Ukraine, EDRPOU code 39045976

Limited Liability Company "Academy of Public-Private Partnership"

June 1, 2020


Personal Data Processing Policy

1. INTRODUCTION

1.1. The policy for the processing of personal data (hereinafter referred to as the “Policy”) is published and applied by the LLC Academy of Public-Private Partnership (hereinafter referred to as the “Operator”) in accordance with the Law of Ukraine “On the Protection of Personal Data” (Vidomosti Verkhovnoyi Radi Ukrainy (VVR), 2010 , No. 34, Article 481)) (hereinafter - the Law).

This Policy defines the procedure and conditions of the Operator in relation to the processing of personal data, establishes provisions aimed at compliance with the laws of Ukraine regarding the processing of personal data.

All issues related to the processing of personal data that are not regulated by this Policy shall be resolved in accordance with the current legislation of Ukraine in the field of personal data.

2. MAIN PROVISIONS

2.1. The purpose of personal data processing is the provision of services by the Operator on behalf of the subject of personal data.

2.2. Processing is organized by the Operator on the principles of:

•        the legality of the purposes and methods of personal data processing, integrity and fairness in the activities of the Operator;

•        the reliability of personal data, its sufficiency for the purposes of processing, the inadmissibility of processing of personal data that is excessive in relation to the goals stated during the collection of personal data;

•        processing of only those personal data that meet the goals of their processing. The processed personal data should not be redundant in relation to the specified goals of their processing;

•        compliance of the content and volume of processed personal data with the specified processing goals.

•        inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes incompatible with each other;

•        ensuring the accuracy of personal data, its adequacy, and, if necessary, relevance in relation to the purposes of personal data processing. The Operator takes the necessary measures or ensures their adoption to delete or clarify incomplete or inaccurate data;

•        storing personal data in a form that allows to determine the subject of personal data, no longer than it is required by the goals of personal data processing

2.3. The Operator processes the following personal data:

•        name, surname of the subject of personal data;

•        telephone number of the subject of personal data;

•        e-mail of the subject of personal data.

2.4. The personal data specified above is processed using automation tools and without using automation tools.

2.5. When processing personal data, the Operator applies legal, organizational and technical measures to ensure the security of personal data in accordance with the Law. The Operator provides services by placing its educational programs on the website https://academy-ppp.com/, using the “GETCOURSE 2.0.” Software, designed to create online schools and organize the learning process on the Internet. GETCOURSE 2.0. Software, hosted on getcourse.ru, uses the HTTPS extension to the HTTP protocol in order to increase security and protect information.

2.6. The Operator does not disclose to third parties and does not distribute the personal data without the consent of the subject of personal data, except as otherwise provided for by applicable laws of Ukraine and this Policy.

2.7. The assessment of the harm that may be caused to the personal data subjects in case of violation by the Operator of the requirements of the Law of Ukraine “On the protection of personal data” is determined in accordance with this Law.

2.8. Conditions of personal data processing by the Operator:

1) personal data is processed by the Operator after the acceptance by the subject of personal data of an offer to provide services.

2) the personal data subject accepts the offer on his own initiative and is a party and beneficiary under the agreement concluded by him. Separate consent for the processing of personal data of the subject in this case is not required.

3) the conditions of this Policy are available to users in the open access until the acceptance of the offer to provide services.

4) changes and amendments may be made to this Policy periodically and without prior notice to the user, including if the requirements of the law are changed. If significant changes are made to this Policy, the Operator will post a message on the Site and indicate the date on which these changes take effect. If within the specified period the user does not refuse to accept them in writing, this means that the user agrees with the relevant changes to the Policy.

5) users shall occasionally review the Policy in order to be aware of any changes or amendment.

2.9. The storage of users' personal data is carried out in a form that allows determining the subject of personal data.

2.10. Personal data is a subject to destruction upon the achievement of processing goals. The removal of personal data is carried out by deleting the account, after which such a record cannot be restored.

2.11. Interaction with executive authorities on the processing and protection of personal data of entities whose personal data is processed by the Operator is carried out in accordance with the legislation of Ukraine.

3. THIRD PARTIES PARTICIPATING IN PERSONAL DATA PROCESSING

3.1. GETCOURSE System LLC (https://getcourse.ru/) Individual tax number 9731055900 / KPP 773101001, OGRN 1197746675170, location: 121596, Moscow city, Gorbunova street, building 2, section 3, room 3.

3.2. Hosting services and dedicated server services are provided by Selectel LLC https://selectel.ru/about/details.

4. RESPONSIBLE FOR PERSONAL DATA PROCESSING

4.1. The Operator or its legal representative is responsible for the processing of personal data.

4.2. Responsible for the processing of personal data:

4.2.1. exercises internal control over compliance with the legislation of Ukraine on personal data, including the requirements for the protection of personal data;

4.2.2. controls the reception and processing of appeals and requests of personal data subjects or their representatives;

4.2.3. takes measures to detect facts of unauthorized access to personal data;

4.2.4. performs constant monitoring to ensure the level of security of personal data;

5. PROCEDURE OF ENSURING BY THE OPERATOR OFTHE RIGHTS OF THE PERSONAL DATA SUBJECT

5.1. Personal data subjects or their representatives have the rights

stipulated by the Law of Ukraine “On the Protection of Personal Data”.

5.2. In order to update, access, amend, block or delete your personal data, revoke your consent to the processing of personal data that you provided to the Operator in accordance with this Policy, or if there are any comments, suggestions or claims regarding your personal data, processed by the Operator, contact the Operator by e-mail at info@academy-ppp.com or by phone + 380-95-445-17-75

5.3. The Operator ensures the rights of the subjects of personal data in the manner prescribed by the Law of Ukraine “On the protection of personal data”.

5.4. The right of a personal data subject to access his personal data may be limited in accordance with the legislation of Ukraine.