“BGS RAIL” LLC, legal entity code 30944148, INN 309441404620, address Muzeynyi Lane 4, 01001 Kiev, Ukraine (hereinafter referred to as the “Company”, “we”, “us” and “our”) commits to ensure security of personal data and protection of the rights of the users using and navigating the Company’s Website https://rail.bgs.aero (hereinafter referred to as the “Website”) as well as other data subjects, interacting with the Company in a number of different ways.
1. USE OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES
The Company handles and processes your personal data for direct marketing purposes in the following cases:
– when we obtain your explicit consent to such processing (on the basis of your consent);
– when you are the Company’s client without expressly objecting to processing your data for direct marketing of similar services or products, where you have been duly notified of such processing beforehand (on the basis of our legitimate interest).
For the purposes of direct marketing, the Company may processes the following personal data: your name, email address and phone number.
Your personal data for direct marketing purposes can be processed in the following ways:
– you may receive a newsletter with our offers, promotions, products, and news by e-mail;
– you may receive invitations to events and similar information by e-mail;
– you may be called by phone with invitation, commercial proposal or offer.
We inform you that you are free to opt out of our newsletters or any other information sent by e-mail at any time. You may exercise this option by clicking on a corresponding link at the bottom of our e-mail.
You may also refuse receiving information about events or any other information from us by sending an email to [email protected]
2. PROCESSING OF PERSONAL DATA WHEN YOU PROVIDE QUESTIONS, REQUESTS, OTHER INFORMATION
The Company also processes your personal information in cases when you contact us by email, ask questions, give requests and provide any other information on our Website, through e-mail or social networks.
Please observe the care and at least the following minimum requirements for protection of your personal information: please check that your e-mail, letter or request does not contain ID code, bank account number, vehicle registration number, real estate data, health data, other specific (sensitive) data, etc. Please also make sure that the remaining personal information is only indicated to the extent necessary for the purposes for which the message is sent.
The Company process the data you provide to administer requests and complaints, to ensure the quality of the services it provides, while protecting your rights and legitimate interests.
We process the said data on the basis of your consent, which is expressed by your active actions.
3. PROCESSING OF PERSONAL DATA OF THE SHAREHOLDERS, OTHER DATA SUBJECTS
The Company processes the personal data of its shareholders as well as information on ultimate beneficial owners to fulfil its legal obligations, laid down in applicable securities market, anti money laundering and related legal requirements.
The Company stores personal data of its shareholders to the extent necessary for achieving the purposes for which they are processed, all in accordance with applicable legal requirements.
The Company also processes the personal data of different categories of data subjects (clients, business partners, suppliers, other counterparties as well as their employees and agents), interacting with the Company in several different ways for the purposes of conclusion, performance, administration, support contractual arrangements, creation, development, improvement of business and related legal interest of the Company, defending itself from statements of claims, exercise of its rights and interest as well as fulfilment of obligations imposed on the Company by applicable legal acts.
Please note that some of the said data may be accessible to other group and related companies, situated both within and outside the EEA. We will ensure that personal data will be transferred only if there is a sufficient basis for this under the GDPR and other applicable legal acts – such data transfer may be necessary for conclusion and performance of agreements, it may also be based on other grounds, conditions and exceptions listed in the GDPR. We will take reasonable measures in order that data processors and recipients would process received data in accordance with the GDPR and other mandatory legal requirements (among other things, if necessary, we will ensure that data transfer or processing agreement is made in accordance with the standard data protection terms approved by the European Commission).
4. PROCESSING OF PERSONAL DATA IN THE WEBSITE
Each time you access or visit our Website, our Website automatically collects and manages the following technical data: IP address, date and time of access, the name and URL of the webpage that connects to the Website, visitor’s device operating system data, information of the visitor’s internet provider, visitor’s geo-location data, language settings, other relevant technical information.
We use the cookies on the Website, to customize the functioning of our Website as much as possible, and can contribute to ease of use when navigating our Website.
We would like to inform that certain technical details of your visit (IP address, cookies, technical information of the browser you use, other information related to your browsing activity and site-specific browsing information) can be transmitted or made available for browsing, analysis, and related purposes to the legal entities, operating both within the European Economic Area (hereinafter – “EEA”), and outside EEA (e.g., we use the Google Analytics services). Please note that personal data stored in non-EEA countries may be subject to less protection than in EEA countries, but we will carefully consider the conditions under which such data will be processed and stored after transfer to such entities.
5. PROCESSORS. DATA RECIPIENTS
The Company also uses the services provided by third parties (such as third-party data centers, servers, website design, administration services, online traffic and website analysis, statistics, direct marketing services, mailers, messengers, etc.) that may require access to your personal data to the appropriate extent. In this case, the Company ensures that the data processors comply with the obligations of confidentiality and adequate personal data protection.
We also use dedicated service providers to send newsletters and other promotional or related information, as well as to collect and transfer analytical information on statistical use of such information we sent to you.
6. DATA RETENTION
Your personal data is generally stored for no longer than legally required or absolutely necessary for the purposes we have collected it.
Your personal data processed for the purposes of direct marketing will be stored for no longer than 2 years from the date of your most recent consent (if we have received a separate consent) or the date of completion or expiration of the relevant contract (as the case may be).
Your personal data will be deleted within a reasonable time after the specified deadline.
Longer periods of personal data retention may be applied where:
– there is a reasonable suspicion of an unlawful act which is a subject to the investigation;
– your data is necessary for the proper resolution of the dispute, complaint or claim;
– the Company has received complaints related to the visitor of the Website or if the Company has noticed any violations committed by the visitor;
– it is necessary for backup copies or related purposes of the functioning of information systems of the Company;
– it is mandatorily required by applicable laws or other legal acts.
7. YOUR RIGHTS
You have certain rights related to the protection of personal data. These rights are at least the following:
– the right of access to the personal data;
– the right to rectification;
– the right to erasure (right to be forgotten);
– the right to the restriction of processing;
– the right to data portability;
– the right to object;
The Company recommends contacting us before a formal complaint is submitted to find the appropriate solution to the problem.
Upon receipt of your request and after successful completion of the above inspection, we undertake to inform you without undue delay, but in any case, no later than within one month after the receipt of your request and the completion of the verification procedure, information about the actions that we have taken in response to your request. Depending on the complexity and number of requests, we have the right to extend the said one-month period for another two months.
If your request is submitted electronically, we will also provide you with an answer by electronic means, except where this is not possible or if you ask you to respond in a different way.
8. HOW TO CONTACT US?
If you have any questions regarding this Policy or if you have any requests related to the processing of your personal data, you can contact us:
9. FINAL PROVISIONS