Personal Data Processing Policy
Personal Data Processing Policy of the JetUP Platform |
|
1. General Provisions
1.1. This Personal Data Processing Policy (hereinafter — the "Policy") applies to all information that LLC "JETUP" (legal address: Uznadze str., 111, b. 11, Building 2, Didube district, Tbilisi, Georgia) (hereinafter — the "Company") may receive about a user while using the JETUP platform (hereinafter — the "Platform").
1.2. Use of the Platform means unconditional agreement of the user with this Policy and the conditions for processing their personal data specified therein. In case of disagreement with these conditions, the user should refrain from using the Platform.
1.3. This Policy has been developed in accordance with Georgian legislation on personal data and international standards in the field of personal data protection.
2. Terms and Definitions
2.1. Personal data - any information relating directly or indirectly to a specific or identifiable natural person (the subject of personal data).
2.2. Processing of personal data - any action (operation) or set of actions (operations) performed with or without the use of automation means with personal data.
2.3. Confidentiality of personal data - a requirement binding on the Company not to allow their dissemination without the consent of the subject of personal data or the presence of another legal basis.
2.4. User - a natural person using the Platform.
3. Purposes of Personal Data Processing
3.1. The Company processes Users' personal data for the following purposes:
3.1.1. Identification of the User to create an account and provide access to the Platform.
3.1.2. Provision of personalized Platform services to the User.
3.1.3. Communication with the User, including sending notifications, requests, and information regarding the use of the Platform, as well as processing requests and applications from the User.
3.1.4. Improving the quality of the Platform, convenience of its use, development of new services and offerings.
3.1.5. Conducting statistical and other research based on anonymized data.
3.1.6. Fulfillment of requirements of legislation in the field of combating money laundering (laundering) of proceeds obtained through criminal means and terrorism financing (AML/CFT).
4. Volume and Categories of Processed Personal Data
4.1. The Company processes the following categories of Users' personal data:
4.1.1. Last name, first name, patronymic
4.1.2. Date of birth
4.1.3. Email address
4.1.4. Phone number
4.1.5. Residential/registration address
4.1.6. Identity document data
4.1.7. Photo of identity document
4.1.8. IP address
4.1.9. Browser and device information
4.1.10. Transaction history on the Platform
4.2. The Company does not process special categories of personal data concerning racial, ethnic origin, political views, religious or philosophical beliefs, health conditions, or intimate life.
5. Procedure and Conditions for Processing Personal Data
5.1. Processing of personal data is carried out with the consent of the subject of personal data for the processing of their personal data.
5.2. Processing of personal data is carried out using automation means, as well as without the use of such means.
5.3. The Company ensures the recording, systematization, accumulation, storage, clarification (updating, modification), retrieval of personal data of citizens using databases located on the territory of Georgia.
5.4. The Company takes necessary organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, distribution, as well as from other unlawful actions of third parties.
5.5. The Company carries out storage of personal data in a form that allows determining the subject of personal data no longer than is required by the purposes of processing personal data, unless the storage period of personal data is established by federal law, a contract to which the User is a party.
6. Transfer of Personal Data
6.1. The Company does not disclose to third parties and does not distribute personal data without the consent of the subject of personal data, unless otherwise provided by legislation.
6.2. The Company has the right to transfer personal data to investigation and inquiry bodies, other authorized bodies on the grounds provided for by the current legislation of Georgia.
6.3. Within the framework of the Platform's functioning, personal data may be transferred to the Company's partners exclusively for the purpose of fulfilling obligations to the User and only with the User's consent.
7. Cross-Border Transfer of Personal Data
7.1. The Company does not carry out cross-border transfer of personal data.
8. Rights and Obligations of Personal Data Subjects
8.1. The User has the right to:
8.1.1. Receive information concerning the processing of their personal data.
8.1.2. Require clarification of their personal data, their blocking or destruction in case the personal data is incomplete, outdated, inaccurate, illegally obtained, or is not necessary for the stated purpose of processing.
8.1.3. Withdraw their consent to the processing of personal data.
8.1.4. Require elimination of unlawful actions of the Company in relation to their personal data.
8.1.5. Appeal against actions or inaction of the Company to the authorized body for the protection of rights of personal data subjects or in court.
8.2. The User is obliged to:
8.2.1. Provide the Company with accurate data about themselves.
8.2.2. Inform the Company about the clarification (updating, modification) of their personal data.
9. Measures to Ensure Security of Personal Data During Processing
9.1. The Company takes necessary and sufficient organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, distribution, as well as from other unlawful actions with it by third parties.
9.2. The Company uses the following methods to protect personal data:
9.2.1. Encryption of transmitted data.
9.2.2. Use of secure data transmission protocols.
9.2.3. Restriction of access to personal data.
9.2.4. Regular updating of security systems.
9.2.5. Use of anti-virus software.
9.2.6. Regular data backup.
10. Terms of Personal Data Processing
10.1. Processing of the User's personal data is carried out during the time necessary for the purposes specified in this Policy, except in cases when a longer period of data storage is necessary in accordance with legislation.
10.2. The User's personal data is destroyed or anonymized upon achievement of the processing purposes or in case of loss of the need to achieve these purposes, unless otherwise provided by legislation.
11. Changes to the Personal Data Processing Policy
11.1. The Company has the right to make changes to this Policy. When making changes to the current version, the date of the last update is indicated. The new version of the Policy comes into effect from the moment of its posting on the Platform, unless otherwise provided by the new version of the Policy.
11.2. The current version of the Policy is constantly available on the Platform.
12. Feedback
12.1. All suggestions or questions regarding this Policy should be directed to the Platform's support service through the feedback form or by email at support@jetup.org.
13. Final Provisions
13.1. This Policy is governed by and interpreted in accordance with the laws of Georgia.
13.2. All disputes arising from this Policy or in connection with it are subject to resolution in accordance with the legislation of Georgia.
Last updated: 01.05.2025