Privacy Policy

Last updated: 11.11.2011

This Privacy Policy (hereinafter – the Policy) applies to all information that Crystal Spring LLP and/or its affiliates, including all entities within the Crystal Spring group (hereinafter – Crystal Spring), may obtain about a user while using any Crystal Spring websites, services, programs, or products (hereinafter – the Services, Crystal Spring Services). User consent to provide personal information under this Policy for one entity within Crystal Spring applies to all entities within the Crystal Spring group.

By using Crystal Spring Services, the user confirms their unconditional agreement with this Policy and the terms of personal data processing described herein. If the user does not agree with the terms of this Policy, they must refrain from using the Services.

1. Personal Information Collected and Processed by Crystal Spring

1.1.

For the purposes of this Policy, user personal information includes:

1.1.1. Personal information voluntarily provided by the user during registration (account creation) or while using the Services, including personal data. Information required to provide the Services is specially marked. Other information is provided at the user’s discretion.

1.1.2. Data automatically transmitted to Crystal Spring Services during their use via software installed on the user’s device, including IP address, cookie data, browser information (or other programs used to access the Services), access time, and requested page address.

1.1.3. Other information about the user, the collection and/or provision of which is defined in the regulatory documents of individual Crystal Spring Services.

1.2.

This Policy applies only to Crystal Spring Services. Crystal Spring does not control and is not responsible for third-party websites accessed via links on Crystal Spring websites, including search results. Other personal information may be collected or requested on such websites, and other actions may be performed.

1.3.

Crystal Spring generally does not verify the accuracy of personal information provided by users or their legal capacity. However, Crystal Spring assumes that users provide accurate and sufficient personal information and keep it up to date.

2. Purposes of Collecting and Processing User Personal Information

2.1.

Crystal Spring collects and stores only personal data necessary to provide Services and to fulfill agreements and contracts with users.

2.2.

Crystal Spring may use user personal information for the following purposes:

• 2.2.1. Identifying the party in agreements and contracts with Crystal Spring;
• 2.2.2. Providing users with personalized Services;
• 2.2.3. Communicating with users when necessary, including sending notifications, requests, and information related to the use of Services and handling user requests;
• 2.2.4. Improving Service quality, usability, and developing new Services and offerings;
• 2.2.5. Targeting advertising materials and promotional content;
• 2.2.6. Conducting statistical and other research.

3. Conditions for Processing and Sharing User Personal Information with Third Parties

3.1.

Crystal Spring stores user personal information in accordance with the internal regulations of each Service.

3.2.

User personal information remains confidential, except when it is voluntarily made publicly available by the user. When using certain Services, some user personal information may become publicly accessible.

3.3.

Crystal Spring may share user personal information with third parties in the following cases:

• 3.3.1. The user has explicitly consented to such sharing;
• 3.3.2. The transfer is necessary to use a particular Service or to provide a service to the user. In such cases, confidentiality is ensured, and the user is explicitly informed;
• 3.3.3. The transfer is required by the legislation of the Republic of Kazakhstan or other applicable laws, in accordance with established legal procedures;
• 3.3.4. The transfer occurs in connection with the sale or other transfer of a business (in whole or in part), with all obligations under this Policy transferring to the recipient.

3.4.

In processing personal data, Crystal Spring complies with applicable regulatory documents of the Republic of Kazakhstan.

4. User Modification of Personal Information

4.1.

Users may at any time modify (update or supplement) their personal information or parts thereof, as well as privacy settings, using the personal data editing functionality available in the Profile section of the relevant Service.

5. Measures for Protecting User Personal Information

Crystal Spring takes necessary and sufficient organizational and technical measures to protect user personal information from unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, and other unlawful actions by third parties.

6. Changes to the Privacy Policy. Applicable Law

6.1.

Crystal Spring may make changes to this Privacy Policy. When changes are made, the date of the last update is indicated. The new version enters into force upon publication unless otherwise specified.

The current version of the Privacy Policy is always available at:
https://crystalspring.kz/en/privacy-policy/

6.2.

The laws of the Republic of Kazakhstan apply to this Policy and to relations between the user and Crystal Spring arising from its application.

7. Feedback. Questions and Suggestions

All questions and suggestions regarding this Privacy Policy should be directed to the Crystal Spring User Support Service:
https://crystalspring.kz/en/contacts/, or sent by mail to: Crystal Spring LLP 050008, Republic of Kazakhstan, Almaty, 280 Bayzakova Street, North Tower.