Privacy Policy for Collecting Personal Data of Users

Last updated: October 1, 2020

TOO "GF COMPANY" (GF COMPANY), BIN 170840014795, legal address: Republic of Kazakhstan, Almaty, Zhambyla Street, 114 (hereinafter referred to as GFC) is the operator of personal data.

This Privacy Policy contains a description of the types of personal data that we collect about the User through our website, a description of how we may use this data, with whom we may share this data, and the available options for us to use the data.

The Privacy Policy also contains a description of the measures we take to protect personal data, the data retention periods, and the methods that Users can use to contact us and obtain information about ways to protect confidential data and exercise their rights.

In connection with your use of the Site, you may provide us with your personal data in several ways. The list of types of personal data we receive includes:

• contact details (such as name, email address, delivery address, postal code, phone number, and identity document);
• account details used to create an account on the Site (e.g., email address and password);
• information from your social media profile in cases where you decide to use your social media account to create an account on the Sites;
• data that you have decided to publish in your personal public profile "My Page," including the web address, photo, links to your social media profiles, and any other information you have chosen to publish in your account;
• payment data, such as name, billing address, account number, and payment card details (including card number, expiration date, and security code) for payments processed by us;
• bank account and tax information (indirect income determination system established by the legislation of the Republic of Kazakhstan);
• order history, including data on products purchased or viewed through the Site;
• data from social networks, such as social network username, content, and other data that you share with us through third-party features used on our Sites (e.g., applications, tools, payment sites, widgets, and plugins offered by social networks such as Facebook, Google, Instagram, LinkedIn, Pinterest, Twitter, and YouTube), or post on social media pages (e.g., on our social media pages or other pages available to us);
• other personal data contained in the content you publish on the Site, for example, when contacting user support;
• IP address, device, operating system, and browser data that we have identified.

You are not required to provide this data, however, if you decide not to do so, we will not be able to provide you with the opportunity to use certain Sites and related features.

Data Usage

We will use the information we receive through the Site as necessary to fulfill our contractual obligations to provide you with the products and services you request, to deliver the products you order (including, among other things, transportation and customs clearance using the services of third parties).

We will also use the data we receive through the Site if we have a legitimate interest or other legal grounds for doing so (e.g., your explicit consent, the need to enter into a contract with you and fulfill its terms, the need to comply with our legal obligations, conduct research and statistical observations based on anonymized personal data, etc.).

We will also use your contact information to send you newsletters about health, emails, notifications about our products, services, sales, and special offers if you agree to receive this information and do not opt out of the offer.

When you use the Site or open our emails, we may receive certain information through automated means, such as browser cookie files, Flash cookies, web beacons, device identifiers, server logs, and other technologies. The data obtained in this way may include your device's IP address, domain name, device-related identifiers, device type and characteristics, operating system characteristics, web browser characteristics, language preferences, visit information, your interactions with our Sites (e.g., web pages you visited, links you clicked on, and features you used), pages from which you accessed the Site, dates and times of access to the Site, and other information about your use of the Site. We may also receive data about your device's location and other location data through GPS, Bluetooth, Wi-Fi, and other technologies for the purposes mentioned above. Your device may display a notification when the Site attempts to obtain data about "Cookie files" are text files that a website sends to a visitor's computer or other Internet-connected devices to identify the visitor's browser or save information, or settings in the browser. "Flash cookies," also known as shared local objects, are used, like cookie files, to personalize the user experience on websites using Adobe Flash Player. A "web beacon," also known as an internet tag, pixel tag, or transparent GIF file, links a web page to web servers and their cookie files