Privacy Policy
Preamble
This Policy governs the process of processing personal data related to the User and ensures the protection of the User’s personal data from unauthorized access by any third party.
The Company takes responsible care of every User’s visit to the website under its control and of the interest that the User shows in the information posted on the website.
In view of the above, the Company assumes responsibility for safeguarding the security of the User’s personal data, for using the data solely to achieve a legitimate purpose, and for ensuring strict compliance with personal data protection legislation.
The terms for processing personal data when using the website are defined by this Privacy Policy.
Definitions of Terms
Managing Company / Company — LLC “Saqme.ge” (ID No. 405198860) (a limited liability company registered in accordance with the legislation of Georgia, registration date 30/03/2017), legal address: Tbilisi, Vake-Saburtalo district, Iosebidze Street, N 49, (plot 17/1) / Tbilisi, Kutateli Street (formerly Shchorsi), N3; actual address: Tbilisi, Vake-Saburtalo district, Iosebidze Street, N 49, (plot 17/1) / Tbilisi, Kutateli Street (formerly Shchorsi), N3. Email: [email protected]; hotline: 0322121661.
Website — the website operated by the Company, www.ss.ge.
Personal data (hereinafter — data) — any information relating to an identified or identifiable natural person. A natural person is identifiable when it is possible to identify them, directly or indirectly, including by name, surname, identification number, geolocation data, electronic communication identifiers, or by a physical, physiological, mental, psychological, genetic, economic, cultural, or social characteristic.
Data processing — any action performed on data, including their collection, obtaining, accessing, photographing, video monitoring and/or audio monitoring, organization, grouping, interlinking, storage, alteration, restoration, retrieval, use, blocking, deletion, or destruction, as well as the disclosure of data by transmitting, publishing, disseminating, or otherwise making them available.
Processing of data by automated means — the processing of data using information technologies.
Processing of data by semi-automated means — the processing of data using a combination of automated and non-automated means.
Data subject — any natural person whose data is being processed.
Consent of the data subject — the will of the data subject, freely and clearly expressed by an affirmative action, in writing (including electronically) or orally, to process data about them for a specific purpose, after having received the relevant information.
Written consent of the data subject — consent that the data subject has signed or has otherwise expressed in writing (including electronically) to the processing of data about them for a specific purpose, after having received the relevant information.
Controller (person responsible for processing) — a natural person, legal person, or public institution that, individually or jointly with others, determines the purposes and means of data processing and carries out data processing directly or through a person authorized to process.
Processor (person authorized to process) — a natural person, legal person, or public institution that processes data for or on behalf of the controller. A natural person in an employment relationship with the controller is not considered a processor.
Third party — a natural person, legal person, or public institution, other than the data subject, the Personal Data Protection Service, the controller, the processor, the special representative, and the person authorized to process data under the direct instruction of the controller or the processor.
Direct marketing — the direct and immediate supply of information to the data subject by telephone, mail, email, or other electronic means, for the purpose of forming, maintaining, realizing, and/or supporting interest in a natural person and/or legal person, goods, an idea, a service, work, and/or an undertaking, as well as in image-related and social topics. The supply of information by a state institution to a natural person shall not be considered direct marketing if such supply of information is compatible with one of the grounds for data processing provided for in Articles 5 and 6 of the Law on Personal Data Protection.
Filing system — a structured set of data in which the data are arranged and accessible according to specific criteria.
Pseudonymization of data — the processing of data in such a way that, without the use of additional information, it is impossible to link the data to a specific data subject, where this additional information is stored separately and, by means of technical and organizational measures, the data is not linked to an identified or identifiable natural person.
Blocking of data — the temporary suspension of data processing (other than storage).
Incident — a breach of data security that results in the unlawful or accidental damage to, loss of, as well as the unauthorized disclosure, destruction, or alteration of, access to, collection/obtaining of, or other unauthorized processing of data.
1.Parties to the Personal Data Processing Process
1.1.The subject of personal data processing is the User who, by registering and authorizing on the website and/or by posting an advertisement, consents to the processing of the personal data concerning them for the purpose provided for in this Privacy Policy.
1.2.The person responsible for processing personal data (the controller) is:
LLC “Saqme.ge” (ID No. 405198860) (a limited liability company registered in accordance with the legislation of Georgia, registration date 30/03/2017), legal address: Tbilisi, Vake-Saburtalo district, Iosebidze Street, N 49, (plot 17/1) / Tbilisi, Kutateli Street (formerly Shchorsi), N3; actual address: Tbilisi, Vake-Saburtalo district, Iosebidze Street, N 49, (plot 17/1) / Tbilisi, Kutateli Street (formerly Shchorsi), N3. Email: [email protected]; hotline: 0322121661.
2.Grounds for Data Processing
2.1.The Company’s processing of the User’s personal data is permitted where one of the following grounds exists:
2.1.1.the data subject has given consent to the processing of data about them for one or several specific purposes;
2.1.2.for the performance of an obligation undertaken under a transaction concluded with the data subject, or to conclude a transaction at the data subject’s request;
2.1.3.data processing is necessary for the controller to fulfill the duties imposed on them by the legislation of Georgia;
2.1.4.the data is publicly available, or the data subject has made it publicly available;
2.1.5.to provide a service to the data subject;
2.1.6.to protect the lawful interests of the Company and the User.
2.2.The User is obliged neither by law nor by contract to provide the Company with their personal data. However, the unavailability of such data may result in the User being unable to receive the services defined by the Company’s website.
3.Purpose of Personal Data Processing
3.1.The User’s registration on the website of LLC “Saqme.ge” is carried out by the User providing their mobile phone number and email; accordingly, for the purpose of providing full and effective service, the Company is authorized to process the above-mentioned personal data of the data subject.
3.2.The User is entitled to authorize on the website www.ss.ge operated by the Company through so-called Third party services, such as: Google; Facebook. When this method of authorization is used, the following types of personal data related to the User are transferred to the Company: name and email address.
3.3.When posting an advertisement on the website operated by the Company, the User is obliged to share with the Company the following types of personal data related to them: name, email address, and mobile phone number. Without sharing this information with the Company, the User will not be able to post an advertisement on the website.
3.4.The website operated by the Company does not process special category data, health-related data, genetic data, or biometric data. The Company does not process the User’s personal data related to the conduct of banking operations. When such operations are carried out, the processing of your personal data is performed by the relevant financial institution.
3.5.For the purpose of effectively fulfilling the obligations undertaken under the agreement concluded between the Company and the User, including legal obligations, the Company processes the User’s personal data for the following purposes:
3.5.1.managing the relationship with the User;
3.5.2.introducing new services;
3.5.3.providing information about the activities carried out by the User (regarding the status of the advertisement posted by the User);
3.5.4.adapting the website and its components to the User’s needs;
3.5.5.protecting the website’s users and preventing fraudulent actions;
3.5.6.improving the quality of the Company’s service;
3.5.7.the effective and proper fulfillment by the Company of its statutory and contractual obligations;
3.5.8.receiving User feedback and responding to complaints;
3.5.9.testing new systems or services;
3.5.10.managing the risks of the Company and the Company’s users;
3.5.11.sending the User status notifications related to activity on the website, such as, for example, the successful posting of an advertisement;
3.5.12.providing data to competent state authorities, where necessary;
3.5.13.other legitimate purposes provided for by the Law of Georgia on Personal Data Protection.
4.Rights and Obligations of the Personal Data Subject
4.1.For the purpose of receiving the service, the User is obliged to provide the Company with complete and accurate information.
4.2.The User, as a personal data subject, has the right to:
4.2.1.request the controller to confirm whether data about them is being processed and whether the data processing is justified, and, in accordance with the request, to receive — no later than 10 working days from the request and free of charge — their personal data held by the Company;
4.2.2.request information about the source from which the data was collected/obtained;
4.2.3.receive information about the data retention period (time), or, if it is impossible to determine a specific period, about the criteria for determining the period;
4.2.4.request information about the legal basis and purposes of the data transfer, as well as about the appropriate safeguards for data protection;
4.2.5.receive information about the identity of the data recipient or the categories of data recipients, including information about the basis and purpose of the data transfer, if the data is transferred to a third party;
4.2.6.request the transfer of a copy of their personal data held by the Company;
4.2.7.request the controller to correct, update, and/or supplement erroneous, inaccurate, and/or incomplete data about them;
4.2.8.request the Company to terminate, delete, or destroy the processing of data about them;
4.2.9.The Company has the right to refuse to satisfy the request defined in paragraph 4.2.8 if:
4.2.9.1.there is another ground defined in paragraph 3.5 of this Policy and/or in Articles 5 and 6 of the Law of Georgia on Personal Data Protection;
4.2.9.2.the data is processed for the purpose of substantiating a legal claim or defense;
4.2.9.3.data processing is necessary for the exercise of the right to freedom of expression or information;
4.2.9.4.the data is processed for archiving purposes in the public interest as provided for by law, for scientific or historical research, or for statistical purposes, and the exercise of the right to terminate, delete, or destroy the data processing would render impossible or significantly impair the achievement of the processing purposes.
4.2.10.request the controller to block the data in the following cases:
4.2.10.1.the User disputes the authenticity or accuracy of the data;
4.2.10.2.the data processing is unlawful, but the data subject/User opposes its deletion and requests the blocking of the data instead;
4.2.10.3.the data is no longer needed to achieve the purpose of its processing, but the data subject needs it in order to file a complaint/claim;
4.2.10.4.the data subject requests the termination, deletion, or destruction of the data processing, and this request is under consideration;
4.2.10.5.there is a need to retain the data for the purpose of using it as evidence.
4.2.11.at any time, without any explanation or justification, withdraw the consent they have given or restrict the Company’s processing of their personal data, of which the Company must be notified at the email address [email protected]. The Company undertakes to terminate the data processing no later than 10 working days from receiving such notification. If the User does not wish to provide personal information or requests the termination of information processing, the fulfillment of the Company’s obligations toward the User — including the use of the account/profile or the receipt of the relevant services — may be delayed or rendered impossible.
4.2.12.submit a complaint regarding the processing of personal data, including to the Personal Data Protection Service and/or to a court.
5.Minors
5.1.The products/services posted on the website are not intended for persons under 18 years of age who, in accordance with the procedure established by the legislation of Georgia, have not reached the age of majority defined by law.
5.2.The Company does not intentionally collect or store information from persons under 18 years of age. The Company takes responsible care of the protection of minors’ personal information.
5.3.The Company is unable to verify the accuracy of the information provided by the User; for this reason, if you become aware of the fact that a minor has purchased goods/services on the website operated by the Company, please contact us at the indicated email address: [email protected].
6.Security of Personal Data and Retention Period
6.1.The Company ensures the consistent and high-quality protection and security of the User’s personal data.
6.2.The Company is responsible for taking all organizational and technical measures and for fulfilling the requirements established by the legislation of Georgia, in order to ensure and protect the User’s personal data from loss and from unlawful processing, including destruction, deletion, alteration, disclosure, or use.
6.3.The User acknowledges that any transmission of data via the internet or a wireless network cannot be absolutely and guaranteed secure. The Company applies commercially reasonable security measures to protect personal data and also strives to establish partnership relationships only with organizations that
6.4.take responsible care of the importance of personal data protection. However, the Company cannot guarantee the security of information transmitted to or from the website.
6.5.The Company ensures the processing of the User’s personal data and their storage in a form that allows the identification of the person for as long as is necessary to achieve the processing purposes specified in this Policy.
6.6.Upon the termination by the Managing Company of personal data processing for the purposes defined by this Policy, the Company ensures the deletion/destruction of personal data in accordance with the procedure and time limits defined by this Policy and by law. The deletion/destruction of personal data is carried out where one of the following grounds exists:
6.6.1.the User has withdrawn consent and/or requested the termination of the processing of their personal data — in such a case, the Company ensures the deletion/destruction of personal data, provided that the basis for processing the personal data was solely the User’s consent;
6.6.2.the purpose of personal data processing has been achieved;
6.6.3.an incident has been detected;
6.7.The Company has ceased its business activity.
6.8.After the User cancels their account/profile on the website, their data is stored in accordance with the purposes provided for by the Policy, by law, and by regulatory documents, for a period not exceeding 3 (three) years.
6.9.Personal data provided by the User when posting an advertisement on the website operated by the Company is stored by the Company in pseudonymized form for a period of 10 (ten) years.
7.Methods of Obtaining Personal Data and Sharing with Third Parties
7.1.The Company receives information about personal data after the User fills out the registration form, authorizes via so-called Third party services, and/or posts an advertisement on the website.
7.2.The User’s personal information may be transferred by the Company to state bodies or entities, regulatory bodies, or any other person, on the basis of, and in accordance with the purposes of, applicable legislation, regulations, a court ruling or official request, an instruction issued by a state regulatory body, or on the basis of any similar process conducted under applicable legislation.
7.3.The Company is authorized to transfer personal data related to the User, in particular the information reflected in advertisements, to companies with which it has a contractual relationship — in particular, commercial banks, insurance companies, and organizations engaged in research activities — which require such data in order to conduct analytical and statistical research.
7.4.In the case of the transfer of personal data to companies with which there is a contractual relationship, those companies bear the obligation to protect personal data, to ensure their security, and to fulfill the obligations defined by the Law of Georgia on Personal Data Protection.
8.Cookies
8.1.The website www.ss.ge operated by the Company uses so-called cookies for the purpose of simplifying navigation, offering information in the desired format, and improving search parameters.
8.2.The Company does not obtain or process personal data related to the User by means of cookies.
9.Changes to the Privacy Policy
9.1.The Company reserves the right to change this Privacy Policy at any time.
9.2.Any change made to the Privacy Policy is communicated to the authorized/registered User without delay, by email and by sending/posting a notification on their personal profile.
10.Terms of Use
10.1.By electronically marking/acknowledging acceptance of the Terms and Conditions, the User confirms that they simultaneously agree to this Privacy Policy, that the information provided by the User constitutes accurate and reliable data, that the information was provided at the User’s own will, and that the User has all the rights and permissions provided for by law to do so.
10.2.The legal basis for the Company’s processing of personal data is the Law of Georgia on Personal Data Protection and the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.
11.Contact with the Company
If you have any questions and/or requests regarding the processing of personal data, the User may contact the Company at the following email address: [email protected]; hotline: 0322121661.