Dear Customers,


By using “COSCOM” LLC services, you entrust us with your data. This web-page contains the information about types of personal data we keep in “COSCOM” LLC and how we provide this data security.

“COSCOM” LLC subscribers personal data privacy Policy

1. DESCRIPTION

“COSCOM” LLC (hereinafter referred to as Company) supports and respects international laws and standards on human rights. In Company, we recognise that privacy is important to our subscribers and we are committed to respect and safeguard our subscribers’ privacy.

2. SCOPE AND PURPOSE

2.1. The purpose of this Policy is to set high and consistent Company standards to respect privacy of our subscribers. 2.2. The primary objective is to ensure that subscribers feel confident that Company respects and safeguards their privacy. The second objective is to reduce legal and regulatory risks as well as reputational and brand exposure in this respect. Company is a telecom operator managing significant networks and data volumes and we therefore aim to ensure network integrity and data security to protect privacy.
2.3. It is Company’s objective to live by the letter and spirit of the law. Any obligations and regulations in the laws that may impose stricter rules or additional limits on the collection and other processing of personal data shall remain unaffected by this Policy.
2.4. The type of personal data Company collects about individuals, when Company collects it and how Company processes it, may be further regulated in conjunction with particular services and in the contractual terms for the respective services or otherwise by the legislation of Republic of Uzbekistan.
2.5. The latest version of this Policy is published on ucell.uz

3. PRINCIPLES

3.1. The following principles shall apply for the activities under this Policy:

a) use best practice in each market to inform subscribers that Company is collecting their personal data and to explain how this data will be used, in case it is not contradict to Republic of Uzbekistan’s legislation;
b) collect and process personal data only if the processing relies on a legitimate processing criteria. Use free, unambiguous and informed client-consent for collection and processing as the prime method of choice, ensuring transparency and allowing subscribers to withdraw their consent;
c) geolocation data, IP address, MAC address, GPS coordinates, location may be used for data processing purposes to improve the quality of the Operator's network and services;
d) collect only personal data which is relevant and not excessive in relation to the purpose for which it is collected and only collect it for explicit purposes which not contradict to Republic of Uzbekistan’s legislation;
e) process personal data fairly and according to the Republic of Uzbekistan laws in all Company operations including when processing such data outside the country where it has been collected. Process personal data only to the extent necessary for performing the processing task in question, while always paying attention to the protection of subscriber privacy and to interests of special user groups such as children. Processing of personal data should be limited to what is needed for operational purposes, efficient subscriber care and relevant commercial activities, including the processing of anonymous user patterns;
f) not retain personal data longer than is required according to the Republic of Uzbekistan’s laws or necessary for operational purposes, efficient subscriber care and relevant commercial activities. When personal data is no longer necessary to fulfil the purposes which legitimised its original collection and processing, we shall permanently delete or make anonymous such data;
g) keep personal data accurate and reasonably up-to-date. Provide reasonable measures for subscribers to obtain information about personal data retained about them and to correct inaccuracies;
h) only provide personal data to state authorities to the extent required by the Republic of Uzbekistan’s legislation and in accordance with predefined approved processes;
i) on a regular basis assess privacy risks associated with the collection, processing and retention of personal data and develop appropriate mitigation strategies to address these risks;
j) require Company’s suppliers, in line with the level of protection in this Policy, to exercise special care to prevent loss, theft, unauthorised disclosure or inappropriate use of personal data collected by Company. Expect suppliers to process such data fairly and lawfully in all operations, including when such data is processed outside of the country where it was collected or received;
k) protect, with appropriate technical and organizational measures, personal data as well as messages and related information that are transferred in Company networks and communications services as well as information concerning the location of a subscription or terminal device;
l) Identify and address the impacts of this Policy in change, development and procurement activities and embed privacy safeguards into design of our products, services, processes and infrastructure from the earliest stage of development covering the entire life cycle;
m) expect every Company employee to respect duty of confidentiality by the Republic of Uzbekistan laws and written agreements regarding non-disclosure;
n) govern and manage privacy within Company so that legal, contractual and business requirements are fulfilled and ensure that relevant and sufficient organizational resources are in place and secured to ensure proper implementation of this Policy and take corrective measures when necessary;
o) these principles apply to the extent that they do not place Company in violation of laws and regulations of the Republic of Uzbekistan