Privacy Policy
General Provisions
This Personal Data Processing Policy defines the procedure for processing personal data and the measures taken to ensure the security of personal data by MANIFEST AM Limited Liability Company (hereinafter referred to as the "Operator").
1.1. The Operator's most important goal and condition for its activities is the observance of human and civil rights and freedoms when processing their personal data, including the protection of the rights to privacy, personal and family secrets.
1.2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website https://schoolamschool1.am/.
2. Basic Concepts Used in the Policy
2.1. Automated processing of personal data – processing of personal data using computer technology;
2.2. Blocking of personal data – temporary cessation of personal data processing (except in cases where processing is necessary to clarify personal data);
2.3. Website – a set of graphical and informational materials, as well as computer programs and databases ensuring their availability on the internet at the network address https://schoolamschool1.am/;
2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing;
2.5. Depersonalization of personal data — actions as a result of which it is impossible to determine, without the use of additional information, the belonging of personal data to a specific User or other subject of personal data;
2.6. Processing of personal data – any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
2.7. Operator – a state body, municipal body, legal or natural person, independently or jointly with other persons organizing and/or carrying out the processing of personal data, as well as determining the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data;
2.8. Personal data – any information relating directly or indirectly to a specific or identifiable User of the website https://schoolamschool1.am/;
2.9. User – any visitor to the website https://schoolamschool1.am/;
2.10. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific circle of persons;
2.11. Dissemination of personal data – any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or familiarizing an unlimited number of persons with personal data, including the publication of personal data in the mass media, posting in information and telecommunication networks, or providing access to personal data in any other way;
2.12. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual, or a foreign legal entity;
2.13. Destruction of personal data – any actions as a result of which personal data are destroyed irretrievably with the impossibility of further restoring the content of personal data in the personal data information system and/or material carriers of personal data are destroyed.
3. The Operator may process the following User's personal data
3.1. Last name, first name, patronymic;
3.2. Phone numbers;
3.3. The site also collects and processes anonymized data about visitors (including "cookies") using internet statistics services (Yandex Metrica, Google Analytics, and others).
3.4. The above data hereinafter in the Policy are collectively referred to as Personal Data.
4. Purposes of personal data processing
4.1. The purpose of processing the User's personal data is to inform the User by sending emails.
4.2. The Operator also has the right to send the User notifications about new products and services, special offers, and various events. The User can always refuse to receive informational messages by sending the Operator an email to moneyfestam@gmail.com with the note "Refusal of notifications about new products and services and special offers."
4.3. Anonymized User data collected using internet statistics services serve to collect information about the User's actions on the site, improve the quality of the site and its content.
5. Legal grounds for personal data processing
5.1. The Operator processes the User's personal data only if they are filled in and/or sent by the User independently through special forms located on the site https://schoolamschool1.am/. By filling out the relevant forms and/or sending their personal data to the Operator, the User expresses their consent to this Policy.
5.2. The Operator processes anonymized data about the User if it is allowed in the User's browser settings (saving "cookies" and using JavaScript technology are enabled).
6. Procedure for collection, storage, transfer, and other types of personal data processing
6.1. When processing personal data, the Operator takes necessary legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions in relation to personal data.
6.2. Ensuring the security of personal data is achieved, in particular, by:
  • identifying threats to the security of personal data during their processing in personal data information systems;
  • applying organizational and technical measures to ensure the security of personal data during their processing in personal data information systems necessary to meet the requirements for personal data protection, the implementation of which ensures the levels of personal data protection established by the Government of the Republic of Uzbekistan;
  • applying information protection means that have passed the conformity assessment procedure in accordance with the established procedure;
  • assessing the effectiveness of measures taken to ensure the security of personal data before putting the personal data information system into operation;
  • accounting for machine carriers of personal data;
  • detecting facts of unauthorized access to personal data and taking measures;
  • restoring personal data modified or destroyed due to unauthorized access to them;
  • establishing rules for access to personal data processed in the personal data information system, as well as ensuring registration and accounting of all actions performed with personal data in the personal data information system;
  • monitoring the measures taken to ensure the security of personal data and the level of protection of personal data information systems.
  • 6.3. If inaccuracies in personal data are identified, the User can update them independently by sending a notification to the Operator's email address moneyfestam@gmail.com with the note "Updating personal data."
  • 6.4. The period for processing personal data is unlimited. The User may at any time withdraw their consent to the processing of personal data by sending a notification to the Operator via email to the Operator's email address moneyfestam@gmail.com with the note "Withdrawal of consent to the processing of personal data."
  • 6.5. Measures to ensure the security of personal data during their processing.
  • When processing personal data, the Operator takes necessary legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions in relation to personal data.
  • 6.6. Ensuring the security of personal data is achieved, in particular, by:
  • identifying threats to the security of personal data during their processing in personal data information systems;
  • applying organizational and technical measures to ensure the security of personal data during their processing in personal data information systems necessary to meet the requirements for personal data protection, the implementation of which ensures the levels of personal data protection established by the Government of the Republic of Uzbekistan;
  • applying information protection means that have passed the conformity assessment procedure in accordance with the established procedure;
  • assessing the effectiveness of measures taken to ensure the security of personal data before putting the personal data information system into operation;
  • accounting for machine carriers of personal data;
  • detecting facts of unauthorized access to personal data and taking measures;
  • restoring personal data modified or destroyed due to unauthorized access to them;
  • establishing rules for access to personal data processed in the personal data information system, as well as ensuring registration and accounting of all actions performed with personal data in the personal data information system;
  • monitoring the measures taken to ensure the security of personal data and the level of protection of personal data information systems.
  • 6.7. The Operator complies with PCI DSS requirements.
  • PCI DSS contains requirements for protecting cardholder data. They are mandatory and apply to all companies processing data from Visa, MasterCard, American Express, JCB, Mir, and other payment systems. The cloud infrastructure's compliance with PCI DSS requirements allows customers to use cloud services for processing payment card data and confirms the high level of security provided by the Operator.
  • 6.8. The Operator's information security measures comply with international standards, in particular ISO/IEC 27000.
  • The Operator regularly conducts information security risk assessments, selects competent personnel, etc.
7. Cross-border transfer of personal data
7.1. Before commencing the cross-border transfer of personal data, the Operator is obliged to ensure that the foreign state to whose territory the transfer of personal data is intended to be carried out provides reliable protection of the rights of personal data subjects.
7.2. Cross-border transfer of personal data to the territories of foreign states that do not meet the above requirements can only be carried out if the personal data subject has given written consent to the cross-border transfer of their personal data and/or for the performance of an agreement to which the personal data subject is a party.
8. Final provisions
8.1. The User can receive any clarifications on questions of interest regarding the processing of their personal data by contacting the Operator via email at moneyfestam@gmail.com.
8.2. This document will reflect any changes to the Operator's personal data processing policy. The Policy is valid indefinitely until replaced by a new version.
8.3. The current version of the Policy is freely available on the Internet at https://schoolamschool1.am/.
MANIFEST AM Limited Liability Company
Tax ID: 08265964
Address: 0052, ARMENIA, YEREVAN, ARABKIR DISTRICT, ADONZI str. 14/1
E-mail: moneyfestam@gmail.com