1. Definitions
1.1. For the purposes of this Privacy Policy:
1.1.1. “Administration” means authorized representatives of IT Group, operator of deostech.kz, including the Opsy product, who organize and/or carry out processing of personal data, define processing purposes and the scope of data.
1.1.2. “Personal data” means any information relating to an identified or identifiable natural person.
1.1.3. “Processing” means any operation or set of operations performed on personal data, whether or not by automated means (collection, storage, use, disclosure, erasure, etc.).
1.1.4. “Confidentiality of personal data” means a binding duty on the Administration and anyone else with access to personal data not to disclose such data without the data subject’s consent or another legal basis.
1.1.5. “Website” means the interconnected web pages on the Internet at https://deostech.kz, including the Opsy product (including /platform), other subpages, and API endpoints.
1.1.6. “Subdomains” means pages or sets of pages on third-level domains and other technical hosts used by the Administration in connection with deostech.kz to operate the Website, Opsy, or related services.
1.1.7. “User” means any person who accesses the Website via the Internet and uses information, materials, and/or services of the Website and Opsy.
1.1.8. “Cookies” means small data files stored on the User’s device and sent when accessing the Website (see also our Cookie Policy).
1.1.9. “IP address” means the unique network address of the node through which the User accesses the Website or API.
2. General provisions
2.1. By using the Website and Opsy, the User agrees to this Privacy Policy and to the processing of personal data as described herein.
2.2. If the User does not agree, they must stop using the Website and services.
2.3. This Privacy Policy applies to the Website deostech.kz, the Opsy application/platform, and related services under that domain and subdomains. We do not control and are not responsible for third-party websites the User may access via links on the Website.
2.4. We are not obliged to verify the accuracy of personal data provided by the User, except where verification is required to provide the services or by law.
3. Scope of this Privacy Policy
3.1. This Policy sets out the Administration’s obligations to protect personal data that the User provides at the Administration’s request when registering on the Website or in Opsy, completing forms, subscribing to e-mail updates, contacting support, or otherwise using the Website.
3.2. Personal data permitted for processing under this Policy may be provided by the User, including via forms on the Website, and may include:
- 3.2.1. e-mail address and other contact details if entered in a form;
- name, job title, phone number — if voluntarily supplied;
- account identifiers and data required for API/platform operation (including technical tokens);
- content of support requests and correspondence.
3.3. The Website and services process data automatically transmitted when pages are visited or the API is used:
- IP address;
- information from cookies;
- browser and device information (type, version);
- access time;
- referrer (previous page URL);
- technical logs required for operation and security.
3.3.1. Disabling cookies may make it impossible to access parts of the Website or platform that require authentication or saved settings (language, session, etc.).
3.3.2. We may process IP-based statistics about visitors to prevent, detect, and resolve technical issues and to maintain security.
3.4. Any other personal information not expressly listed above (including aggregated usage data) shall be stored and not disclosed except as provided in Section 5.2 and applicable law of the Republic of Kazakhstan.
4. Purposes of collecting personal information
4.1. The Administration may use the User’s personal data for the following purposes:
4.1.1. To identify the User, including registered users or those accessing the Website and Opsy, for authentication and access to services.
4.1.2. To provide access to personalized areas of the Website and Opsy features.
4.1.3. To communicate with the User, send notices and requests related to use of the Website and Opsy, and handle applications and inquiries.
4.1.4. To determine approximate location (region from technical data) for security and fraud prevention.
4.1.5. To verify accuracy and completeness of personal data where necessary to perform our contract (offer) or provide support.
4.1.6. To create and maintain an account for parts of the Website and Opsy where the User registers and consents.
4.1.7. To notify the User by e-mail where an address is provided and there is a legal basis (transactional messages, support replies, etc.).
4.1.8. To provide effective technical support for issues related to the Website or Opsy.
4.1.9. With separate consent — to send special offers, newsletters, and other communications on behalf of the Website and Opsy.
5. Methods and periods of processing
5.1. Personal data are processed in a manner and for durations aligned with the processing purposes, without storing longer than necessary for those purposes (unless law requires otherwise), by lawful means, including in personal data information systems, with or without automation.
5.2. Personal data may be transferred to authorized public authorities of the Republic of Kazakhstan only on the grounds and in the manner established by the laws of the Republic of Kazakhstan.
5.3. We may engage processors (hosting, analytics, messaging, and others) provided they maintain confidentiality and process data on our instructions only to the extent necessary to deliver services.
5.4. We take organizational and technical measures to protect personal data against unlawful or accidental access, destruction, alteration, blocking, copying, dissemination, and other unlawful acts by third parties.
5.5. We work with the User, where reasonable, to mitigate loss or other adverse consequences related to loss or disclosure of personal data, within the limits required by applicable law.
6. Rights and obligations of the parties
6.1. The User has the right to:
6.1.1. Decide freely whether to provide personal data needed to use the Website and Opsy and, where required by law or service policy, to give consent to processing.
6.1.2. Update or supplement personal data when it changes, via the Website/platform interface or by contacting support.
6.1.3. Obtain information about processing of their personal data where not restricted by law of the Republic of Kazakhstan; request rectification, blocking, or erasure in cases provided by Law No. 94-V “On personal data and their protection” and other applicable rules. Contact: info@deostech.kz.
6.2. The Administration shall:
6.2.1. Use received information solely for the purposes set out in Section 4 of this Policy.
6.2.2. Maintain confidentiality of personal data, not disclose it without a legal basis or User consent where such consent is required, and not sell or barter personal data except as stated in Section 5.2.
6.2.3. Take precautions to protect personal data in line with common business practice for this type of information.
6.2.4. Block personal data relating to the User from the time of a request by the User, their legal representative, or an authorized data-protection body, for the period of any review required by law (including where data are inaccurate or processing is unlawful).
7. Liability
7.1. If the Administration fails to perform its obligations, it is liable for loss suffered by the User due to unlawful processing of personal data under the laws of the Republic of Kazakhstan, except where Section 5.2 or Section 7.2 applies.
7.2. The Administration is not liable for loss or disclosure of confidential information if that information:
7.2.1. became public before loss or disclosure;
7.2.2. was received from a third party before it was obtained by the Administration;
7.2.3. was disclosed with the User’s consent.
7.3. The User is responsible for complying with the laws of the Republic of Kazakhstan, including on advertising and intellectual property and personal data, in respect of their actions on the Website and in Opsy.
7.4. The User acknowledges that responsibility for the content of information and materials (including files and text) they send to support or submit within permitted use of the Service is determined by applicable law and Opsy’s terms of use.
7.5. Website materials (text, images, Opsy UI, etc.) may be protected intellectual property. Rights belong to the Administration, licensors, or others as applicable. The User must not act without the rights holder’s permission in ways that infringe those rights, except as allowed by law or license.
7.6. For textual materials (articles, posts publicly available on the Website), use is permitted with a clear active link to the source on deostech.kz, unless accompanying terms prohibit it.
7.7. The Administration is not liable for loss due to deletion, failure, or inability to save data or other information transmitted through the Website or Opsy, except where direct fault of the Administration is established under applicable law.
7.8. The Administration is not liable for indirect loss arising from use or inability to use the Website or Opsy, unauthorized access to the User’s communications, or actions of third parties, to the extent permitted by applicable law.
7.9. The Administration is not liable for information or materials the User shares with third parties via Service features or posts in violation of the terms of use or the law.
8. Dispute resolution
8.1. Before filing a claim in court, the party shall send a written or electronic claim (pre-action).
8.2. The recipient shall respond within 30 calendar days of receipt.
8.3. If no settlement is reached, disputes shall be subject to the courts at our place of business — Almaty, Republic of Kazakhstan.
8.4. This Policy and the relationship between the parties are governed by the laws of the Republic of Kazakhstan, including the Law of the Republic of Kazakhstan dated 21 May 2013 No. 94-V “On personal data and their protection”.
9. Additional terms
9.1. We may amend this Policy without separate consent.
9.2. The new version takes effect when published on the Website unless otherwise stated.
9.3. Questions: info@deostech.kz.
9.4. Current version: https://deostech.kz/en/privacy.