1.1. These Personal Data Processing Policy Rules (hereinafter - the Rules) represent the framework of collection, use, transmission and protection of user data received via GetCourse website, by GETCOURSE PRIVATE LIMITED (hereinafter - "GetCourse"). Terms "we", "us" and/or "our" refer to GetCourse and its subsidiaries.
1.2. Whenever we request certain personal information from our users, the reason for that is either the company's duty, by virtue of law, to collect the data, or such data is required for achievement of specific goals.
1.3. From time to time, we may revise the Rules in order to reflect the amended legislation or changes in the company's personal data collection and use framework. We publish the changes on our website. We may keep you informed of significant changes in the Rules via email, but your safest choice to know about the updated and effective information concerning the personal data processing is regular connection to our website. Before we proceed with using your data for any purposes not covered by these Rules, we will request your kind approval.
1.4. Processing its clients' personal data, GetCourse is committed to the following general principles:
1.4.1. Legality. Personal data processing by GetCourse is subject to the following restrictions: mandatory client's approval, data processing is needed for fulfillment of contractual obligations, or is required by law, or there is any other basis for legitimate processing.
1.4.2. Justice. Client may request GetCourse to provide information about the data being processed, also whenever reasons for processing no longer exist.
1.4.3. Transparency. Client is entitled, and the GetCourse is obliged to provide its Client with the information concerning processing of such data. GetCourse is obliged to provide details of data processing framework.
1.4.4. Goal restriction. The only data GetCourse will be processing is the data necessary to provide services to the client, or necessary to perform GetCourse's routine activities.
1.4.5. Minimization. GetCourse will delete all data if they are no longer needed to provide its services and/or if the reason for their processing no longer exists.
1.4.6. Accuracy. GetCourse provides for accuracy and relevance of client data. Client may request deletion or correction of incorrect data.
1.4.7. Restrictions of data storage. Client's data will be processed during the required timeframe only. Data storage timeframe may depend on the specific purpose, agreements with the client or the requirements arising from law, i.e. the obligations arising from countering the legalization of proceeds of crime, accounting rules and civil law acts.
1.4.8. Honesty and confidentiality. Since GetCourse processes data that is considered confidential, GetCourse undertakes to pay more attention to the technical and legal measures applied to ensure protection and confidentiality of such data.
1.4.9. Accountability. GetCourse undertakes to fulfill its obligations under this Agreement, and bears responsibility for secure processing of the client's data according to the terms set forth in this Agreement.
2. DATA COLLECTED BY US
2.1. When clients create accounts on GetCourse platform, they provide us with personal data which includes their contact information (email address, name and password). Clients may also add a telephone number for a SMS account to be used to enhance security.
2.2. Personal data subject to collection by the company includes:
2.2.1. Email address and telephone number;
2.2.2. Full name;
2.2.3. Personal photo;
2.2.4. Date of birth;
2.2.5. Residential address;
2.2.6. Social media accounts (if any);
2.2.7. Other personal data or documentation will be added at the discretion of our compliance team.
2.3. When you use the GetCourse platform, we also track and collect information related to use of the platform, such as the date and time of access, device identification, operating system, browser type and IP address. The above information may be obtained by GetCourse, directly or with the use of third-party services. This data concerning use of the platform will help our systems to provide for accessibility of our interface to all users, and may also contribute to progress in criminal investigations.
2.4. When it comes to all personal and corporate accounts, we collect transaction data which includes deposit snapshots, account balances, trading history, funds withdrawals, order performance status and distribution history. These transaction data are monitored in terms of suspicious trading activity, to provide user security in case of fraud, and to facilitate settlement of disputes in court.
3.YOUR PERSONAL DATA USE FRAMEWORK
3.1. The Company uses your personal data in order to maintain contact with you, as well as to administer, provide, improve and customize the service. The Company may also generate common data from any Personal Data collected thereby, and use it for its own purposes. The Company may also use such data for contacting you on the issues related to other products or services offered by GetCourse and/or its partners. The Company will never transfer your personal data to any third parties (other than its partners in connection with their services for GetCourse, unless you give us your approval for that, as we describe in more detail below.
3.2. The Company may share your personal data with the third parties listed below:
3.2.1. counterparties in the transaction;
3.2.2. state bodies, including the regulatory bodies, law enforcement agencies and/or judicial authorities;
3.2.3. service providers and proficient consultants who have concluded a contract to provide us with administrative, financial, research, operational, IT or other services, such as telecommunications, information technology, storage and archiving;
3.2.4. any actual or prospective assignee of our rights and obligations;
3.2.5. banks, credit card issuing companies and their respective service providers; and any other party you may approve as data transmission agent, whenever such person has instructed or agreed in the applicable contract.
4.YOUR PERSONAL DATA STORAGE FRAMEWORK
The data the Company receives from you may also be transferred and stored abroad. Such data may also be processed by the staff employed by the Company or one of its suppliers, and working outside the territory of Europe.
5. YOUR PERSONAL DATA ACCESS, CORRECTION AND DELETION
5.1. You are entitled to receive a copy of your personal data upon request, and find confirmation that your personal information we store is accurate and up-to-date. If any item of your personal data is inaccurate, you may request an update of such information. You may also request deletion of your personal data, unless we have rejected your request for deletion, due to certain circumstances, such as compliance with the law or other legal purposes. To provide for data access, correction or deletion, please contact email@example.com, indicating the subject: "DATA REQUEST".
5.2. In response to your request for data access, correction or deletion we will verify the identity of the requesting party, to make sure that he/she has legitimate right to make such request. Yet we strive to respond to such requests, charging no fee , we reserve the right to charge you a reasonable fee if your request is repetitive or burdensome.
6.1. We are entitled to disclose the Company's news and information, hold promotion campaigns involving the products and services provided by GetCourse. We may share personal data with third parties, to facilitate implementation of the Company's marketing and advertising projects or to send marketing messages. Using the GetCourse platform, you accept these Rules, and agree to receive such marketing messages.
6.2. You may reject marketing messages at any time. If you don't wish to receive the messages, please send an email to the address firstname.lastname@example.org.
6.3. Any messages directly concerning the product, such as policy/terms updates and operational notifications, you will not be able to reject such messages.
7. PERSONAL DATA STORAGE
7.1. GetCourse will store personal data no longer than it is necessary for the purposes of personal data processing, or for the purposes of the applicable law.
7.2. Personal data processing log is stored for five years.
7.3. Accounting records containing personal data are kept during seven years after the end of the financial year to which they relate.
8.DATA SUBJECT'S RIGHTS
8.1. These Rules are intended to inform you about the kind of data GetCourse collects about you, and the framework of its use. However, if you have any questions regarding your personal data, please contact us by email email@example.com.
8.2. You also are entitled to:
8.2.1. request personal data correction;
8.2.2. request personal data deletion;
8.2.3. require restrictions to be imposed on personal data processing;
8.2.4. transfer personal data;
8.2.5. require that no decision regarding the Data Subject be based on automated processing;
8.2.6. revoke approval of personal data processing;
9.YOUR PERSONAL DATA SECURITY
9.1. In order to protect personal data and information you enter into the Company's online environment that identifies you, we apply certain physical, technical and administrative security measures. The Company updates and tests its security technology on a regular basis. The Company's online networks are protected by firewalls and intrusion detection software. Access to your personal data is available only to those employees who need it to provide you with the agreed service, or on any other legitimate basis.
9.2. The Company uses sufficient measures to protect your personal data, and its activities are regulated by the relevant legislation on information security, however, the Company would like to note that no website or database is completely secure or protected against hacking. Protect yourself and help us prevent computer frauds through careful protection and preservation of your passwords. The Company's online environment does not use spyware. If you suspect that your account has been hacked, contact our Company immediately.
2. Responsible for processing personal data
2.1.When processing personal data, the Operator issues a corresponding order appointing a person responsible for processing personal data.
2.2. The person responsible for processing personal data reports to the Operator's Executive body — the General Director, controls the process of processing personal data and ensures the implementation of all the provisions of this Policy that fall within its competence.
2.3. Responsible for processing personal data:
2.3.1. performs internal control over compliance by the Operator and its employees with the legislation of the Russian Federation on personal data, including requirements for personal data protection.
2.3.2. controls the reception and processing of requests and requests from personal data subjects or their representatives.
2.3.3. takes measures to detect unauthorized access to personal data and immediately communicate this information to the General Director.
2.3.4. constantly monitors the level of protection of personal data.
2.3.5. introduces The operator's employees, who have access to personal data, to the provisions of the legislation of the Russian Federation on personal data, including the requirements for personal data protection, as well as local acts of the Operator that determine the procedure for processing personal data.
2.3.6. performs internal control and (or) audit of compliance of personal data processing with the Federal law of 27.07.2006 No. 152-FZ "on personal data" and the regulatory legal acts adopted in accordance with it, the requirements for personal data protection, the Operator's policy regarding personal data processing, and the Operator's local acts.
3. Procedure for ensuring the rights of the personal data subject
3.1. Personal data subjects or their representatives have the rights provided for by the Federal law of 27.07.2006 N 152-FZ «On personal data».
3.2. The operator ensures the rights of personal data subjects in accordance with the procedure established by chapters 3 and 4 of the Federal law of 27.07.2006 N 152-FZ «On personal data».
3.3. The representative’s authority to represent the interests of each personal data subject is confirmed by a corresponding power of attorney.
3.4. The information specified in part 7 of article 22 of the Federal law of 27.07.2006 N 152-FZ «On personal data» is provided to the personal data subject in an accessible form without personal data relating to other personal data subjects, except for cases where there are legal grounds for disclosure of such personal data, in electronic form. At the request of the personal data subject, they can be duplicated on paper. The available form on paper must be certified by the CEO.
3.5. The information specified in part 7 of article 22 of the Federal law of 27.07.2006 N 152-FZ «On personal data» shall be provided to the personal data subject or his representative upon personal request or upon receipt of a request from the personal data subject or his representative. The request must contain the number of the basic document proving the identity of personal data subject or his representative, the date of issuance of the document and the issuing authority, the information confirming the participation of the data subject in relations with the Operator (number of contract, date of conclusion of the contract, conditional verbal designation and/or other information), or information otherwise confirming the fact of processing of personal data by the Operator, the signature of the personal data subject or his representative. If technically possible, the request can be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
3.6. The right of a personal data subject to access his personal data may be restricted in accordance with Federal laws.
3.7. The operator must immediately terminate the processing of personal data specified in part 1 of article 15 of the Federal law of 27.07.2006 N 152-FZ «On personal data» at the request of the personal data subject.
3.8. The operator is obliged to provide the personal data subject or his representative with the opportunity to get acquainted with the personal data related to this personal data subject at the place of its location during working hours free of charge.
3.9. At the request of the personal data subject or its authorized representative, the operator provides local acts of the Operator concerning the processing of personal data for review. The Operator’s local regulations are the Regulations on processing personal data of Platform users and the Regulations on ensuring the security of personal data of Platform users in accordance with article 19 of the Federal law of 27.07.2006 N 152-FZ «On personal data».