Privacy Policy

1. Collection of Personal Data

1.1. During registration in the Company's mobile application, by filling in the appropriate fields, the user voluntarily provides the Company with the following personal data:

• 1.1.1. First name and/or last name;
• 1.1.2. Personal mobile number;
• 1.1.3. User's location.

1.2. After providing personal data to the Company, in case of any changes to this data, the user is obligated to provide the Company with information about these changes within a reasonable time.

2. Purpose of Collecting and Processing Personal Data

2.1. The Company receives and processes personal data from users for the purpose of user identification and providing quality service to them.

3. Principles of Personal Data Processing

3.1. The Company is guided by the following principles when processing personal data:

• 3.1.1. Personal data must be processed fairly and lawfully, without violating the dignity of the data subject;
• 3.1.2. Data must be processed only for specific, clearly defined, legitimate purposes. Further processing of data for another purpose incompatible with the original purpose is not permitted;
• 3.1.3. Personal data may be processed only to the extent necessary to achieve the relevant legitimate purpose. Data must be adequate and proportionate to the purpose for which it is processed;
• 3.1.4. Data must be genuine and accurate and, if necessary, updated. Data collected without legal basis and incompatible with the purpose of processing must be blocked, deleted, or destroyed;
• 3.1.5. Data may be stored only for the period necessary to achieve the purpose of data processing. After achieving this purpose, the data must be blocked, deleted, or destroyed.

4. Personal Data Storage Period

4.1. The Company stores users' personal data during the period of legal relationship between the Company and the user.

4.2. After termination of the legal relationship between the Company and the user, the Company archives the personal data about the user. In this case, the user is entitled to request the Company to destroy the personal data stored about them.

5. Providing Information to the User

5.1. Upon request by the user, the Company is obligated to provide the user with the following types of information:

• 5.1.1. Information about the user's personal data stored in the Company;
• 5.1.2. Identity of the employee responsible for data processing;
• 5.1.3. Legal basis for data processing;
• 5.1.4. Reason and purpose of data processing;
• 5.1.5. To whom their data was disclosed, the basis and purpose of data disclosure.

6. Processing of Data by an Authorized Person/Company's Authorized Employee

6.1. The Company's authorized person/relevant employee processes the user's personal data only for the purpose defined by this Policy. Further processing of data for any other purpose by the authorized person is not permitted. The authorized person may not transfer the right to process data to another person without the consent of the Company's authorized representative (director).

6.2. The person authorized to process data is obligated to take appropriate organizational and technical measures to protect the data.

6.3. The Company is obligated to monitor the processing of data by the authorized person.

7. File System and File System Catalog

7.1. The Company ensures the structuring of personal data and their arrangement according to specific criteria (file system).

7.2. The Company is obligated to maintain a file system catalog for each file system and record the following information:

• 7.2.1. Name of the file system;
• 7.2.2. Name and address of the Company and the person authorized to process data, place of data storage and/or processing;
• 7.2.3. Legal basis for data processing;
• 7.2.4. Category of data subjects/users;
• 7.2.5. Category of data in the file system;
• 7.2.6. Purpose of data processing;
• 7.2.7. Data storage period;
• 7.2.8. Fact and basis for restriction of data subject's rights;
• 7.2.9. Recipients of data placed in the file system and their categories;
• 7.2.10. Information about the transfer of data to another state and international organization and the basis for such transfer;
• 7.2.11. General description of the procedure established for data security protection.

8. Personal Data Security

8.1. Personal data obtained by the Company/provided by the user is stored in electronic form, in the system of the Company's mobile application in which the user registers (hereinafter - the System).

8.2. The personal data in the System is accessible to the relevant employee of the Company, who is obligated to ensure the confidentiality of the data, including after the termination of official authority.

9. Transfer of Personal Data to Third Parties

9.1. The Company is authorized, to protect its rights, to transfer the user's personal data to those third parties who participate in the process of protecting the Company's rights, for example: a lawyer, an expert, etc.

9.2. The Company is authorized to transfer the user's personal data to the contractor who ensures the facilitation of the service to be provided by the Company to the user.

9.3. The transfer of users' personal data by the Company to third parties may be carried out only to the extent necessary for the purposes of the transfer.

9.4. In the cases defined by sub-paragraphs 9.1 and 9.2 of this Policy, the Company is obligated to ensure that the third-party recipients of personal data are obligated to protect the confidentiality of personal data.

9.5. In case of transfer of personal data to third parties, the Company is obligated to store the following information: what type of personal data was transferred to third parties; to whom the personal data was transferred; when and on what legal basis the personal data was transferred. This information must be stored with the user's personal data during their storage period.

10. Responsibility of the Parties

10.1. In case of violation of the requirements provided by this Policy, at the request of the interested person, the Company shall be liable in accordance with the procedure established by Georgian legislation.