Privacy and cookies policy

Revision from 14.02.2023

The privacy of visitors to our website https://prengi.com/ is very important to us and we are committed to protecting it. This Privacy and Cookies Policy (the «Policy») explains what we will do with your personal information.

This Policy applies to the processing of personal data that Limited Liability Company «MONDIAL SOLUTIONS» may receive from individuals (personal data subjects) on the basis of the Constitution of Ukraine and the Law of Ukraine «On Personal Data Protection» dated 27.10.2022 No. 2297-VI (hereinafter — the Law), as well as the EU General Data Protection Regulation 2016/679 (EU General Data Protection Regulation, hereinafter — the «GDPR») and other European data protection legislation, collectively referred to as the Legislation.

1. Terms and definitions

1.1. «Personal data» — information or a set of information about an individual who is identified or can be identified (User);

1.2. «Site Administration» — Limited Liability Company «MONDIAL SOLUTIONS» (EDRPOU Code 39906493).

1.3. «Processing of personal data» — any action or set of actions, such as collection, registration, accumulation, storage, adaptation, modification, restoration, use and dissemination (distribution, sale, transfer), destruction of personal data, including with the use of information (automated) systems;

1.4. «Dissemination of personal data» means actions to transfer information about an individual with the consent of the personal data subject;

1.5. «Use of personal data» — any actions of the Administration to process this data, actions to protect it, as well as actions to grant partial or full rights to process personal data to other subjects of relations related to personal data, carried out with the consent of personal data subjects or in accordance with the legislation of Ukraine;

1.6. «User» means a personal data subject, any legally capable individual who has joined this Policy in their own interests or in the interests of a legal entity, in order to receive services to provide access to the Prengi online service, and has registered in the online service.

1.7. «Online Service» means a service owned by the Administration and located at https://prengi.com/, as well as the Prengi mobile application available for download through the App Store for iOS mobile devices and through Google Play for Android mobile devices.

1.8. «Personal Account» means a section of the online service, which the User accesses after registering in the online service https://prengi.com/ and entering a unique login and password. The Personal Account contains the User’s personal data and is intended for viewing and managing the available functionality of the online service;

1.9. «Registration» — the User’s actions to fill out and send the registration form posted in the online service, which, if the Administration has no objections to registration, result in granting access to the Personal Account;

1.10. «Authorization» — entering by the User of his login and password to enter his Personal Account in the online service.

2. General provisions

2.1. The Policy applies to all your personal data that we may receive in the course of your use of the online service.

2.2 This Policy applies to personal data received both before and after the entry into force of this Policy.

2.3. The purpose of the Policy is to provide you with the necessary information to assess what personal data and for what purposes we process, the methods of processing and ensuring security.

2.4. When using the online service, by providing your personal data to the Administration, including through third parties, you acknowledge your consent to the processing of your personal data in accordance with this Policy.

2.5. If you disagree with the terms of this Policy, you must stop using the online service.

2.6. Consent to the processing of personal data may be withdrawn by the subject of personal data. If the personal data subject withdraws consent to the processing of personal data, the Administration has the right to continue processing personal data without the consent of the personal data subject if there are grounds specified in the Legislation.

2.7. The Site Administration does not verify the accuracy of the personal data provided by the User, and has no opportunity to assess his legal capacity. However, the Administration assumes that the User acts in good faith, prudently, provides accurate and sufficient personal data and makes all necessary efforts to keep such data up to date, and does not violate the rights of third parties.

2.8. By agreeing to the terms of this Policy, you confirm that at the time of collecting personal data, you are informed about the persons to whom personal data is transferred, the content and purposes of collecting personal data. You confirm (guarantee) that the personal data transferred to us for processing is transferred with the consent of the personal data owners and in accordance with the Law

2.9. The Administration, having received personal data from the User, does not undertake to inform the subjects (their representatives) whose personal data has been transferred to it about the start of personal data processing, since the obligation to provide appropriate information when concluding an agreement with the subject of personal data and / or when obtaining consent to such transfer is borne by the User who transferred the personal data.

2.10. The processing of your personal data is carried out in accordance with the requirements of the Law. The processing of personal data of persons residing in the EU or who are EU citizens is regulated, in particular, by the EU General Data Protection Regulation 2016/679 (hereinafter referred to as the «GDPR»). The laws of other countries may also impose additional requirements.

2.11. This Policy applies to all information that the Administration may receive about the User when using the online service, as well as in the course of the Administration’s performance of any agreements and contracts with the User.

2.12. This Policy is an internal document of the Administration.

3. The composition of personal data

3.1.In order to carry out its activities and fulfill its obligations, the Administration processes the personal data of the User provided by them during registration on the website https://prengi.com/ or in the mobile application «Prengi» and stored in their personal account.

3.2. The User’s personal data includes: last name, first name, patronymic, e-mail address, mobile phone number.

3.3 The Administration has the right to establish requirements for the composition of personal data that must be provided when using the online service. If certain information is not marked as mandatory by the Administration, its provision or disclosure is carried out by the User at his/her discretion.

3.4. Data that is automatically transmitted to the Administration when using the online service by the User using the software installed on the device: IP address, browser information and type of device operating system, hardware and software specifications, date and time of access to the online service.

4. Grounds and purpose of personal data processing

4.1 The grounds for processing personal data are:

1) consent of the personal data subject to the processing of his/her personal data by the Administration;

2) conclusion and performance of an agreement to which the personal data subject is a party or which is concluded in favor of the personal data subject, or to take measures preceding the conclusion of an agreement at the request of the personal data subject;

3) the need for the Administration to fulfill the requirements of the Legislation.

4.2. The purpose of personal data processing is:

— performing the functions assigned to the Administration in accordance with the legislation of Ukraine and the GDPR;

— collection, storage and processing of personal data received in the online service in accordance with the Law and the GDPR;

— providing the User with information about services, current promotions and special offers related to the services provided by the Administration through the online service.

— identification of the subject of personal data when using the online service;

— communication with the subject of personal data, if necessary, including sending offers, information materials, notifications, information and requests, advertising, as well as processing requests from the subject of personal data;

— improving the quality of the online service, its usability, developing new functionality and improving the quality of service;

— providing services to the User;

— conducting statistical and other research based on anonymized data;

— fulfillment by the Administration of contractual and other obligations to the User under agreements concluded between the Administration and the User or third parties in the interests of the User.

5. Basic principles of personal data processing

5.1. The Administration shall process personal data on the basis of the following principles:

5.1.1. Legality of the purposes and methods of processing personal data;

5.1.2. The Administration’s good faith as the owner of personal data is achieved by fulfilling the requirements of the legislation of Ukraine on the processing of personal data;

5.1.3. Achievement of specific, predetermined purposes of personal data processing;

5.1.4. Compliance of the purposes of personal data processing with the purposes previously determined and declared when collecting personal data;

5.1.5. Compliance of the list and volume of processed personal data, as well as the methods of processing personal data with the stated processing purposes;

5.1.6. Reliability of personal data, their sufficiency for the purposes of processing, inadmissibility of processing personal data that is excessive in relation to the purposes of processing personal data;

5.1.7. Ensuring, when processing personal data, the accuracy of personal data, their sufficiency, and, where necessary, relevance in relation to the purposes of personal data processing.

5.1.8. Inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes incompatible with each other;

5.1.9. Storage of personal data in a form that allows to identify the subject of personal data no longer than required by the purposes of their processing.

5.1.10. The processed personal data shall be subject to destruction or depersonalization upon achievement of the processing purposes or in case of loss of necessity to achieve these purposes, unless otherwise provided by the legislation of Ukraine and the GDPR.

5.2. The Administration shall process personal data for statistical or other research purposes, subject to the mandatory depersonalization of personal data.

5.3. The Administration does not process personal data related to racial or ethnic origin, political, religious or ideological beliefs, membership in political parties and trade unions, conviction to criminal punishment, as well as data related to health, sexual life, biometric and genetic data.

5.4. Personal data processing is carried out in compliance with the conditions set forth in the legislation of Ukraine and the GDPR.

6. Interaction of the online service with other resources

6.1. When you use the online service, codes of other Internet resources and third parties may be present, as a result of which such Internet resources and third parties receive your data. These Internet resources may receive and process information that you have visited these pages, as well as other information transmitted by your browser. Such Internet resources may include:

— banner display systems (e.g., DoubleClick for Publishers, Admixer, AdRiver, etc.)

— social networking plugins (e.g., Discus, Facebook, Twitter, Google+, etc.).

6.2. The use of these services is necessary for the operational analysis of visits to the Website, internal and external evaluation of the Website traffic, the depth of views, and the activity of the Users. We do not store or process the data received from these services.

6.3. If for any reason you do not want the services provided for in clause 6.1. of the Policy access your personal data, you can voluntarily log out of your Account and clear cookies (through your browser).

7. Interaction of the Online Service with third parties regarding personal data

7.1. We do not transfer personal data to third parties, except when such transfer is required by the current legislation of Ukraine, at the request of the personal data subject or in other cases set forth in this Policy. We understand that personal information is a value and inalienable content, including the personal non-property rights of any individual, so we take all possible measures to protect your personal information.

7.2. Access to your personal data may be granted to our authorized employees who have signed the NDA confidentiality and non-disclosure agreement, as well as to third parties who provide us with services for the support and administration of the online service, other services related to the Owner’s business activities. Our authorized employees and/or third parties, on the basis of agreements concluded with us, undertake to comply with all requirements of the current legislation of Ukraine regarding the protection of personal data of Users and their confidentiality.

7.3. The online service may contain links to other websites (for informational purposes only). When you follow a link to other websites, this Policy will not apply to such sites. In this regard, we recommend that you review the privacy and personal data policy of each website before submitting any personal data by which you can be identified.

7.4. The personal information you post on our online service may be accessible via the Internet worldwide. We cannot prevent the use and misuse of such information by third parties in other countries.

8. Terms of personal data processing

8.1. The terms of processing personal data are determined based on the purposes of processing, but not longer than provided by the Legislation.

8.2. Personal data, the processing (storage) period of which has expired, must be destroyed or depersonalized, unless otherwise provided by the Law. Personal data shall be stored in a form that allows to identify the subject of personal data no longer than required by the purposes of personal data processing, unless the period of personal data storage is established by the Law. The processed personal data is subject to destruction or depersonalization upon achievement of the processing purposes or in case of loss of necessity to achieve these purposes, unless otherwise provided by the Law. We must also take into account the periods for which we may need to retain your personal data to fulfill our legal obligations to you or regulatory authorities (in accordance with EU Regulation 261/2004).

8.3. We may minimize your personal data that we use over time, or we may even make your data anonymous so that it can no longer be linked to you personally. In this case, we may use this information without further informing you.

Your rights as a user (personal data subject)

9.1. You, as the User (personal data subject), have the right to:

1) to know about the sources of collection, location of your personal data, the purpose of their processing, the location of the Owner or to give an appropriate order to authorized persons to receive this information, except in cases established by the Law of Ukraine «On Personal Data Protection»

2) to receive information on the conditions for granting access to personal data, including information about third parties to whom his/her personal data is transferred;

3) to have access to their personal data;

4) to receive a response no later than thirty calendar days from the date of receipt of the request, except in cases provided for by the Law of Ukraine «On Personal Data Protection», whether his/her personal data is processed, as well as to receive the content of such personal data;

5) to submit a reasoned request to the Owner with an objection to the processing of their personal data;

6) to submit a reasoned request to the Owner to change or destroy their personal data if this data is processed illegally or is unreliable;

7) to protect your personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision, as well as to protect against the provision of information that is inaccurate or defamatory of your honor, dignity and business reputation;

8) file complaints against the processing of your personal data to the Ukrainian Parliament Commissioner for Human Rights or to the court;

9) apply for legal remedies in case of violation of the current legislation of Ukraine on personal data protection;

10) to make reservations regarding the restriction of the right to process their personal data when giving consent;

11) withdraw consent to the processing of personal data;

12) to know the mechanism of automatic processing of personal data;

13) to be protected against an automated decision that has legal consequences for him/her.

10. Cookies

10.1. Our online service uses cookies. A cookie is a file containing an identifier (a string of letters and numbers) that a web server sends to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies can be either «persistent» cookies or «session» cookies: a persistent cookie will be stored by the web browser and will remain valid until its set expiration date, unless you delete it before the expiration date; a session cookie, on the other hand, expires at the end of your session when the web browser closes. Cookies generally do not contain any information that personally identifies you, but the personal information we hold about you may be linked to information stored and retrieved from cookies.

10.2. The names of the cookies we use on our Site and the purposes for which they are used are set out below:

we use Google Analytics on our Website to recognize a computer when a User visits our Website.

Most browsers allow you to refuse to accept cookies — for example:

in Internet Explorer (version 10), you can block cookies using the cookie management options by clicking «Tools», «Internet Options», «Privacy» and then «Advanced»;

in Firefox (version 24), you can block all cookies by clicking on «Tools», «Options», «Privacy», selecting «Use custom settings for history» from the drop-down menu and unchecking «Accept cookies from websites»; and

in Chrome (version 29), you can block all cookies by opening the «Customize & Manage» menu, clicking «Settings», «Show Advanced Settings» and «Content Settings», and then selecting «Block sites from setting any data» «Under the heading «Cookies».

10.3. Blocking all cookies will negatively affect the usability of the Website. If you block cookies, you will not be able to use all the functions of our Site.

10.4. You can delete cookies that are already stored on your computer. Deleting cookies will negatively affect the usability of many websites.

To delete cookies:

in Internet Explorer (version 10), you must delete cookies manually (instructions for doing so can be found at http://support.microsoft.com/kb/278835);

in Firefox (version 24), you can delete cookies by clicking on «Tools», «Preferences» and «Privacy», then select «Use custom settings for history», click on «Show cookies», and then click on «Delete all cookies»;

in Chrome (version 29), you can delete all cookies by opening the «Customize & Manage» menu and clicking «Settings», «Show advanced settings» and «Clear browsing data», then select «Delete cookies and other site and plug-in data» before clicking «Clear browsing data».

11. Changes to the privacy policy

11.1. The Policy may be changed or terminated by the Administration unilaterally without prior notice to users, including if required by applicable law. The new version of the Policy comes into force from the moment it is posted on the online service, unless otherwise provided by the new version of the Policy. Therefore, we ask you to visit the online service https://prengi.com/ to make sure that you have the latest information.