Terms and Conditions

Who we are?

We are MATRIXSOFT Limited Liability Partnership, a company incorporated under the laws of Republic of Kazakhstan, Almaty, Medeu district, Hadji Mukan street, 22/6, 2nd floor, postal code: 050059, and its subsidiaries and affiliated entities (hereinafter "MATRIXSOFT", "we" or "us"), acting as data controllers.

MATRIXSOFT company provides comprehensive solutions for process automation and efficiency improvement in Oil&Gas, Manufacturing, Retail, and Finance enterprises.

The objective of this Privacy Policy is to inform the users of MATRIXSOFT online and offline sites, resources, products and services on the objectives, scope and methods of protection, periods of processing of personal data and your rights within the framework of our personal data processing procedures.

In order to ensure service provision and assess the need for the improvement of the content and structure of the websites, information on website visitors and users of services provided therein, contained within the files of access to the website, for instance, IP address, time of the visit, pages viewed, etc., similarly as in other websites, is collected and processed.

Cookies (small data fragments) are also used on the websites of MATRIXSOFT, which permits to expand the options of the website use. In accordance with the opportunities of the technologies used, it is possible to refuse to use cookies, however, it is not recommended, since, in this event the options of the use of the websites or MATRIXSOFT services are limited.

Basic Definitions

This Privacy Policy uses the following basic definitions:

Policy — the present Privacy Policy.

User — a natural person, who is using the Website or any other product and/ or service of MATRIXSOFT.

Personal data — any information that enables direct or indirect, i.e. in connection with other data, identification of you as a natural person (data subject), including name, surname, patronymic, contact information, Face image data, data that identify user device, as well as data that permit identification of the procedures and methods of Website and/or service use by the User.

Data subject — natural person, who either directly, or indirectly is identified or can be identified by means of personal data.

Data processing — means any action or a set of actions implemented with the data by using automated equipment or without such equipment, for instance, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, etc.

Third party — a person that is not a representative of the Company, its employee, subsidiary, representative office, associated company and (or) a partner, which is bound with the Company by contractual liabilities regarding non-disclosure of personal data, as well as persons that are not identified by the respective personal data.

User device – a personal computer, notebook, tablet, smartphone or any other device operated by the user to use the website and other online resources of MATRIXSOFT.

Cookies – identification technologies that are integrated by the Website into the web browser of the User with the purpose of ensuring the operation of a service and\or collection of data on the User device, as well as, on the procedures and methods of Website use.

2. What does this Data Privacy Policy cover?

This Privacy Policy applies to our public-facing MATRIXSOFT branded website and other online services and will be available by a link on all sites and services which it covers. Some MATRIXSOFT websites, apps, or online services may collect and use personal information about you in a different way and so will have a different MATRIXSOFT Privacy Policy. Our site contain links to other websites not owned by MATRIXSOFT and we do not control the content or privacy practices of those sites.

Our website and offerings are directed to people in their business or professional capacities. They are not intended for children under 18 years of age. We do not knowingly solicit information online from, or market online to, children under 18 years of age.

The privacy policy is used to ensure the protection of confidentiality and personal data regarding:

1. Natural persons - users (including potential, former and current users) of the products or services of MATRIXSOFT;
2. Visitors of office, production and other premises of MATRIXSOFT, including persons subject to video surveillance;
3. Visitors of marketing events, training sessions and other similar events organized or attended by the representatives of MATRIXSOFT.

This privacy policy is in effect regarding any information, including personal data in the meaning of the applicable law that MATRIXSOFT and/ or affiliated persons of MATRIXSOFT may obtain regarding you in the process of the use of any websites, software, products, and/ or services of MATRIXSOFT (hereinafter jointly - Services), the information on which you can find on the website MATRIXSOFT.com.

Please note, for purpose of this Privacy Policy, personal information means data or set of data that can identify an individual, such as name, telephone number, and email address. For what type of data we collect for a specific purpose see below.

3. What personal data do we collect and how do we intend to use it?

3.1. Data collected for contacting MATRIXSOFT Experts (including contacting you in order to draw up contracts and/or conclude contractual liabilities between the Company and the data subject, between the Company and the user, etc.)

• Type of data: name, email address, telephone.
• Purpose: get your callback from a MATRIXSOFT expert in order to discuss your requests.
• Legal basis: consent. You can unsubscribe any time by clicking the unsubscribe
  link available in all our marketing communication or contact us at the relevant
  contact points indicated below.
• Retention time: we will keep the data as long as necessary to provide you with
  the information you subscribed for, but no more than 2 years since the last interaction, unless the existing contract, legal claim or legal requirement justifies further processing of which you will be informed.
• Source of data: the data is provided by you directly through the website form “Talk to an expert”
• Requirement to provide data and consequences of not providing: the fields are necessary for subscription, not providing such data will result in failure to register for the newsletter.

3.2.  Data collected for marketing purposes (contacting you via email or telephone for offerings of services, news or events registration)

• Type of data: name, email address, telephone.
• Purpose: promoting our or our partners services and products.
• Legal basis: consent. You can unsubscribe any time by clicking the unsubscribe
  link available in all our marketing communication or contact us at the relevant
  contact points indicated below.
• Retention time: we will keep the data as long as necessary to provide you with
  the information you subscribed for, but no more than 2 years since the last interaction, unless the existing contract, legal claim or legal requirement justifies further processing of which you will be informed.
• Source of data: the data is provided by you directly through the subscription for our newsletter in the website form “Talk to an expert” and/or during product presentations, thematic exhibition visits or user training, after the subject has been informed and he/she has given his/her explicit consent, the event may be captured in photos and / or video for the purpose of preparing and submitting a report on the conducted event.
• Requirement to provide data and consequences of not providing: the fields are necessary for subscription, not providing such data will result in failure to register for the newsletter.

3.3. Data collected through webforms for events registration

• Type of data: business contact details that might include name, email address, telephone number, company, role, industry.
• Purpose: to register you for the specific event and provide you with the needed information to attend said event.
• Legal basis: the legal basis may differ depending on local laws applicable, but generally we consider that our legitimate interests justify the processing unless and until you ask us to provide specific services or products, in which case existing or intended contract provides a legal basis; we find such interests to be justified considering that the data is limited to what is usually shared by the people acting in their business or professional capacities.
• Retention time: we will keep the data as long as necessary to fulfil the purpose pursued but no more than 2 years since the last event registration.
• Source of data: the data is provided by you directly by filling in the webform.
• Requirement to provide data and consequences of not providing: some fields are marked necessary in our webforms in order to submit such forms; not providing such data will result in the inability to submit a form and register for the
  event.

3.4. Data collected and when you contact us directly via email, telephone or post

• Type of data: depending on the content and channel of your communication to us, this includes business contact details, content of your communication.
• Purpose: to provide you with requested information and respond to your queries.
• Legal basis: the legal basis may differ depending on local laws applicable, but generally we consider that our legitimate interests justify the processing unless and until you ask us to provide specific services or products, in which case existing or intended contract provides a legal basis; we find such interests to be justified considering that the data is limited to what is usually shared by the people acting in their business or professional capacities and we provide easy opt-out (we will only refuse deleting your data if we have a compelling legal justification to keep
  them).
• Retention time: we will keep the data as long as necessary to fulfil the purpose
  pursued but no more than 2 years since the last interaction, unless the existing contract, legal claim or legal requirement justifies further processing of which you will be informed (data will be reviewed annually and data which is not relevant will be deleted). Notwithstanding the other provisions we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
• Source of data: the data is provided by you directly, through interactions with our company and websites, and from publicly available sources of business-related information.
• Requirement to provide data and consequences of not providing: not providing such data will result in no ability to obtain required information.

3.5. Data collected through cookies and similar technologies

(for more details please visit our Cookie Policy) – upon visiting our website you will be provided with a customized cookie consent tool to make such choices as might be applicable:

• Type of data: IP address and related information such as location and internet provider, browser and content type, version and settings, viewed content and activities, the names of the requested files or information; date, time and duration of request; amount of transferred data.
• Purpose: maintaining our websites, general statistics and measurement of effectiveness of our websites and marketing techniques, marketing.
• Legal basis: the legal basis may differ depending on local laws applicable, but generally we consider that our legitimate interests justify the processing for necessary cookies and consent for all the other ones. We find the legitimate interest to be justified considering that the data is necessary for making the website functional (our website does not offer any content directed to individual consumers as well as any content which might be used for any inferences about your private life habits or interests), and limit the retention of data.
• Retention time: for details of expiration of cookies/similar technologies please visit our Cookie Policy.
• Source of data: data is obtained automatically through your use of the website and from external parties such as Google Analytics.
• Requirement to provide data and consequences of not providing: you are not required to provide any data yourself.

3.6. Data collected for KYC purposes

• Data subject categories: Beneficial Owners, Key Controllers, Directors, and Related Parties of companies purchasing goods and/or services from the controller;
• Type of data: full name, citizenship, date of birth, manner of control over the
  controller’s client;
• Purpose: know your client due diligence process;
• Legal basis: the legal basis may differ depending on local laws applicable, but
  generally we consider that we have a legal obligation to conduct this diligence
  process (Anti-money laundering, and counter terrorist financing, trade sanctions);
• Retention time: we will keep the data as long as necessary to fulfil the purpose pursued unless an ongoing legal claim, legal requirement or applicable rule – including but not limited to the applicable statute of limitations – justifies an
  additional retention time.
• Source of data: We compile information from publicly available sources. These
  sources are in the public domain and are reasonably accessible or available to us, such as public websites, MATRIXSOFT websites, open government databases, exchanges, and public registries.

3.7. Data collected for concluding and executing contracts for the sale of goods or services

• Data subject categories: representatives and employees of companies purchasing goods and/or services from the controller. Natural persons purchasing goods and/or services from the controller.
• Type of data: Full name, email address, delivery address, phone number. Additionally for companies: company name, VAT n°. During the execution of an order, the following data may be processed: clickstream, Data on payment methods, identifiers of payment transactions, methods and terms of payment, IP address;
• Purpose: concluding and executing contracts for the sale of goods or services;
• Legal basis: performance of a contract;
• Retention time: we will keep the data until the termination of the contract, plus
  the applicable statute of limitations. Full name, address, identifiers of payment transactions information will be kept to comply with the applicable financial and accounting records legislation;
• Source of data: the data is provided by you directly;
• Requirement to provide data and consequences of not providing: all
  information requested is necessary for the conclusion and execution of the contract.
  Not providing such data will result in failure to conclude and execute said contract;
• Additional purpose: the data will be used for statistical purposes in order to
  better understand our customers and deliver high quality of services and goods.

3.8. Data collected for customer support

• Data subject categories: employees of companies that require support, purchasing goods and/or services from the controller. Natural persons purchasing goods and/or services from the controller;
• Type of data: Full name, email address, phone number, recording of communication, company name;
• Purpose: customer support for ongoing contracts;
• Legal basis: performance of a contract;
• Retention time: we will keep the data until the termination of the contract, plus
  the applicable statute of limitations. The recordings of calls will be retained for a maximum period of one year unless the existing contract, a legal claim or legal requirement or applicable rule -other than the statute of limitations- justifies further processing.
• Source of data: the data is provided by you directly;
• Requirement to provide data and consequences of not providing: All
  requested data is necessary for the customer support service. Not providing such data will result in failure to provide said support;
• Additional purpose: the data will be used for statistical purposes in order to better understand our customers and deliver high quality of services and goods.

4. With whom we share data?

We disclose your information to MATRIXSOFT employees from the relevant teams, companies processing the data on our behalf (hosting providers, mail system provider, organizations providing maintenance services; entities providing services in the field of tax and legal services, subcontractors performing customer service and logistics tasks, providers of statistical, advertising and analytical services, payment service providers, independent third parties when this is necessary (auditors, lawyers, inspection agencies) or based on your choices and actions (as when you ask us to send you a shipment or letter using a third-party provider).

Depending on applicable local laws you may obtain from us further information about specific entities having access to the data. Your data will be transferred to third countries and any subsequent transfers will follow applicable local and regional laws. For data transferred outside of EU/EEA, MATRIXSOFT also implements EU Standard Contractual Clauses (more information about such clauses is available here) to ensure similar level of protection as in EU/EEA. For data transferred outside of Serbia, MATRIXSOFT also implements Standard Contractual Clauses (more information about such clauses is available only in Serbian here). For data transferred outside of UK, MATRIXSOFT also implements Standard Contractual Clauses (more information about such clauses is available here). For data transferred outside of Argentina, MATRIXSOFT also implements Standard Contractual Clauses (more information about such clauses is available only in Spanish here).

We may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise, or defence of legal claim, whether in court proceedings or in an administrative or out-of-court procedure.

5. What are your rights?

• Right to withdraw your consent: You can unsubscribe any time by clicking the unsubscribe link available in all our marketing communication, change your preferences on the cookie consent tool or contact us at the relevant contact points indicated below.
• Right to information and transparency: You have the right to be informed on the manner in which we process your personal data.
• Right to access: You have the right to know what if any of your data we process and obtain a copy of it in most cases.
• Right to rectification:  You have the right to request us to rectify or complete your data, as the case may be, on the basis of an additional statement.
• Right to restrict the processing: You can request us to restrict the processing of your personal data in certain cases.
• Right to erasure („right to be forgotten”): You have the right to request and obtain the erasure of your personal data in some cases.
• Right to data portability: In certain cases you have the right to receive the personal data that you have provided us in a structured, commonly used and machine readable format or to request we transfer it to another controller.
• Right to oppose the processing: Right to oppose the processing in direct marketing purposes: We shall not make decisions about data subjects based solely on automated processing.
• Right to launch a complaint with the competent data protection authority. Depending on your location the contact data of the competent data protection authority might differ. You can find a comprehensive list of competent data protection authorities here.

You may exercise any of your rights in relation to your personal data by written Policy to us, using contact details set out below.

6. How do we safeguard your personal data?

We use a range of security measures to protect your personal information, which based on the specific data we process and the risk that the processing activity might pose to your rights and freedoms, might be”

• Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services.
• Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
• Processes for MATRIXSOFT early testing, assessing and evaluating the effectiveness of technical and organisational measures in order to ensure the security of the processing.
• Measures for user identification and authorisation.
• Measures for the protection of data during transmission
• Measures for the protection of data during storage.
• Pseudonymisation and/or encryption of personal data.
• Measures for ensuring physical security of locations at which personal data are
  processed.
• Measures for ensuring events logging.
• Measures for ensuring system configuration, including default configuration.
• Measures for internal IT and IT security governance and management.
• Measures for certification/assurance of processes and products.
• Measures for ensuring data minimisation.
• Measures for ensuring data quality.
• Measures for ensuring limited data retention.
• Measures for ensuring accountability.
• Measures for early detection, management and recovery for incidents.

7. How do we keep this Privacy Policy updated?

We may update this Privacy Policy from time to time. If we materially change it, we will take steps to inform you of the change.

The date at the bottom of this Privacy Policy shows when it was last updated.

July 21^st, 2024