PRIVACY POLICY
This Privacy Policy outlines the procedures, processing conditions, and security requirements for all information, including personal data, that Digital Trust LLP ("DT") receives from Internet users ("Users") through the use of the medikart.kz and/or medicard.kz websites and mobile applications (collectively referred to as "medikart.kz").
By using medikart.kz, Users acknowledge and agree to the terms and conditions set forth in this Privacy Policy. This acceptance occurs when Users perform actions indicating their intention to use medikart.kz, such as searching, viewing or submitting ads, registering on the website, leaving comments, sending messages through the communication form, and utilizing other features provided by medikart.kz.
DT reserves the right to modify this Privacy Policy at any time without special notice to Users. The updated version of the Privacy Policy becomes effective immediately upon its posting on medikart.kz unless explicitly stated otherwise by DT. Users are responsible for regularly reviewing the current version of the Privacy Policy.
By continuing to use medikart.kz after the new version of the Privacy Policy has become effective, Users indicate their agreement and acceptance of the updated terms and conditions. Users are bound by all the provisions of the new version of the Privacy Policy regarding the collection, processing, and security of information, including personal data, obtained by DT through the use of medikart.kz.
1. TERMINOLOGY
1.1. DT - "Digital Trust" LLP, registered in accordance with the legislation of the Republic of Kazakhstan.
1.2. Website - https://medikart.kz and/or https://medicart.me, DT provides online booking (booking) services to individuals who have expressed a desire to use the services provided by the DT Partners.
1.3. medikart.kz application - a digital application provided to individuals for Online appointment (booking) who have expressed a desire to use the services provided by the DT partners.
1.4. Collection of User data - actions aimed at obtaining User data.
1.5. Storage of User data - actions to ensure the integrity, confidentiality and availability of User data.
1.6. Providing User data - actions aimed at disclosing User data to a certain person or a certain circle of persons.
1.7. Depersonalization of the User's data - actions, as a result of which it is impossible to determine the ownership of personal data by the subject of personal data.
1.8. User data processing - any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with User data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of User data.
1.9. Dissemination of the User's data - Any actions aimed at disclosing the User's data to an indefinite circle of individuals (transfer of personal data) or making the User's data available to an unlimited number of individuals, including disclosing the User's data in the media, posting it on information and telecommunication networks, or providing access to personal data in any other way.
1.10. Cross-border transfer of User data - The transfer of User data to the territory of a foreign country to a foreign state authority, foreign individual, or foreign legal entity.
1.11. Personal data - Any information relating to an identified or identifiable natural person.
1.12. Usage Data - Data collected automatically or generated as a result of using the Service.
1.13. User - An individual who has duly registered on the Service and accepted the terms of the user agreement, consented to the collection, processing, storage, and transfer of personal data, privacy policy, as well as other documents required for user registration.
1.14. Personal account - The User's page that displays the User's personal data, information about records, usage of products, and other relevant information.
2. SUBJECT OF THE POLICY
2.1. Registration of the User on the Service implies the User's consent to the collection, processing, transfer, and cross-border transfer of data, in accordance with the terms of the Privacy Policy and data processing, and the confidentiality of the User's data, as well as other provisions and documents posted on the Service.
2.2. The Policy is applicable to all Users, including Data Users, during their registration and use of medikart.kz.
2.3. If the User disagrees with the terms of the Policy, the User agrees to cease using medikart.kz either fully or partially, based on the current system configuration.
3. COLLECTED AND PROCESSED DATA TYPES
3.1.
During the registration process for creating an account, the following registration data may be requested:
- Subscriber number of cellular communication.
- Name, surname, patronymic (if any).
- City.
- Photo.
- Date of Birth.
- E-mail address.
- Gender identity.
- Other relevant information.
Please note that the specific registration data requirements may vary depending on preferences of the service recive or platform you are registering with.
3.2. Data about the use of the Service may include the following:
- Information describing the type of the User's device, such as the device model, manufacturer, operating system, and device ID.
- Information about the versions, features, characteristics, and settings of the Service on the device used, including the app version, settings preferences, and any customization options.
- Device location data, which may be collected if the User has granted permission for the Service to access their location. This can include GPS coordinates, Wi-Fi network information, or IP address, depending on the available technology and the User's device settings.
It's important to note that the collection and use of such usage data may be subject to the Privacy Policy of the Service, and the extent of data collected may vary based on the specific features and functionalities of the Service.
4. USE OF PERSONAL DATA
4.1. tTe collection, storage, processing, and analysis of data are conducted to the extent that is necessary and appropriate for the specific purposes of data processing. This means that only the relevant and essential data required for the intended purposes will be collected and processed. The principle of data minimization is followed, ensuring that personal data is not collected or used in excess of what is necessary to achieve the specified purposes..
4.2. According to the provided information, the collection, storage, processing, and analysis of data are carried out for the following purposes:
Functionality:
- Creating a user account on the Service.
- Providing personalized services on medikart.kz.
- Other purposes:
Informing the User through various communication channels (such as SMS messages, Push notifications, emails) about ongoing promotions, special offers, promotional materials, newsletters, and service mailings.
- Notifying the User about any changes in services and/or usage terms and conditions.
- Conducting analysis and research to improve the functioning of the Service, utilizing the data provided by the User.
- Providing the User with personalized offers, discounts, and recommendations.
- Analyzing usage patterns of the Service.
- Detecting bugs and system errors.
These purposes encompass both functional aspects related to user accounts and personalized services, as well as broader objectives aimed at enhancing user experience, communication, and service improvement.
5. PROCEDURE FOR COLLECTING, PROCESSING, STORING, TRANSFER OF USER DATA AND THEIR DESTRUCTION
5.1. DT takes measures to ensure the safety of the User's data and prevent unauthorized access by third parties.
5.2. The period of collection, storage, processing, and analysis of the User's data is unlimited, meaning there is no specific timeframe mentioned for how long the data will be retained.
5.3. DT is authorized to process the User's data using automated tools.
5.4. User data is subject to destruction by DT. However, no specific details are provided regarding the circumstances or process of data destruction.
5.5. Upon the user's request, DT undertakes to delete the user's account and user data within 3 days. It is stated that no further feedback will be provided to the user after the deletion of the user account and/or data.
6. TRANSFER OF USER DATA TO THIRD PARTIES
6.1. User Data Transfer: User data, including personal data, may be transferred to a third party if the User has provided consent as a subject of personal data. This transfer is done to enable the User to access the Service. Additionally, User data may be transferred in other cases as stipulated by the current legislation of the Republic of Kazakhstan.
6.2. Cross-Border Transfer: In the event of a cross-border transfer of User data and/or data of a legal entity to third parties, DT ensures that the foreign state to which the User data is transferred maintains legislative provisions for the protection of personal data. DT also ensures that appropriate legal and technical measures are in place to protect the storage and security of personal data during the cross-border transfer.
6.3. The app does use third-party services that declare their Terms and Conditions.
Link to Terms and Conditions of third-party service providers used by the app
·Google Analytics for Firebase