC Regulations and AIFC Rules.
3. Unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular.
3. LEGAL GROUND FOR USING YOUR PERSONAL DATA
3.1. Under Acting Law of the AIFC that is designed to protect your Personal Data, we need to have what is called a lawful basis or ground each time we use, share or otherwise Process your Personal Data.
3.2. By reading and agreeing to this Privacy Policy, you are as Data Subject consenting to us to Process, collect and transfer your Personal Data as detailed within this Privacy Policy.
3.3. We may also need to Process your Personal Data to comply with any legal obligations which may be applicable. Likewise, we may Process your Personal Data where this is in the public interest or it is to protect your vital interests, but this will only be in rare circumstances.
3.4. In most cases, our Processing of your Personal Data is necessary for the performance of our Service to you.
3.5. Certain uses of your Personal Data, or other Processing activities, may not be strictly necessary to perform our services to you, however, they may be necessary for the purposes of our legitimate interests or the legitimate interests of a third party. They may also be in your interests.
When we say “legitimate interests”, we mean our (or a third party’s) interests in enabling us to provide our services to you as efficiently and securely as possible. For example, we may choose to use a third party to store your Personal Data; we may do this in part because our use of that service means that your Personal Data is more secure.
4. PROCESSING YOUR PERSONAL DATA
4.1.We Process your Data to provide and improve the Site. By using the Site, you agree to the relevant Terms and Conditions and agree to the collection and use of information in accordance with this Policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions and the Agreement.
5. DATA COLLECTION
5.1.You directly provide APS with most of the Data we collect. APS collects next class of information related to you:
5.2.Personal Data including Sensitive data. We collect Data and Process Data when you:
register online or place an order for any of our products or services;
corresponding with us by e-mail, other electronic mean of communications or otherwise;
Using the Site; or
Use or view our Site via your browser’s cookies
6. WHAT TYPES OF DATA WE COLLECT
6.1. The Personal Data most often collected and maintained in a customer file includes customer identification, transaction history including records of payments made. Each time you use the Site, we may automatically collect the following information, which may be considered to be Personal Data when combined with other information about you:
Each time you use the Site, we may automatically collect the following information, which may be considered to be Personal Data when combined with other information about you:
Personal Data
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:
Email address
First name and last name
Phone
Country
City
Company
Position
Industry
Facebook accounts link
LinkedIn account link
User type
Usage Data (usage-related information from the use of the Site)
Technical Information
Technical information, including the Internet protocol (IP) address used to connect your computer or other device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Similar to other websites, our Site utilizes browser cookies (small text files stored on a user’s web browser when you visit a website), web beacons and similar tracking technologies (collectively, “Cookies”) to collect and store certain information when you use, access, or interact with our services.
Usage Data
This Usage Data may include information such as the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any email address / phone number / other contact information for communication provided by you on our Site / Customer Support, unique device identifiers and other diagnostic Data.
When you access the Site by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, unique device identifiers and other diagnostic Data.
We may receive information about you from other sources, including third parties that help us update, expand, and analyze our records; prevent or detect fraud; process payments; or analyze your use of our Services. Our Services may also include integrated content or links to content provided by third parties (such as live chat, social media content, plug-ins and applications). Additional third parties may include our affiliated entities.
7. WHY WE NEED DATA
7.1. If you wish to transact on and use the Site or APS will collect information about you for the purpose set out below. We may use the collected Data for various purposes:
to provide and maintain the Site;
to notify you about changes to our Site;
to allow you to participate in interactive features of our Service when you choose to do so;
to provide customer care and support;
to provide analysis or valuable information so that we can improve the Site;
to monitor the usage of the Site;
to detect, prevent and address technical issues;
to establish and maintain a responsible commercial relationship with you;
to process your order, manage your account;
to understand your needs and your eligibility for products and services;
to provide information to you about developments and new products, including changes and enhancements to the Site;
to develop, enhance, and market products and services, and provide products and services to you;
to provide you with news and other matters of general interest to you as our customer;
as we believe reasonably necessary, advisable or appropriate to comply with our legal or regulatory obligations and to respond to legal, regulatory, arbitration or government process or requests for information issued by government authorities or other third parties or to protect your, our, or others’ rights.
to fulfill the requirements stipulated under the Anti-money laundering and counter-terrorist financing legislation.
8. HOW WE SHARE INFORMATION ABOUT YOU
8.1. Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to this transfer.
APS will take all steps reasonably necessary to ensure that your Data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate levels of protection (Website appropriate safeguards) including the security of your Data and other personal information (according to the Schedule 2 of AIFC Data Protection Rules No.1 dated 22 January 2018).
9. DISCLOSURE OF DATA
9.1. We may disclose your Personal Data in the good faith belief that such action is necessary to:
to comply with the Acting Law of the AIFC;
to protect and defend the rights or our property;
to prevent or investigate possible wrongdoing in connection with the Site;
to protect the personal safety of users of the Site or the public;
to protect against legal liability.
You agree that we have the right to share your Personal Data with:
Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries including their respective contractors, affiliates, employees or representatives.
Our service providers, to the extent necessary to supply the Services to you.
Selected third parties, including analytics and search engine providers that assist us in the improvement and optimization of the Services.
Authorities and law enforcement agencies worldwide either when ordered to do so or on a voluntary basis if this appears reasonable and necessary to us.
We will also disclose your Personal Data to third parties:
If APS or substantially all of its assets are acquired by a third party, in case Personal Data held by it about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply the Terms and Conditions and other agreements; or to protect the rights, property, or safety of us, our clients, or others. APS reserves the right to share current and historical bids, asks, and market prices; opening and closing range prices; high–low prices; trade prices; estimated and actual trade volumes; settlement prices; and other aggregate Data and information.
10. HOW WE SECURE YOUR DATA
10.1. APS is committed to protecting your privacy. Internally, only people with a business need to know Personal Data, or whose duties reasonably require access to it, are granted access to customers’ Personal Data. Such individuals will only Process your Personal Data on our instructions and are subject to a duty of confidentiality.
The Site’s systems and data are reviewed periodically to ensure that you are getting a quality service and that leading security features are in place. We have put in place procedures to deal with any actual or suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The Site’s systems and data are reviewed periodically to ensure that you are getting a quality service and that leading security features are in place. We have put in place procedures to deal with any actual or suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
11. HOW LONG WE STORE YOUR DATA
As a regulated financial institution, APS will keep your personal or company data for 6 (six) Years after the termination business relationships with APS as this data is archived for evidentiary purposes, in accordance with the Acting Law of the AIFC. We only access your Data internally on a need to know basis, and we’ll only access or Process it if absolutely necessary. Once this time period has expired, we will delete your Data by APS team through APS backend system.
12. HOW YOU CAN CHANGE YOUR DATA
12.1. You can contact us at any time with a request regarding the rectification, erasure, or blocking of Personal Data.
13. YOUR RIGHTS CONCERNING PERSONAL DATA
13.1. In accordance with the Acting Law of the AIFC (in particular AIFC Data Protection Regulations No.10 of 2017 dated 20 December 2017), you have the right to exercise the following rights with APS at any time:
(i) Right to information about Personal Data and to rectification etc.
You have the right to obtain from the APS on request, at reasonable intervals and without excessive delay or expense:
(a) Written confirmation about whether or not Personal Data relating to you is being Processed and Written information at least about the purposes of any Processing, the categories of any Personal Data being Processed, and the Recipients or categories of Recipients to whom any Personal Data is disclosed; and
(b) communication to A in an intelligible form of the Personal Data being Processed and of any available information about its source; and
(c) as appropriate, the rectification, erasure or blocking of Personal Data if the Processing of the Personal Data Contravenes these Regulations.
(ii) Right to object to Processing
1. You have the right:
(a) to object at any time, on reasonable grounds relating to yours particular situation, to the Processing of Personal Data relating to you; and
(b) to be informed before the Personal Data is disclosed for the first time to a Third Party or used on a Third Party’s behalf for the purposes of direct marketing, and to be expressly offered the right to object to such a disclosure or use.
2. If there is a justified objection by you in relation to Personal Data, APS must no longer Process that Personal Data
14. SERVICE PROVIDERS
14.1. We may employ or engage Third party companies and individuals to facilitate our Site (“Service Providers”), to provide the Site on our behalf, to perform Site-related services or to assist us in analyzing how our Site is used. These Third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
15. LINKS TO OTHER SITES AND PROTECTING YOUR PERSONAL DATA
15.1. This Privacy Policy and the use of your Personal Data only applies to the information you provide to us. You are cautioned that if you disclose Personal Data or personally sensitive data through use of the Internet, such as through chat rooms, communities, bulletin boards, or other public online forums, this information may be collected and used by other persons or companies over which APS has no control. Our Site may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services. It is your responsibility to review the privacy statements, policies, terms, and conditions of any person or company to whom you choose to link or with whom you choose to contract. APS is not responsible for the privacy statements, policies, terms, conditions, or other content of any Site not owned or managed by APS. APS takes all reasonable endeavors to protect and safeguard Personal Data, but there are protective measures you should take, as well. Do not share your Personal Data with others unless you clearly understand the purpose of their request for it and you know with whom you are dealing. Do not keep sensitive Personal Data in your e-mail inbox or on Webmail. If you are asked to assign passwords to connect you to your Personal Data, you should use a secure password and always use two-factor authentication (2FA), where available. You should change your password regularly.
16. CHILDREN’S PRIVACY
16.1. Our Service does not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
17. HOW CAN YOU LODGE A COMPLAINT
17.1. You have the right to file a complaint if you are not favorably influenced by the Processing of Data and/or have not received information about the rectification, erasure, or blocking of Personal Data or/and object to the Processing of your Data.
18. CONTACT US
If you have any questions about this Privacy Policy, please contact us by email:
[email protected] .
Tel: +7 701 9516595
Advanced Payment Solutions Ltd.
Kazakhstan, Astana city,
Yessil district,
Mangilik Yel Avenue, building 55/16,
offices: 341-342, post code Z05T3F2.
19. HOW TO CONTACT THE APPROPRIATE AUTHORITY
19.1. If you are dissatisfied with our response you may refer the matter to the AFSA. For more details, visit the AFSA website at https://afsa.aifc.kz/. The AFSA will only consider complaints submitted in Writing. To submit a complaint you can complete AFSA’s online Complaints Form or alternatively by post to the following address: Astana Financial Services Authority (AFSA), Astana, 55/17 Mangilik El Avenue, Pavilion C-3.2. You may lodge a complaint with the AIFC Commissioner of Data Protection.