PRIVACY POLICY

1.General Provisions

The Company's main objective and a condition of its activities shall be respecting the rights and freedoms of individuals and citizens when processing their personal data, including the right to privacy and personal and family secrecy.
This Policy applies to any information that the Company may collect about visitors to the website httpsː//lex.kg (hereinafter - the Policy).
This Policy is developed in accordance with the Constitution of the Kyrgyz Republic, the Civil Code of the Kyrgyz Republic, the Law of the Kyrgyz Republic on Personal Information, the Procedure for obtaining the person's consent for his/her personal data collecting and processing, the Data Subject Informing Procedure for his/her personal data to be disclosed to a third party.

1.1. The Company's main objective and a condition of its activities shall be respecting the rights and freedoms of individuals and citizens when processing their personal data, including the right to privacy and personal and family secrecy. 1.2. This Policy applies to any information that the Company may collect about visitors to the website httpsː//lex.kg (hereinafter - the Policy). 1.3. This Policy is developed in accordance with the Constitution of the Kyrgyz Republic, the Civil Code of the Kyrgyz Republic, the Law of the Kyrgyz Republic on Personal Information, the Procedure for obtaining the person's consent for his/her personal data collecting and processing, the Data Subject Informing Procedure for his/her personal data to be disclosed to a third party.

2. Key concepts used in the Polic

2.1. Automated processing of personal data - processing personal data using computer equipment.

2.2. Blocking of personal data - temporary cessation of personal data processing (unless the processing is required for personal data clarification).

2.3. Website - a set of graphic and information materials, as well as computer programs and databases ensuring their availability on the Internet at the network address: httpsː// lex.kg.

2.4. Personal information system - set of personal data in databases and information technologies, and technical means ensuring their processing.

2.5. Personal data depersonalization - actions resulting in impossibility to determine the owner of personal data – a user or other customer - without additional information.

2.6. Processing of personal information - any action (operation) or set of actions (operations), carried out with or without automated means, that involves personal data collecting, recording, systematising, storing, clarifying (updating, modifying), extracting, using, distributing (making available, supplying, giving an access), depersonalising, blocking, erasing, destroying.

2.7. Company - Lex Legal Corporation (LexLegalCorporation) Limited Liability Company, TIN 02010200010103, registered under the law of the Kyrgyz Republic at the following address: 189A Tynystanov Street, Pervomaisky district, Bishkek, Kyrgyz Republic, independently or jointly with others, organises and/or processes personal data and determines the purposes for personal data processing; the composition of personal data to be processed; the operations to be carried out by the Company, and the scope of personal data processing.

2.8. Personal data - any information relating directly or indirectly to a particular or identifiable User of the website: httpsː// lex.kg.shared.

2.9. Personal data authorised to be disclosed by the data subject - personal data shared by the personal data owner at his/her consent for data processing, thus providing an access to this data to the unlimited number of persons as stipulated in the Law of the Kyrgyz Republic on Personal Information (hereinafter referred to as the Law) (hereinafter - personal data authorised for disclosure).

2.10. User - any visitor of the website httpsː// lex.kg.

2.11. Personal data disclosure - actions to communicate personal data to an individual or group of individuals.

2.12. Dissemination of personal data - any actions aimed at disclosing personal data to an unlimited number of persons (transfer of personal data) or providing access to personal data to an unlimited number of persons, including publicising personal data in mass media, posting in information and telecommunication networks or providing access to personal data in any other way.

2.13. Cross-border transfer of personal data - transfer of personal data to a foreign government authority in a foreign country, a foreign individual or a foreign legal entity.

2.14. Destruction of personal data - any actions to irreversibly destroy personal data without any possibility of its further recovery in the personal data information system and/or destroying material carriers of personal data.

3. Key Rights and Obligations of the Company

3.1. The Company shall have the right to:

- Receive from the data subject reliable information and/or documents containing the personal data;

- Should the data subject revoke his/her consent to the processing of the personal data, or should the data subject submit a request to stop the personal data processing, the Company shall have the right to continue the personal data processing without the data subject's consent if there are grounds specified by law;

- Independently determine, unless otherwise provided by law or other regulatory acts, the composition and list of measures necessary and sufficient to ensure the fulfilment of

he obligations established by law and regulatory acts adopted in accordance with it.

3.2. The company shall:

- Provide the data subject, upon request, any information on their personal data processing;

-Process personal data according to Kyrgyzstan's applicable legislation;

- Respond to appeals and requests submitted by data subjects and their legal representatives in accordance with the law;

- Upon request, within 10 days, provide the competent authority for the protection of personal data with the relevant information;

-Publish or otherwise ensure unrestricted access to this personal data policy;

-Ensure legal, administrative and technical safeguards to protect personal data against unlawful or accidental access, destruction, alteration, blocking, copying, disclosure or dissemination of personal data, and any other illegal activity involving personal data;

-Cease communicating (disseminating, providing, making available), processing and destroying personal data as and when provided for by the law;

-Comply with the other obligations provided for by the Law.

4. Key Rights and Obligations of the Data Subject

4.1. The data subjects shall have the right to:

- Be informed - The data subjects shall have the right to know whether the Company holds their personal data, as well as to receive information including

- Statement confirming the availability, purposes, sources and methods of personal data collection and processing;

- List of personal data;

- Personal data processing conditions, including their storage conditions;

- Request the Company to clarify, block or destroy their personal data if it is incomplete, obsolete, inaccurate, obtained unlawfully or irrelevant to the specified processing purpose, as well as to protect their personal data as provided for by law;

- Withdraw consent to the processing of personal data, as well as submit a request to stop processing personal data;

- Appeal to the competent data protection authority or court against unlawful acts or omissions of the Company in processing their personal data;

- Exercise other rights envisaged by the law of the Kyrgyz Republic.

4.2.The data subjects shall:

- Provide the Company with accurate personal information;

- Inform the Company of any clarification (update, change) of their personal data

4.3. Anyone providing false personal information or providing information on a third party without their consent shall be subject to liability under Kyrgyz law.

5. Personal Data Processing Principles

5.1. Personal data shall be collected and processed in the manner prescribed by the law of the Kyrgyz Republic.

5.2. Personal data shall be collected for precise and specified, declared and legitimate purposes; shall not be used contrary to these purposes; and shall not be further processed in a way incompatible with these purposes.

5.3. Initial data must be accurate and updated as appropriate.

5.4. Personal data shall be retained for no longer than is necessary for the purposes they were collected and disposed when the purposes are met or when they are no longer relevant.

5.5. The relevant safeguards shall be in place to ensure protection of personal data retained for longer time for historical or other purposes.

5.6. Automated information processing shall not combine personal data of holders (owners) collected for different purposes.

5.7.Personal data shall be stored and protected from unlawful access, addition, modification and destruction by the holder (owner) of the personal data sets.

5.8. The Company may collect and process personal information for the following purposes:

6.Purposes of personal data processing

-The Company may collect and process personal data for the following purposes:
- Drafting and concluding agreements with Data subjects: to execute various obligations under service contracts;
- Meeting financial and legal obligations: for accounting and taxation purposes;
- Business development: to improve service and quality control;
- Marketing: to provide information on the Company's services; disseminate information and proposals and any other materials, sending out
information and inviting people to attend events, producing photographic and video reports;
- Claim handling and dispute resolution: to obtain comprehensive and detailed information on claims and/or disputes and their
resolution, in connection with or in the course of the Company activities;
- Any other purposes within the scope of the Company activities where the personal data of the subjects shall be used.

7. Personal Data Processing Requirements

7.1. Personal data processing shall be carried out with the consent of the data subject.
7.2. The Company shall collect and process the following categories of personal data:
- Basic data: last name; first name; middle name (if any); date and place of birth; telephone number; e-mail address; country and city of residence.
- Marketing data: nquiries and subscriptions data; last name; first name; e-mail address; company name; jurisdictions; preferred language and sector of economy.
- Applicant data: last name; first name; middle name (if any); phone number; e-mail address; country and city of residence; work experience; education; any additional
applicant inputs.

- Device data: IP address; unique device identifier (UDID); cookies; location data; website usage data; other device-related data.
- Data of potential Participants: company name; contact person details; position; telephone number; e-mail address; location; address of the potential Participant's website; additional Participant's inputs.
7.3. The Company shall not collect or process special categories of personal data, including data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, or data concerning health, sex life or sexual orientation.
7.4. Processing of personal data shall serve the purposes set forth in this Policy, the legislation of the Kyrgyz Republic, the international treaty the Kyrgyz Republic is a party of or law, to execute functions, powers and obligations imposed on the Company by the law of the Kyrgyz Republic..
7.5. Personal data processing shall ensure justice, execution of judicial acts, or acts of any other bodies or officials to be executed under the enforcement law of the Kyrgyz Republic.
7.6. Personal data processing shall be required to execute an agreement which the data subject is a party of or a beneficiary or a guarantor, as well as for the data subject to initiate an agreement he/she will be a beneficiary or a guarantor.
7.7. Personal data processing shall be required for the Company or third parties to exercise their rights and legitimate interests or to achieve socially important goals, provided that the rights and freedoms of the data subject shall not be violated thereby.
7.8. Personal data shall be processed and the access of an unlimited number of persons to them (hereinafter referred to as publicly available personal data) shall be granted by the data subject or at his/her request.
7.9. The processed personal data shall be subject to publishing or mandatory disclosure in compliance with the legislation of the Kyrgyz Republic.

8. The Procedure for Personal Data Collection, Storage, Transfer and Other Processing

8.1. The security of personal data processed by the Company shall be ensured through legal, organizational and technical procedures to
fully comply with the requirements of the applicable law in the field of
personal data protection.
8.2. The Company shall ensure the personal data safety and take any and all possible measures to prevent unauthorised persons from accessing the personal data.
8.3. The User's personal data shall never, under any circumstances, be transferred to third parties, unless as stipulated by the
applicable laws of the Kyrgyz Republic, or when the data subject shall consent to the Company for data transfer to a third party to meet the obligations under
a civil law contract.
8.4. The User update any inaccuracies in his/her personal data independently, by sending a notice marked ‘Personal Data Update’
to the Company e-mail address [email protected].
8.5. The personal data processing term shall be determined as complete when the purposes these data were collected for are achieved,
unless another term shall be provided by the contract or applicable law. The User may withdraw his/her consent to the personal data processing at any time by sending a notice marked ‘Withdrawal of consent to personal data processing’ to the Company e-mail address [email protected].
8.6. All and any information that is collected by third-party services, including payment systems, means of communication and other service providers, shall be stored and processed by these persons (Operators) in accordance with their User Agreement and Privacy Policy. The Company shall not be liable for any actions of third parties, including the
service providers referred to in this paragraph
8.7. Prohibition on transfer (except for granting access), as well as on processing or processing conditions (except for obtaining access) of personal data approved for dissemination by the data subject shall not apply to personal data processed for state, social or public interests, as stipulated by the law of the Kyrgyz Republic.
8.8. The Company shall ensure personal data confidentiality when processing them.
8.9. The Company shall store personal data in a format that allows to identify the data subject for no longer than required for their processing, unless the personal data storage term is established by the law of the Kyrgyz Republic, the contract which the subject of personal data is a party to, a beneficiary or a guarantor.
8.10. Personal data processing shall be terminated under several conditions: the completion of the purposes these personal data were obtained; the expiration of the data subject’s consent; the data subject’s request to terminate personal data processing; or when unlawful personal data processing shall be identified.

9. The List of Actions the Company shall perform in respect of the Personal Data Received

9.1. The Company shall collect, record, systematize, accumulate, store, clarify (update, change), extract, use, transfer (disseminate, provide, access), depersonalize, block, delete and destroy personal data.
9.2. The Company shall perform automated personal data processing involving the received and/or transmitted information via information and telecommunication networks or without it.

10.Cross-border Personal Data Transf

10.1. The Company may transfer abroad and store personal data of subjects abroad. The Company will ensure that any exchange or transfer of personal data across borders shall be
lawful and executed under the appropriate legal grounds. In the event of cross-border data transfer, the Company shall take comprehensive measures to ensure data security. The Company shall perform cross-border data transfer operations in compliance with the applicable laws.
10.2. Cross-border personal data transfer to foreign countries that do not meet the above requirements shall be permitted only if the data subject has consented in writing to this cross- border transfer and/or if there is an agreement in place the data subject is a party to.


11.Personal Data Confidentiality

The Company and other persons with access to personal data shall not disclose this data to third parties or disseminate it without the consent of the data subject, unless otherwise provided for by the law of the Kyrgyz Republic.

12. Final Provisions

12.1. The User may obtain any clarifications on any issues regarding his/her personal data processing by contacting the Company via the following e-mail [email protected].
12.2. This document will reflect any changes to the Company's personal data processing policy. The Policy shall remain valid until it is superseded by a subsequent version.
12.3. The most recent valid version can be accessed at httpsː// lex.kg/privacy/.


Any other questions?

Write to us! We are always happy to help you.
WhatsApp Email Call