General Provisions
This Privacy Policy describes how personal data is collected and processed on the website http://kazakhbaursaks.info (the “Website”) when users visit the Website, submit contact forms, or otherwise interact with the services related to online Kazakh baursak cooking classes. The Policy is prepared with regard to applicable legislation of the Republic of Kazakhstan on personal data and its protection.
By using the Website and providing personal data, the user confirms that they have read, understood, and agreed with this Privacy Policy and consents to the processing of their personal data as described herein, to the extent such consent is required under Kazakhstan law.
Data Controller and Contacts
For the purposes of this Privacy Policy, the operator (data controller) of personal data collected through the Website is the person or entity organizing and providing online Kazakh baursak cooking classes via http://kazakhbaursaks.info (“Operator”). Users may contact the Operator using the following details:
Phone: +38 (050) 572‑79‑14
E‑mail: [email protected]
Address: Vulytsia Poltavska, 10, Kyiv, 04116
The Operator may update identification details if its registration or contact information changes; the current version will be published on the Website.
Categories of Personal Data
The Website may collect the following categories of personal data when the user interacts with the Website and services:
Identification and contact data (name, e‑mail address, phone number, and other data voluntarily provided via contact or booking forms).
Communication data (contents of messages and enquiries sent via forms or e‑mail).
Technical and usage data (IP address, browser type, device information, approximate location, cookies and similar identifiers, pages viewed, session time, and other standard web server logs).
The Operator does not intentionally request or process special categories of personal data (such as health data, political opinions, biometric data) via the Website and asks users not to include such information in forms.
Purposes and Legal Grounds
Personal data is processed only to the extent necessary for specific, explicit, and lawful purposes, including:
Providing access to the Website, organizing and delivering online classes, processing bookings and requests, and maintaining user interactions.
Communicating with users, responding to enquiries, providing customer support, and sending service notifications related to the Website and classes.
Ensuring operation, security, and improvement of the Website, including analytics and prevention of fraudulent or abusive activity.
The main legal grounds for processing are the user’s consent, performance of a contract or pre‑contractual measures, and compliance with applicable legal obligations where relevant.
Cookies and Similar Technologies
The Website may use cookies and similar technologies (pixels, local storage) to ensure technical functionality, remember user preferences, and collect aggregated statistics on visits and interaction. Cookies can be set by the Website or by third‑party providers that supply hosting, analytics, or other tools.
Users can manage cookie settings in their browser, including blocking or deleting cookies; however, some Website functions may not work correctly if cookies are disabled. Where required by law, the Website may display an additional cookie banner or notice for managing consent to non‑essential cookies.
Data Storage and Security
Personal data is stored in electronic form on servers and systems used by the Operator and its service providers (hosting, e‑mail, communication and analytics tools). The Operator takes reasonable legal, organizational, and technical measures designed to protect personal data against unauthorized or unlawful access, alteration, disclosure, or destruction.
Security measures may include restricted access based on role, secure communication channels where appropriate, password protection, and security monitoring of systems. While the Operator strives to protect personal data, no method of transmission or storage can be guaranteed to be completely secure.
Data Sharing and Third Parties
Personal data may be shared only when reasonably necessary for the purposes specified in this Policy and in accordance with Kazakhstan legislation on personal data. Possible recipients include:
Service providers that support the Website and services (hosting providers, e‑mail services, analytics, communication platforms).
Public authorities and regulators, if disclosure is required by applicable law, court order, or a lawful request of a competent state body.
Third parties process personal data only on documented instructions from the Operator and under confidentiality and security obligations. The Website does not sell users’ personal data.
International Data Transfers
Technical infrastructure and service providers used by the Website may be located outside the Republic of Kazakhstan, which can result in cross‑border transfers of personal data. In such cases, the Operator takes reasonable steps to ensure an adequate level of protection, for example by selecting reliable providers and using contractual safeguards where appropriate.
By using the Website and providing personal data, the user acknowledges that data may be transferred internationally as part of the provision of services, subject to the safeguards described in this Privacy Policy and applicable law.
Users’ Rights
Users whose personal data is processed through the Website have the rights provided by applicable Kazakhstan legislation, including:
The right to receive information about the processing of personal data and to request confirmation whether their personal data is being processed.
The right to access their personal data and to request correction, updating, or deletion of data that is inaccurate, incomplete, outdated, or processed unlawfully.
The right to withdraw consent where processing is based on consent; such withdrawal does not affect the lawfulness of processing carried out before withdrawal.
To exercise these rights, users may contact the Operator using the contact details indicated in the “Data Controller and Contacts” section of this Policy.
Data Retention
Personal data is retained only for as long as necessary to achieve the purposes for which it was collected, including providing services, responding to enquiries, and complying with legal, accounting, or reporting requirements. When data is no longer required, it will be deleted or anonymized, unless a longer retention period is required or permitted by law.
The Operator may establish internal retention periods for different categories of data (for example, contact form messages, booking information, and technical logs), taking into account statutory limitation periods and other legal requirements.
Children’s Data
The Website and related services are primarily intended for adults. The Website does not knowingly collect personal data from children without the consent of a parent or legal representative when such consent is required by applicable law.
If the Operator becomes aware that children’s personal data has been collected without the necessary consent, reasonable steps will be taken to delete such data as soon as practicable, unless retention is required by law.
Marketing Communications
The Operator may use contact details provided by users (such as e‑mail address or phone number) to send information directly related to requested services, such as confirmations and essential updates. Separate marketing communications about new classes, offers, or events may be sent only if legally required consent has been obtained, and users can opt out at any time using the instructions in the message or by contacting the Operator.
Opting out of marketing communications does not affect service‑related notices that are necessary to deliver the services or respond to enquiries.
Third‑Party Websites
The Website may contain links to third‑party websites or services (for example, payment services, social networks, or platforms used for online sessions). Such third‑party websites operate independently, and this Privacy Policy does not apply to them.
Users are encouraged to review the privacy policies of each third‑party website they visit before providing any personal data on such sites.
Changes to this Privacy Policy
The Operator may update this Privacy Policy from time to time, for example due to changes in legislation, services, or technical infrastructure. The current version will always be available on the Website with an indication of the date of the latest revision, and continued use of the Website after publication of an updated version will be deemed acceptance of the updated terms.
If changes significantly affect users’ rights or the way personal data is processed, additional notice may be provided where required by law (for example, by e‑mail or via a prominent notice on the Website).
Contact Information
For any questions regarding this Privacy Policy, personal data processing, or to exercise legal rights, users may contact the Operator at:
Phone: +38 (050) 572‑79‑14
E‑mail: [email protected]
Address: Vulytsia Poltavska, 10, Kyiv, 04116
The Operator aims to process personal data lawfully, fairly, and transparently and to respect privacy and other rights of users in accordance with the legislation of the Republic of Kazakhstan