Personal Data Processing Policy

1. General Provisions

This personal data processing policy is drawn up in accordance with applicable data protection legislation and defines the procedure for processing personal data and the measures taken to ensure its security by Qwerty Co LLC (hereinafter — the Operator).

1.1. The Operator considers the observance of human and civil rights and freedoms during the processing of personal data, including the protection of privacy, personal and family secrets, to be its most important goal.

1.2. This Policy applies to all information that the Operator may receive about visitors to the website https://qwerty.agency.

2. Key Definitions

2.1. Automated processing — processing of personal data using computer technology.

2.2. Blocking — temporary suspension of personal data processing (unless processing is required to clarify the data).

2.3. Website — a collection of graphic and informational materials, as well as software and databases, accessible on the internet at https://qwerty.agency.

2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means that process them.

2.5. Depersonalization — actions that make it impossible to determine the ownership of personal data by a specific user without additional information.

2.6. Processing of personal data — any action or set of actions performed on personal data, including collection, recording, systematization, accumulation, storage, clarification, extraction, use, transfer, depersonalization, blocking, deletion, and destruction.

2.7. Operator — a legal or natural person that independently or jointly with others organizes and/or carries out the processing of personal data.

2.8. Personal data — any information relating directly or indirectly to an identified or identifiable user of https://qwerty.agency.

2.9. User — any visitor to https://qwerty.agency.

2.10. Destruction of personal data — actions that result in the irreversible destruction of personal data with no possibility of further recovery.

3. Rights and Obligations of the Operator

3.1. The Operator has the right to:

— receive accurate information and/or documents containing personal data from the data subject;

— continue processing personal data without the consent of the data subject where grounds exist under applicable law, even after consent has been withdrawn;

— independently determine the measures necessary to fulfill obligations under applicable personal data legislation.

3.2. The Operator is obliged to:

— provide the data subject with information regarding the processing of their personal data upon request;

— organize personal data processing in accordance with applicable law;

— respond to requests from data subjects and their legal representatives;

— take legal, organizational and technical measures to protect personal data from unauthorized access, destruction, modification, blocking, copying or distribution;

— fulfill other obligations provided by applicable personal data legislation.

4. Rights and Obligations of Data Subjects

4.1. Data subjects have the right to:

— receive information regarding the processing of their personal data;

— request correction, blocking or deletion of their personal data if it is incomplete, outdated, inaccurate, or unlawfully obtained;

— withdraw consent to the processing of personal data;

— exercise other rights provided by applicable law.

4.2. Data subjects are obliged to:

— provide the Operator with accurate personal data;

— notify the Operator of any updates or changes to their personal data.

5. Principles of Personal Data Processing

5.1. Processing is carried out on a lawful and fair basis.

5.2. Processing is limited to specific, predetermined and lawful purposes.

5.3. Only personal data that meets the purposes of processing is processed.

5.4. Personal data is stored in a form that allows identification of the data subject for no longer than required by the purposes of processing.

6. Purposes of Processing

The purpose of processing personal data is to inform the User by sending emails.

Data collected

Full name; email address; phone numbers; messenger accounts (Telegram, WhatsApp).

Legal basis

Processing is carried out on the basis of the Operator's founding documents and applicable personal data legislation.

Types of processing

Collection, recording, systematization, accumulation, storage, destruction, depersonalization, and sending informational emails to the User's email address.

7. Conditions of Processing

7.1. Processing is carried out with the consent of the data subject.

7.2. Processing is necessary for the performance of a contract to which the data subject is a party.

7.3. Processing is necessary for the legitimate interests of the Operator, provided that the rights and freedoms of the data subject are not violated.

8. Storage, Transfer and Security

8.1. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access.

8.2. Personal data will never be transferred to third parties except as required by law or with the explicit consent of the data subject.

8.3. If inaccuracies are found in personal data, the User may request corrections by contacting hello@qwerty.agency with the subject line "Personal Data Update".

8.4. The User may withdraw consent to personal data processing at any time by sending a notice to hello@qwerty.agency with the subject line "Withdrawal of Consent".

9. Cross-Border Transfer

Prior to cross-border transfer of personal data, the Operator shall notify the relevant supervisory authority and obtain necessary information from the receiving parties in the foreign country.

10. Confidentiality

The Operator and any persons who have gained access to personal data are obliged not to disclose or distribute personal data without the consent of the data subject, unless otherwise required by law.

11. Final Provisions

11.1. The User may obtain clarifications on any questions regarding the processing of their personal data by contacting the Operator at hello@qwerty.agency.

11.2. Any changes to the personal data processing policy will be reflected in this document. The Policy is valid indefinitely until replaced by a new version.

11.3. The current version of the Policy is publicly available at https://qwerty.agency/ai/eng/policy.