CONFIDENTIALITY AND PERSONAL DATA PROTECTION POLICY
This Privacy and Personal Data Protection Policy (hereinafter - the Policy) regulates the collection and processing of confidential (personal) information of users of mobile applications, personal accounts, and the website https://tolk.ua (hereinafter - Services) shared by the Limited Liability Company "AUGUSTA" (identification code 43759275), the limited liability company "VOLYNYELEKTROZBUT" (identification code 42159289) and the limited liability company "ZAKARPATTYAENERGOZBUT" (identification code 41999833) (hereinafter each individual company, and together - the companies).
The Companies treat with great respect the confidential (personal) information of all persons, without exception, who have visited and/or used the Services, in connection with which, the Companies seek to protect the confidentiality of personal data (information or a set of information about a natural person who is identified or can be specifically identified), thereby creating and providing the most comfortable conditions for using the Services for each user.
This Policy sets out the procedure for the processing of personal data by each Company, the types of personal data that are collected, the purposes of using such personal data, the interaction of the Companies with third parties, security measures for the protection of personal data, the terms of access to personal data, as well as contact information for the user to access, amend, block or delete your personal data and address any questions you may have regarding personal data protection practices.
Collection and use of personal data
The Company is the owner and administrator of the personal data of users of the Services. Each Company independently and independently processes the information of users of the Services.
When the user uses the site, the Company processes the user's data, namely:
data provided by the user both when filling out registration forms and in the process of using the Services, including, but not limited to:
e-mail address (e-mail address);
service of interest to the user;
other information that became known to the Company in connection with the implementation of legal relations with a natural person, in compliance with the requirements of the legislation of Ukraine and internal documents of the Company;
parameters and settings of Internet browsers (User-agent).
During the user's use of mobile applications, the Company also processes the user's data, regardless of how the user uses these Services: computer, mobile phone, tablet, or another device. Such data include:
device information such as operating system version, hardware model, IMEI, and other unique device identifiers. The company does not collect information about call history, contact list, etc.;
information about the actions of the Company's client - the user in the Service (system) - such as the time and duration of using the Services, the actions that the Company's client performed while using the Services, and any other information that can be stored in the cookie files that the Company uses on some devices;
other information - about the use of services by the Company's client using the Services, for example, how the Company's client uses the content provided by the Service.
The company collects only those personal data (for example, your name and surname, login and access password, e-mail address, contact phone number, date of birth, etc.) that are knowingly and voluntarily provided by you as the subject of personal data for the purposes of using the services and Services provided by the Company, which in accordance with the requirements of the law is the consent of the subject of personal data to the processing of his personal data in accordance with the purpose of their processing formulated in this Policy.
We draw your attention: the Company is limited to collecting the minimum amount of information necessary exclusively to fulfill the request of the subject of personal data. In any case, where optional information is requested, the user will be notified at the time such information is collected. The Company does not collect any information for the processing of which certain requirements are established by law, such as information about racial or ethnic origin, political, religious, or ideological beliefs, membership in political parties and professional unions, as well as data related to health, sexual life, biometric or genetic data (in accordance with Article 7 of the Law of Ukraine "On the Protection of Personal Data").
The company collects data on the statistics of visits to the Services. The information may contain information about the connection, traffic, and the user's browser, as well as about the date, time, and duration of work on the Internet and the Company's Services.
In addition, personal data provided by a client or a potential client may be included for processing in the Company's personal database (system), namely:
date of birth;
place of residence (stay);
identification number of a natural person (individual tax number);
series and number of the passport (or other identity documents), date of issue, and the body that issued it;
contact phone number; other received data, including those received from open sources.
In order to improve the quality of the provision of Services, information processing can be conducted by the Companies among themselves and the companies-partners of the Companies without the right to disclose and distribute such information to third parties.
Purposes of using personal data
The Company uses the information it collects (and may combine with other collected customer information) for the following purposes:
registration of the Company's client and/or his device in the Services;
provision of a service or function in the Services that the Company's client ordered;
provision of personalized content and recommendations for using the mobile application;
for advertising, for example, providing the Company's client with personalized offers, sending him advertising messages;
to evaluate and analyze the market, customers, products, and services provided through the mobile application (including conducting customer surveys regarding the services provided through the mobile application);
conducting research on how users of the Services use the Services provided to improve the quality of services;
provision of updating and technical support of the Services on the Company's client's device;
other purposes with the consent of the Company's client.
Your personal data is used for the purpose of ensuring the provision of services by the Company, improving the quality of Services, exchange of information, news, and relations in the field of advertising and communication in accordance with and for the implementation of the laws of Ukraine, including, but not limited to: "On the protection of personal data", "On ratification of the Convention on the Protection of Individuals in Connection with Automated Processing of Personal Data and the Additional Protocol to the Convention on the Protection of Individuals in Connection with Automated Processing of Personal Data in Relation to Supervisory Authorities and Cross-Border Data Flows", "About Information", "About Advertising", as well as taking into account the principles and rules of the General Data Protection Regulation (GDPR) of the European Union.
The Company will not disclose/transmit customer information to anyone outside the Company, except for cases provided by the legislation of Ukraine, the terms of agreements (contracts) between customers and the Company, the terms of this Policy, and the consent given by customers to the Company.
Period of storage of personal data
Personal data are stored for no longer than is necessary for the purpose of their processing.
After the subject of personal data has ceased to be a user of the Services by deleting his account, his personal data is also automatically deleted.
Peculiarities of personal data processing in the Company's mobile applications
The Company's processing of information in mobile applications is carried out in accordance with the legislation of Ukraine, agreements (contracts) between customers and the Company, the consent given by the Company's customers, as well as in accordance with this Policy.
In order to provide the Company's clients with the opportunity to confirm their actions in the Service (system) with a one-time temporary password (OTP), the Company requests access to SMS services. A one-time temporary password may be requested during registration or performing certain actions when using the mobile application (performing financial transactions, registration, etc.). In order to carry out a client's financial transaction, the Company uses the mobile phone number of such a client of Company. The company does not collect information about the history of the client's SMS messages, the list of his contacts, etc. Also, the Company can register the device in the relevant services provided by Google or Apple in order to provide the Company's client with the opportunity to confirm his actions in the Service (system) with PUSH messages.
The website https://tolk.ua (hereinafter referred to as the Site) uses cookie files, which are text files or files containing a small amount of information, which are sent to the web browser and stored on the user's device. Such devices can include a computer, mobile phone, or other devices with which the user visits the Site.
Cookies can be permanent (they are called persistent cookies) and stored in the user's device memory until the user deletes them, or temporary (such cookies are called session cookies), that is, they are stored only until the browser is closed. In addition, cookies are divided into primary (they are set directly by the visited Site) and third-party (set by other websites).
when the user visits the Site again, the cookie data is updated;
in most cases, the web browser by default allows the automatic storage of cookies on the user's device;
Disabling cookies may limit access to published materials and/or poor functioning of the Site's services.
The Company cares about its users and tries to make their stay on the Site as comfortable as possible, for this the Company needs, with the help of cookies, to analyze the user's behavior, preferences, and interests. Such an analysis will help the Company to improve the experience of interaction with the Site, to determine the most convenient interface and navigation on the Site. According to the classification of the International Chamber of Commerce, the Company uses the following categories of cookies:
Strictly necessary cookies - necessary for the user to move around the web page and when using certain services, for example, for accessing protected pages, registration, and authorization, and performing a search on the Site. Also, the user's previous actions are remembered when going to the previous page in the same session.
Operational cookies - aggregate information about how the Site is used. This data is stored on the user's device between web browser sessions. Examples of such data can be the following metrics: time spent on the Site, the most frequently visited pages, understanding which sections and services of the Site were most interesting for the user, how effective this or that advertising and/or marketing campaign is, etc.
All information collected using operational cookies is intended for statistical and analytical purposes. Some cookie data may be provided to third parties who have permission from the web resource and exclusively for the above purposes.
Functional cookies - used to save settings or configurations that are stored on the user's device between web browser sessions. Examples of such data may be the following metrics: user name, profile photo, information on left comments, the language version of the Site, location, information on whether the user has been provided with any information or selected benefits before, as well as other Site setting parameters.
These cookies also allow users to watch videos, participate in interactive activities (polls, voting) and interact with social networks.
In order to create a more pleasant experience after visiting the resource, these cookies remember the information provided by the user, increasing the efficiency of interaction with the Site.
Some cookie data may be provided to third parties who have permission from the web resource and exclusively for the above purposes.
Target cookies - used to provide content that may be of interest to the user. This data is stored on the user's device between web browser sessions. Examples of such data can be the following metrics: tracking of recommended text, graphics, audio, and video material to avoid repeated display, management of targeted advertising, evaluation of the effectiveness of advertising campaigns, information about the user's visit to other resources during transitions, as well as other parameters of the Site settings.
The Site may share this information with other parties, including media clients, advertisers, agencies, and related business partners, in order to provide quality targeted advertising. For prompt delivery, better display, and detailed analysis of the content on the Site, the Company uses services owned by other third-party companies, such as Facebook, Twitter, Instagram, Alphabet Inc. and
cookie setting configuration for web browsers of mobile devices may differ;
it is worth reminding that full-fledged work with the Site is available only when using cookies;
Disabling cookies may limit access to the content and poor functioning of the Site's services.
Information about users obtained with the help of cookies is not sold or distributed in public and is also the property of the Company that owns the resource.
Interaction of the Site with other resources
When the user uses the services on the pages of the Site, the codes of other Internet resources and third parties may be present, as a result of which such Internet resources and third parties receive your data. Therefore, these Internet resources can receive and process information about the fact that you have visited these pages, as well as other information transmitted by the user's browser.
The Company needs the use of the specified Internet resources for operational analysis of visits to the Site, internal and external evaluation of the Site's attendance, the depth of views, and user activity. The company does not store or process data obtained from these Internet resources. Accordingly, if the user, for any reason, does not want the specified Internet resources to access his personal data, the user can, at his own will, log out of his account or profile, and clear cookies (through his browser).
Safety of minors
The Services are not intended for minor users. Society takes safety issues very seriously, especially with regard to minors, and in this regard, Society, for its part, appeals to parents to explain to their children Internet safety issues, their specific purpose, and the need for using certain Services of the Company.
Interaction of the Company with third parties regarding personal data
The Company does not transfer personal data to third parties, except when such transfer is required by law, at the request of the subject of personal data or in other cases set forth in this Policy. The Company understands that personal information is valuable and an integral part of the personal non-property rights of any natural person, therefore it takes all possible measures to protect the personal information of users voluntarily and knowingly transferred by the latter to the Company.
The Site may contain links to other websites (exclusively for informational purposes). If you link to other websites, this Policy will not apply to such websites. Therefore, the Company recommends reviewing the privacy and personal data policy of each website before submitting any personally identifiable information.
Confidentiality of the activity of the subject of personal data in the Services
Information about the activity (traffic) of users in the Services passing through the network or the user's e-mail is protected in accordance with the law. That is, the Company does not in any way or way violate the secrecy of the user's activity when the latter uses the Services.
Protection of personal data
The company uses generally accepted standards of technological and operational protection of information and personal data against loss, misuse, alteration, or destruction. However, despite its best efforts, the Company cannot guarantee absolute security against any threats arising outside of the Company's control.
The Company ensures the application of all relevant confidentiality obligations, as well as technical and organizational security measures to prevent unauthorized or illegal disclosure or processing of such information and data, their accidental loss, destruction, or damage.
The Company provides access to information and personal data only to authorized employees and third parties who have agreed to ensure the confidentiality of such information and data in accordance with the Company's requirements and in the cases stipulated by the Policy.
Dissemination of personal data without the consent of the subject of personal data or a person authorized by him is allowed in cases defined by law and only (if necessary) in the interests of national security, economic well-being, and human rights.
The security of the Company's customer account on the Services depends on how the customer stores the computer, mobile phone, tablet or another device, password(s), PIN, or other information that allows access to the customer's accounts on the relevant Service, and whether the Company's client distributes this information to third parties. In the event that the Company's client voluntarily provides his computer, mobile phone, tablet, or other device and/or the above information to third parties, the third party will have access to the Company's client account in the Services and the personal information of this client, while the Company does not is responsible for such cases.
The Company's client is directly responsible for controlling access to his computer, mobile phone, tablet, or another mobile device, a mobile application that may be installed on his computer, mobile phone, tablet or another mobile device, the Company's client is also responsible responsibility for storing their passwords and/or PINs and for distributing (disseminating) this information to third parties.
Terms of access to personal data
The procedure for accessing the personal data of third parties is determined by the terms of the user's consent given by the owner of personal data to the processing of this data, or in accordance with the requirements of the law.
Consent must be given through a clear and affirmative action that establishes a free, specific, justified, and unambiguous indication of the consent of the subject of personal data to the processing of personal data concerning him, including a written statement submitted, including in electronic form, or oral statement. Such consent may also include ticking the box when visiting the Site, choosing technical settings of information services or other documentary evidence or methods of action that clearly indicate, in this context, the data subject's acceptance of the proposed processing of his personal data. Silence, a previously ticked box when visiting the Services or inaction should not, in turn, be considered as consent. Consent must cover all data processing that is carried out for the same purpose or for the same purpose. In the event that data processing has several purposes, consent is required for each of them. If the data subject's consent is given pursuant to a request, by electronic means, this request must be clear, and distinct and must not unreasonably interfere with the use of the service for which it is intended.
The company takes all necessary measures to confirm that the data subject has given consent to the procedure for processing personal data. The user has the right to receive any information about himself from any subject of relations related to personal data, provided that the surname, first name and patronymic, place of residence (place of stay), and details of the document that certifies the natural person who submits the request, except for cases established by law.
User access to personal data is free of charge.
Delaying the user's access to his personal data is not allowed.
Postponement of access to the personal data of third parties is allowed if the necessary data cannot be provided within thirty calendar days from the date of receipt of the request. At the same time, the total term for solving the issues raised in the request cannot exceed forty-five calendar days.
The notice of postponement is brought to the attention of the third party who submitted the request in writing with an explanation of the procedure for appealing such a decision.
The decision to delay or deny access to personal data can be appealed to the Commissioner of the Verkhovna Rada of Ukraine for Human Rights or to a court.
Rights of the subject of personal data
The company informs you about your rights as a subject of personal data, which are regulated by the Law of Ukraine "On the Protection of Personal Data", namely:
1. to know about the sources of collection, the location of their personal data, the purpose of their processing, the location or place of residence (residence) of the owner or manager of personal data or to give an appropriate mandate to obtain this information to persons authorized by him, except for cases established by law;
2. to receive information about the terms of providing access to personal data, in particular, information about third parties to whom his personal data is transferred;
3. to access your personal data;
4. to receive no later than thirty calendar days from the date of receipt of the request, except in cases provided by law, an answer on whether his personal data is being processed, as well as to receive the content of such personal data;
5. present a reasoned demand to the owner of personal data with an objection to the processing of his personal data;
6. make a reasoned demand for the change or destruction of your personal data by any owner and administrator of personal data, if these data are processed illegally or are unreliable;
7. to protect your personal data from illegal processing and accidental loss, destruction, or damage due to intentional concealment, failure to provide, or untimely provision of data, as well as protection from providing information that is unreliable or dishonors honor, dignity, and business reputation natural person;
8. file complaints about the processing of your personal data to the Commissioner for Human Rights of the Verkhovna Rada of Ukraine or to the court;
9. apply legal remedies in case of violation of the legislation on the protection of personal data;
10. enter a reservation regarding the limitation of the right to process one's personal data when giving consent;
11. withdraw consent to the processing of personal data;
12. know the mechanism of automatic processing of personal data;
13. to protect against an automated decision that has legal consequences for him.
To update, obtain access, make changes, block or delete your personal data, withdraw your consent to the processing of personal data that you have given to the Company in accordance with this Policy, or in case of any comments, wishes, or claims regarding your personal data, which are processed by the Society, please contact the email address: (hidden) or write a letter to the address: 04116, Ukraine, Kyiv city, Staro-Kyivska street, building 14.
Consent of the subject of personal data
The subject of personal data can give consent to the processing (including transfer) of personal data in written form (including electronic, which includes how to put a corresponding mark, send a password/code or send data to the Company using means of communication: Company Services, e-mail, messengers, etc.) or in a form that allows us to conclude that consent has been given. Any form of consent confirms the client or potential client's familiarization with the above information, in particular: about the sources of personal data collection; location of personal data; purposes of their processing; conditions for providing access to personal data, their transfer and about third parties to whom personal data may be transferred; about the location of the owner and controller of personal data.
Changes and additions may be made to this Policy from time to time and without prior notice to the user, including when the requirements of the law change.
In the case of significant changes to this Policy, the Company will post a notice on the Services and indicate the date of entry into force of these changes. If you do not refuse to accept them in writing within the specified period, this will mean that you agree to the relevant changes to the Policy.
Please review the Policy from time to time in order to be aware of any changes or additions.