Privacy Policy

1. Key terms

Personal data

– any information relating directly or indirectly to an identified or identifiable individual (the User).

Processing of personal data

– any action or set of actions with personal data: collection, systematization, recording, storage, clarification, modification, use, transfer, anonymization, blocking and deletion.

Operator

– Stanbase LLC, which organizes and carries out the processing of personal data and determines the purposes and composition of the data processed.

User

– an individual who uses the Service, registers with it or provides their data.

Anonymization

– actions as a result of which it becomes impossible, without using additional information, to determine that data belongs to a specific User.

Cookies

– small files stored on the User’s device and used for the operation, authorization and analysis of the Service.

Consent

– a free, specific and informed expression of will by which the User permits the processing of their personal data.

2. Composition of the data processed

2.1. Data provided by the User. During registration and use of the Service, the User provides:

• full name;
• email address;
• contact phone number (if provided);
• payment-related data (processed by the payment system; full card details are not transferred to or stored by the Company);
• other data that the User voluntarily enters into the Account or provides when contacting support.

2.2. Data collected automatically. When using the Service, the following is collected automatically:

• IP address and connection data;
• type and version of the device, browser and operating system;
• data on actions in the Service: search, view, filter and feature-use history;
• cookies and data from similar technologies;
• date, time and duration of access.

2.3. Part of the data displayed in the Service relates to companies and other organizations and originates from open and external sources or is generated automatically. Such data is processed by the Company for information and analytical purposes. Where such data contains information relating to individuals, it is processed in compliance with personal data law.

2.4. The Company does not collect special categories of personal data (on health, racial or ethnic origin, religious, political and philosophical beliefs, biometric data) and asks the User not to provide such data.

2.5. The User is prohibited from entering third-party data into the Service without lawful grounds, as well as information constituting a secret protected by law.

3. Data on companies and other persons in the Service’s database

3.1. The Service is a database of companies, startups, funds and persons associated with them in the region. Cards (profiles) are compiled by the Company on the basis of information obtained from the following sources:

• publicly available and open sources (company websites, registries, media publications, open databases);
• information provided by the companies themselves, their representatives or Users;
• information obtained from partners and data suppliers on lawful grounds;
• the results of the Company’s own research and analytics.

3.2. Cards may contain information relating to individuals (for example, founders, executives, investors): name, position, professional activity, public contact information, information about participation in companies and deals, and other professional information obtained from the sources indicated.

3.3. Such information is processed by the Company for information and analytical purposes, to ensure transparency and the development of the entrepreneurial and investment ecosystem. The legal basis for processing is the legitimate interests of the Company and Users of the Service that do not infringe the rights and freedoms of the data subjects, as well as the public availability of the relevant information.

3.4. The Company takes reasonable measures to keep the information in the cards current and accurate, but does not guarantee its completeness and accuracy, since part of the data is compiled from external sources.

3.5. An individual whose information is contained in a card has the right to contact the Company with a request to clarify, correct or delete their data in the manner provided in Section 12 of this Policy. The Company reviews such a request and grants it if there are no lawful grounds for the further processing of the data.

4. Purposes of data processing

The Company processes personal data for the following purposes:

• registering the User and providing access to the Service and its functions;
• identifying the User and managing the Account;
• processing payments and providing paid services;
• communicating with the User: sending notifications, responses to requests, service and informational messages;
• ensuring the operability, security and stability of the Service, preventing fraud and violations;
• analyzing use of the Service, compiling statistics and improving functions and products;
• complying with the requirements of the laws of the Republic of Uzbekistan;
• sending marketing and advertising materials (only with the User’s consent).

5. Legal grounds for processing

5.1. Personal data is processed on the following grounds:

• the User’s consent expressed upon registration, use of the Service or acceptance of this Policy;
• the necessity to perform the agreement (the Public Offer) concluded with the User;
• the necessity to comply with the requirements of the laws of the Republic of Uzbekistan;
• the Company’s legitimate interests that do not infringe the User’s rights and freedoms (for example, ensuring security and improving the Service).

5.2. Consent to data processing is given by the User voluntarily. Providing part of the data is a necessary condition for using the Service; if the User refuses to provide such data, use of the Service may become impossible.

6. Data on the use of the Service

6.1. The Company collects and analyzes data related to the User’s use of the Service (search, view and action history, technical access parameters), the “Use Data.”

6.2. The Company may use the Use Data, including in anonymized (aggregated) form, to improve the Service, develop new functions and products, analyze effectiveness, and prepare statistical, analytical and marketing materials.

6.3. Anonymized and aggregated data does not allow a specific User to be identified and is not considered personal data. The Company may use and transfer such data without the restrictions provided for personal data.

7. Cookies and similar technologies

7.1. The Service uses cookies and similar technologies for proper operation, User authorization, saving settings, ensuring security and analyzing use.

7.2. The Company uses both strictly necessary cookies (without which the Service cannot function) and analytical cookies that help understand how the Service is used.

7.3. The User may disable or limit the use of cookies in the browser settings. Disabling strictly necessary cookies may make it impossible to use certain functions of the Service.

7.4. For web analytics, the Company may use third-party services that process anonymized data in accordance with the policies of such services.

8. Transfer of data to third parties

8.1. The Company does not sell Users’ personal data and does not transfer it to third parties, except in the cases provided by this Policy and the law.

8.2. Transfer of data to third parties is possible in the following cases:

• to payment systems and banks – for processing payments;
• to providers of technical services (hosting, cloud infrastructure, analytics, mailing services) – to the extent necessary for the operation of the Service, subject to confidentiality;
• at the request of government authorities, a court or other authorized persons in the cases and manner provided by law;
• in the event of a reorganization or transfer of the Company’s business – to the legal successor, with the data processing terms preserved.

8.3. Persons to whom the Company transfers data for processing are obliged to maintain confidentiality and ensure data protection to a degree no less than that provided by this Policy.

9. Cross-border data transfer

9.1. The storage and processing of personal data of citizens of the Republic of Uzbekistan are carried out using technical means located within the territory of the Republic of Uzbekistan, in accordance with the requirements of the law.

9.2. Cross-border data transfer (including when using foreign service providers) is carried out only subject to ensuring an adequate level of data protection and in accordance with the requirements of the laws of the Republic of Uzbekistan.

10. Periods and conditions of data storage

10.1. Personal data is stored for the period the User uses the Service, and for the period necessary to achieve the purposes of processing and to comply with the requirements of the law.

10.2. After an Account is deleted or the purposes of processing are achieved, the data is deleted or anonymized, except for data that the Company is required to store for a period established by law (for example, information on payments and transactions).

10.3. Anonymized and aggregated data may be stored and used by the Company without a time limit.

11. Data protection

11.1. The Company takes the necessary legal, organizational and technical measures to protect personal data against unlawful or accidental access, modification, blocking, copying, distribution and destruction.

11.2. Access to personal data is granted only to authorized employees and contractors of the Company who need it to perform their duties and who are obliged to maintain confidentiality.

11.3. Despite the measures taken, the transfer of data over the internet cannot be guaranteed to be secure. The User provides data at the User’s own risk and must observe security measures when working with the Account.

12. User rights

12.1. The User has the right to:

• receive information about the processing of their personal data;
• request clarification, correction or supplementation of their data;
• request the deletion or blocking of their data where grounds exist;
• request the deletion of their data from the cards (profiles) of the Service’s database or the limitation of its display, where there are no lawful grounds for further processing;
• withdraw consent previously given to the processing of personal data;
• opt out of receiving marketing and advertising mailings;
• appeal the Company’s acts or omissions to the authorized body or to a court.

12.2. To exercise their rights, the User sends a request to [email protected]. The Company reviews the request and provides a response within the time limits established by law.

12.3. The Company may request additional information to verify the User’s identity when processing the request.

12.4. Withdrawal of consent or deletion of data necessary for the provision of services may make further use of the Service impossible.

13. Data of minors

13.1. The Service is not intended for persons who have not reached the age at which they may independently enter into agreements under the laws of the Republic of Uzbekistan.

13.2. The Company does not deliberately collect data of minors. If it is found that data was provided by a minor without the consent of a legal representative, such data is deleted.

14. Amendment of the Policy

14.1. The Company may amend this Policy unilaterally.

14.2. A new version of the Policy takes effect upon its publication on the website, unless a different date is specified in the version itself.

14.3. The current version of the Policy is permanently available on the website. Continued use of the Service after the changes take effect constitutes the User’s consent to the updated Policy.

15. Contact information

For all matters related to the processing of personal data and the exercise of User rights, you may contact the Operator: