The Pnp Service Provider is committed to maintain the confidentiality of information and personal data received and will take all measures necessary to ensure that they are safely stored.
This Confidentiality Policy uses the following terms in the following meanings:
Personal data — information or a set of information about a natural person that is identified or can be specifically identified;
Confidential Information — information or data that is defined as confidential and received by the Service Provider and the User from each other in the process of providing the Pnp Platform Services
Data Import — entering data provided by the User into the Pnp platform;
Cloud storage — secure cloud storage for storing data on multiple networked servers across the European Union.
Consent for the data transfer — clearly stated consent of the data owner or of the legal and authorized user of such data for such data transfer, including by accepting these terms and conditions and placing an order for the use of the Pnp.
General Data Protection Regulation — (GDPR, Regulation (EU) 2016/67), part of the European Union legislation concerning the protection of personal data within the EU and the European Economic Area.
The Service Provider adheres to ISO 9001 and General Data Protection Regulation standards when handling personal data and confidential information.
The relations between the Service Provider and the Customer are subject to the legislation of Ukraine and other countries, where it is applicable.
The Service Provider and the User undertakes to respect the confidentiality of all data received in connection with the provision of the service of using the Pnp.
RESPONSIBILITIES GENERAL DATA PROTECTION REGULATION *
The Service Provider complies with GDPR requirements, in particular:
- He clearly identifies the personal data obtained;
- He controls the availability of consent for the receipt and processing of personal data;
- He provides the possibility of complete deletion of personal data;
- He depersonalizes data for further use by the Service Provider;
- He ensures compliance with the requirements of the GDPR of all third parties that have access to personal data;
- He does not receive, does not process personal data on ethnic or national origin, philosophical, religious or political views, medical and other sensitive data with a special access and storage regime;
- He stores data on secure resources that comply with GDPR requirements
SOURCES OF OBTAINING THE INFORMATION
The Service Provider receives information from the User at the moment of formation of the User’s personal account and in the process of using Pnp.
The User is responsible for the truthfulness of the personal data provided, as well as for their timely updating. The User guarantees that he or she has received and transmitted the personal data legally and with the sufficient consent and permission of the owner of such data. The Service Provider has the right to request confirmation of the truthfulness of such data and the sufficiency of the consent of the personal data owner.
PURPOSE OF OBTAINING INFORMATION
The Service Provider may use personal data for subsequent purposes:
Provision of services,
Once the Pnp platform has been made available for use, the User may transfer the data that is being deposited into the platform. The Service Provider guarantees the safety of such data in accordance with this Confidentiality Policy and the Pnp Service Agreement. Immediately upon receipt, the data entered by the User are transferred for storage in the cloud storage and cannot be used by the Service Provider.
The Service Provider may provide confidential information and personal data to third parties based on the Users’ direct order (e.g. for the purpose of platform integration with other services). In this case, the Service Provider is not responsible for the safety of such data and cannot guarantee compliance with the special regime of such information.
Information may also be provided to law enforcement and other public bodies where such disclosure is mandatory and upon proper request, and the Service Provider shall immediately notify the User.
WITHDRAWAL OF CONSENT FOR TRANSFER AND PROCESSING OF INFORMATION
The User has the right to withdraw his or her consent for the transfer and processing of personal data at any time. In such a case, the Service Provider is obliged to take all possible actions to delete/transfer personal data to the User and to take all actions necessary for uninterrupted provision of the service to the User. At the same time, the Service Provider is not responsible for the quality and uninterrupted provision of the services.
The Service Provider guarantees the protection of personal data and confidential information from accidental loss or destruction, from illegal processing, including illegal destruction or access to personal data, not provided by the terms of this policy.
The Service Provider uses exclusively secure and protected resources to store confidential information and personal data, including cloud storage.
ALTERNATION OF THIS POLICY
The Service Provider has the right to alter the terms and conditions of this policy, which he notifies to the User not later than one calendar month before such changes become valid.