Privacy Policy

 

1. Basic Concepts

Personal data – any information relating to an identified or identifiable individual (personal data subject) or legal entity, recorded on electronic, paper, and/or other material media.

User – any visitor to the Website.

Processing of personal data – any action (operation) or set of actions (operations), performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, supplementation, modification), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.

Confidential information – any information not publicly available and disclosed by the disclosing party to the receiving party in any manner not prohibited by law, which is not subject to disclosure, as notified by the disclosing party at the time of or prior to disclosure.

Website – a collection of graphic and informational materials, as well as software and databases, ensuring their availability on the Internet at the domain address movato.com, owned by the Company.

Use of personal data – actions with personal data aimed at achieving the purposes of the owner, the Company, or a third party.

Storage of personal data – actions ensuring the integrity, confidentiality, and availability of personal data.

Accumulation of personal data – actions involving the systematization of personal data by entering it into a database containing personal data.

Collection of personal data – actions aimed at obtaining personal data.

Destruction of personal data – actions that make it impossible to restore personal data.

Depersonalization of personal data – actions that make it impossible to determine the ownership of personal data by a data subject.

Personal data subject (hereinafter – subject) – an individual to whom the personal data relates.

Third party – a person who is not the subject, owner, and/or the Company, but is associated with them through circumstances or legal relationships involving the collection, processing, and protection of personal data.

Authorized body for the protection of personal data (hereinafter – authorized body) – the central executive body responsible for overseeing the protection of personal data.

Protection of personal data – a set of measures, including legal, organizational, and technical, taken to achieve the purposes established by this Law.

Terms not defined in this section of the Policy shall be interpreted in accordance with the applicable legislation of the Republic of Kazakhstan.

 

2. Introduction

2.1 At LLP "MOVATO" (“the Company,” “we,” “our,” or “us”), we recognize the importance of protecting our users’ personal data and are committed to maintaining the highest standards of privacy and security. This Privacy Policy describes how we collect, process, store, and protect users’ information in connection with the operation of our website movato.com and the provision of our services, including authentication via Google and Facebook login.

2.2 By accessing or using our services, you confirm that you have read, understood, and agree to the terms outlined in this Privacy Policy. If you do not agree with any part of this Policy, please refrain from using our website and services.

 

3. General Provisions

3.1 The Privacy Policy has been developed and approved in accordance with the current legislation of the Republic of Kazakhstan.

3.2 This Policy is publicly available and shall be published on the Company’s website on the Internet.

3.3 This Policy applies only to the Website (as defined below). The Company is not responsible for third-party websites that the User may access via links available on the Website.

3.4 The Company has the right to:

3.4.1 With the consent of the personal data subject, to entrust the processing of their personal data to another party, unless otherwise provided by law, based on the Company’s instruction and a contract concluded with that party;

3.4.2 To provide the Personal Data of subjects to third parties if this is provided for by the current legislation of the Republic of Kazakhstan.

3.4.3 Refuse to provide Personal Data in cases stipulated by the legislation of the Republic of Kazakhstan.

3.4.4 Use the Personal Data of the subject without their consent in cases provided by the legislation of the Republic of Kazakhstan.

3.4.5 Independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations provided by the Law and the regulations adopted in accordance with it, unless otherwise specified by the Law.

3.5 The Company shall:

Take all necessary and sufficient measures to ensure compliance with the obligations stipulated by the Personal Data Law and the regulatory legal acts adopted in accordance with it;

3.5.1 Provide the authorized body for the protection of the rights of personal data subjects, upon its request, with the required information within 30 (thirty) days from the date of receiving such a request;

3.5.2 Publish or otherwise ensure unrestricted access to this Policy;

3.5.3 Implement legal, organizational, and technical measures to protect Personal Data from unlawful or accidental access, destruction, modification, blocking, copying, disclosure, dissemination, as well as from other unlawful actions regarding Personal Data;

3.5.4 Terminate the transfer (provision, access) of Personal Data, cease processing, and destroy Personal Data in the manner and cases stipulated by the Personal Data Law;

3.5.5 Fulfill other obligations stipulated by the Personal Data Law.

3.6 Personal Data Subjects shall:

3.6.1 Provide the Company with accurate information about themselves;

3.6.2 Notify the Company of any updates (modifications, changes) to their Personal Data.

3.7 Personal Data Subjects have the right to:

3.7.1 Access their Personal Data, including the right to obtain a copy of any record containing their Personal Data, except in cases provided by the legislation of the Republic of Kazakhstan;

3.7.2 Request the Company to clarify, block, or destroy their Personal Data if such data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, as well as to take legal measures to protect their rights;

3.7.3 Withdraw their consent to the Processing of Personal Data;

3.7.4 Take legal measures to protect their rights in accordance with the legislation of the Republic of Kazakhstan;

3.7.5 Appeal to the authorized body for the protection of personal data subjects’ rights or to a court of law against unlawful actions or omissions in the Processing and protection of their Personal Data;

3.7.6 Exercise other rights granted under the legislation of the Republic of Kazakhstan.

 

4. Information Collected by the Company

In the course of providing our services, we collect and process certain categories of personal data as specified below:

4.1 Personal Information Provided by Users
When you authenticate through Google or Facebook login, we receive the following data from your linked account:

4.1.1 Full name (as specified in the respective authentication provider's account)

4.1.2 Email address

This data is used exclusively for purposes of user authentication, account management and service provision.

4.2 Automatically Collected Information
To enhance our platform's performance and improve user experience, we use Google Analytics to collect anonymous data including, but not limited to:

4.2.1 User's anonymized IP address

4.2.2 Browser type and version

4.2.3 Device type, operating system and screen resolution

4.2.4 Pages visited, session duration and user interaction

4.2.5 Referrers and traffic sources

This data helps us optimize service delivery and analyze aggregated user behavior patterns.

 

5. Cookies

5.1 Cookies are small text files that are stored on your device (computer, tablet, smartphone) when you visit any of our Sites. Cookies are widely used to improve website functionality and to provide information to website owners.

5.2 The Company uses cookies for the following purposes:

5.2.1 To ensure proper operation of the Site and the Company's Application, including maintaining security and functionality of User accounts;

5.2.2 To analyze User traffic and behavior on the Site and in the Company's Application, which helps us improve content and functionality;

5.2.3 To display relevant advertisements to visitors and measure the effectiveness of advertising campaigns.

5.3 When a User encounters a cookie consent pop-up window, they may choose to accept or decline cookies. However, the Company strongly recommends reviewing this Policy before making a decision regarding cookie acceptance/refusal.

5.4 Users can manage cookie settings through their browser settings. Most browsers allow you to:

5.4.1 Delete cookies;

5.4.2 Block cookies;

5.4.3 Receive notifications before cookies are saved.

5.5 If the User decides to disable cookies, some features of the Site and the Company's Application may not work correctly, which may restrict the User's access to certain sections and services.

 

6. Purposes and Legal Basis for Collection and Processing of Personal Data

6.1 Purposes of processing User's Personal Data:

6.1.1 Establishing communication with the User, including sending notifications and inquiries related to the provision of services by the Company, processing the User's requests and applications, and sending (receiving) to Users the results of services provided and products;

6.1.2 Sending (distribution) of notifications to the User about new services and various events;

6.1.3 Conducting User surveys for the Company's market research, identifying customer satisfaction/dissatisfaction with the Partnership's services, and improving service quality.

6.2 Anonymized User data collected through internet statistics services is used to gather information about Users' actions on the website, improve the quality of the website and its content.

6.3 The legal basis for the Processing of personal data by the Company is the User's consent to the Processing of their personal data, which is considered to be provided electronically when the User uses the Website. The User is duly notified and confirms that they have read, agree to, and accept all terms of this Policy.

 

7. Principles of Personal Data Processing

7.1 The Company processes Personal Data in accordance with the following principles:

7.1.1 Processing of personal data is carried out on a lawful and fair basis, while respecting constitutional rights and freedoms of individuals, maintaining confidentiality of restricted-access personal data, ensuring equal rights of data subjects, owners and operators, and safeguarding the security of individuals, society and the state;

7.1.2 Processing of personal data is limited to achieving specific, predetermined and lawful purposes. Processing of personal data incompatible with the purposes of Personal Data collection is prohibited;

7.1.3 Combining databases containing personal data processed for incompatible purposes is prohibited;

7.1.4 Only Personal Data that meets the purposes of its processing shall be processed;

7.1.5 The content and scope of processed Personal Data correspond to the stated processing purposes. Processing of Personal Data that is excessive in relation to the stated processing purposes is prohibited;

7.1.6 During Processing of personal data, the accuracy of Personal Data provided by the User, its sufficiency, and when necessary, its relevance to the purposes of Personal Data Processing shall be ensured. The Company takes necessary measures and/or ensures their implementation to delete or correct incomplete or inaccurate data;

7.1.7 Storage of Personal Data is carried out in a form that allows identification of the personal data subject for no longer than required by the purposes of Personal Data Processing, unless the retention period for Personal Data is established by Kazakhstani legislation, or by an agreement where the personal data subject is a party, beneficiary or guarantor. Processed Personal Data shall be destroyed or anonymized upon achieving the processing purposes or when the need to achieve these purposes no longer exists, unless otherwise provided by Kazakhstani legislation.

 

8.  Procedure for Collection, Storage, Transfer and Other Types of Personal 

Data Processing

8.1 Processing of personal data is carried out with the consent of the personal data subject to the processing of their Personal Data.

8.2 Processing of personal data is necessary and carried out to achieve the purposes specified in this Policy. Processing is performed by the Company and third parties acting on its behalf through such actions as collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of Personal Data. Processing may be performed both by automated and non-automated means.

8.3 Confidentiality of Users' Personal Data is maintained. We and other persons who have gained access to Personal Data are obliged not to disclose to third parties or disseminate Personal Data without the consent of the personal data subject, unless otherwise provided by the legislation of Kazakhstan.

8.4 We do not verify the accuracy of the information received (collected) about Users, except in cases where such verification is necessary to comply with legal requirements and/or obligations to the User.

8.5 The User's Personal Data will never, under any circumstances, be transferred to third parties, except in cases related to compliance with applicable legislation or when the personal data subject has given us consent to transfer the data to a third party.

8.6 The User may at any time modify (update, supplement) their Personal Data and information about themselves, provided that such changes and corrections contain current and accurate information.

8.7 The User may at any time withdraw their consent to the Processing of personal data.

 

9. International Data Transfer

 9.1 Given that we use AWS cloud services, user data may be processed in jurisdictions outside the user's country of residence. However, we apply industry-standard protection measures to ensure such transfers comply with applicable privacy laws.

 

10.  Updates and Changes to the Policy

10.1 We reserve the right to modify this Privacy Policy at any time to reflect changes in regulatory requirements, technological developments, or business practices. In case of substantial changes, users will be notified through website updates or direct communication. Continued use of our services after such changes constitutes acceptance of the updated policy.
Last updated: 04-Apr-2025

 

11. Contact Information

 For any inquiries regarding this Privacy Policy or your personal data, please contact us:
📧 Email: [email protected]

🌍 Website: movato.com