SECURITY POLICY FOR USERS OF SMILEEXPO.COM.UA
1. TERMS AND DEFINITIONS
1.1. “Website Administration” shall mean individuals or legal entities, authorized to manage the Website on the behalf of SMILE-EXPO LLC, who organize and/or process personal data.
1.2. “Personal data” shall mean any information expressly or implicitly related to the User (personal data subject), provided by the User personally during the registration (personal account creation) or during the use of Website services.
1.3. “Processing of personal data” shall mean any action (operation) or a series of actions (operations), involving automation tools or not, on personal data, including gathering, recording, systematization, collection, saving, specification (updating, changing), receiving, usage, transferring (dissemination, provision, access) depersonalization, blocking, removing and destroying of personal data.
1.4. “Confidentiality of personal data” shall mean the requirement, which is binding upon the Operator or other persons that have access to personal data, on prevention of information dissemination without the consent of personal data subject or other legitimate grounds.
2. GENERAL PROVISIONS
2.3. Personal data of the User shall include:
2.3.1. minimum of necessary information, provided by the User: surname, name, patronymic, telephone number, workplace, position, e-mail, telephone, location;
2.3.2. other information, which is automatically saved in logs of the server and includes as follows: IP address, given to the User by its Internet service provider; information about the User’s browser (or other programs used for accessing the services); addresses of pages visited by the User on the Website; date and period of visiting.
2.4. Personal data specified in p. 2.3.1 are saved only if specified by the User.
2.4.1. Information that is obligatory for services provision is marked. Other information is provided by the User in its sole discretion.
2.4.2. Personal data of the User is stored on the server of the Website Administration, which can be physically located in Ukraine and abroad. The User agrees and authorizes the Website Administration to transfer personal data across the Ukrainian borders for the purposes the information was collected for. The Website Administration shall take all reasonable steps to ensure the protection of the User’s Personal data from illegal access, illegal change, dissemination or destroying.
2.4.3. The rights and obligations of the Website User is subject to the Law of Ukraine “On Personal Data Protection” № 2297-VI., dated June 01, 2010.
3. PURPOSES OF USERS’ PERSONAL DATA PROCESSING
3.1. The Website Administration shall store and keep only the Personal data that is necessary for service rendering, execution of agreements and contracts with the User, feedback.
3.2. The Website shall process User’s Personal data only for purposes as follows:
3.2.1. identifying of the User, registered on the Website, ordering options and/or making Agreements remotely;
3.2.2. providing the access to personalized Website resources to the User;
3.2.3. arranging feedback and communication with the User, including notification and message sending regarding the use of the Website, provision of services, processing User’s requests and applications;
3.2.4. determining User’s location to ensure safety and prevent fraud;
3.2.5. ensuring validity and integrity of Personal data, provided by the User;
3.2.6. creating personal account to make orders, in case the User gives its consent for it;
3.2.7. notifying the Website User about the status of orders;
3.2.8. processing and receiving payments, confirming taxes or tax concessions, payment contestation;
3.2.9. providing the User with efficient clients and technical support if problems regarding the use of the Website arise;
3.2.10. providing the User with information about service updates, special offers, information on prices, newsletter or other information on the behalf of the Website or partners of the Website, etc., providing that the User gives its consent for it;
3.2.11. providing the User with the access to websites or services of the Website partners.
4. TERMS AND CONDITIONS OF PERSONAL DATA PROCESSING
4.1.1. Processing of the User’s personal data shall be carried out without any time limits, in any legal way, including its carrying out in personal data information systems, applying means of automation or without applying such means, in accordance with the Law of Ukraine “On Personal Data Protection” № 2297-VI., dated June 01, 2010.
4.1.2. The Website shall have the right to transfer the User’s Personal data to the third parties on the occurrence of any of the following:
4.1.3. The User gives its consent for such actions;
4.1.4. Such transfer is necessary for the use of particular service by the User or for executing particular agreement or contract with the User;
4.1.5. Such transfer is subject to applicable law in accordance with the procedure established by the law, including: obtaining an official request from law enforcement agencies, executing judgement, preventing fraud, protecting users’ rights, etc.
4.2. The Website Administration shall take necessary organizational and technical measures to protect the User’s Personal data from unauthorized or accidental access, destroying, modification, blocking, copying, dissemination, as well as from other illegal actions of the third parties, including:
4.2.1. the use of cryptographic protocol SSL, ensuring the security of connection and transfer of encrypted data;
4.2.2. regular updating of services and management systems of the Website and its content;
4.2.3. regular tests for malicious codes;
4.2.4. the use of private virtual server for hosting the Website.
4.4. The Website Administration shall block Personal data of the relevant User from the moment of receiving the request of the User or its authorized representative or authorized body on the protection of the rights of personal data subjects for the verification period in case of revealing unreliable personal data or illegal actions.
4.5. The User shall be solely liable for maintaining the confidentiality of its login and password, as well as for the accuracy of the information provided.
5. LIABILITY OF THE PARTIES
5.1. The Website Administration failed to fulfil its obligations shall be liable for damages caused to the User as the result of unlawful use of personal data, in accordance with the legislation.
6. DISPUTES RESOLUTION
6.1. Before initiating legal action regarding the disputes arising out of the relationship between the Website User and the Website Administration, a claim (a written proposal for voluntary settlement) shall be submitted.
6.2. The claimed shall notify the claimant about the results of the claim examination in writing within 30 (thirty) calendar days from the date of the claim receipt.
6.3. In the event of failure to settle the disputes, disputes shall be submitted for settlement in court in accordance with the applicable legislation.
7. SUPPLEMENTARY CONDITIONS
The owner of the User database of the Website https://www.smileexpo.com.ua is SMILE-EXPO LLC (USREOU: 39183091).
Contact details: 7 Budindustriyi str., office 1, Kyiv, 01013, Ukraine.