Log in +7 727 331 59 77
Your Partner
on capital market!
MainCompanyPrivacy Policy

Privacy Policy

This Privacy Policy has been developed in accordance with the laws of the Republic of Kazakhstan and internal regulations of "Subsidiary Organization of Halyk Bank of Kazakhstan “Halyk Finance”" JSC (hereinafter referred to as ‘the Company’), and regulates the procedure for processing and use of personal data or other information in respect of User that the Company receives in the course of usage of the Company’s Services by User.
  
1. Definitions

1.1. The following terms are used in this Privacy Policy:

1.1.1. "Shareholder of the Company" is "Halyk Savings Bank of Kazakhstan" Joint Stock Company. 

1.1.2. "Company’s Services" are mobile applications, web trading platform, corporate website, that allow users of the Company’s Services to interact with the Company under a brokerage services contract, or without conclusion of such a contract, or to interact with the Company’s partners as a part of the contracts concluded between Users and such partners including the exchange of information and carrying out individual transactions via the Internet or a special application of a mobile device (smartphone, tablet, etc.), as well as an electronic payment system that allows users of mobile devices to make money transfers via the Internet. The Company’s Services are both the Company's own Services and the Services to be provided by the Shareholder of the Company. 

1.1.3. "Personal Data" are the information relating to directly or indirectly specified or identifiable physical person (personal data subject). 

1.1.4. "Personal Data Processing" is any activity/transaction or a set of activities/operations with personal data carried out with or without automation tools including: collecting, recording, systematizing, accumulating, storing, clarifying (updating, amending), extracting, using, transferring (distributing, providing, accessing), depersonalization, blocking, deleting, destroying personal data. 

1.1.5. "Personal Data Confidentiality" is a mandatory requirement for the Company or other person who has access to personal data not to allow their dissemination without the personal data subject’s consent or other legal grounds. 

1.1.6. "User" is a person who has access to the Company's Services via the Internet, and uses the Company's Services. 

1.1.7. "User Information" is personal information that User provides independently when using the Company’s Services and creating account, or carrying out registration, as well as the data automatically transmitted in the course of use of the Company’s Services, including but not limited to: IP-address, data of the mobile device used for access, etc. When the Company’s Services are used, the following information may be requested and obtained: 

  • User Data. When an account is created and/or registration is carried out, the Company requests information about User, such as: Individual Identification Number, full name, gender, date of birth, residence and registration address, email address, phone number, place of employment, position, images and videos from a camera, and User’s contact data (telephone and/or address book, contacts in a mobile device), as well as the data automatically sent by a web server. The Company may also request additional information.
  • Mobile Device Data. The Company collects data of User’s mobile devices such as mobile device model, operating system version, unique device identifiers, mobile network data and mobile phone number. In addition, device ID and mobile phone number can be linked to a User's account.
  • Location Data. The Company's Services that support geographic location function of a User's mobile device allow the Company to receive information about the User's actual location including GPS (Global Positioning System) data sent by the mobile device. 
  • Information about Operations Being Performed. When making transactions with financial instruments, information operations, money transfers, etc., the Company collects data about the place, time and amount of the transactions performed, the type of payment method, data about the seller and/or service provider, descriptions of the reason for the transaction, if any, and other information related to carrying out the above operations.

2. General provisions

2.1. Obtaining access to the Company's Services means User’s unconditional consent to the terms and conditions of this Privacy Policy. The Company ensures security of the personal information received from Users. 

2.2. This Privacy Policy has been developed to determine the data that can be requested from Users of the Company's Services, as well as the ways of processing such data by the Company or other persons. 

2.3. This Privacy Policy also indicates the goals for which User Personal Data may be requested or disclosed. 

2.4. Separate agreements with Users may set forth other goals for which User Personal Data may be requested or disclosed. 

2.5. This Privacy Policy also specifies the basic precautions to be taken by Users for keeping their personal data confidential. 

2.6. This Privacy Policy applies to the data that were received by the Company as a result of the use of the Company's Services by Users. 
 
3. User Data received and used, and goals of use

3.1. The User Data are collected by the Company to improve the user’s security when the Company’s Services are used, to increase the level of operational protection, to protect data, to carry out technical control of the Company’s Services, to facilitate the transactions carried out by Users, and to analyze and improve the work of the Company’s Services, to inform Users about the services and products to be provided or offered by the Company, for marketing or other purposes specified in this Privacy Policy or terms and conditions of use of individual Company’s Services. 

3.2. The Company may use User Personal Data for the following purposes: 

  • to identify User registered in a mobile application when interaction with the Company is carried out under a brokerage services contract concluded, or without such a contract. 
  • to provide User with the access to the Company's Services. 
  • to establish communication with User including by sending notifications or inquiries regarding the use of the Company's Services, to provide services, process requests or applications from User. 
  • to determine User’s location, ensure security, and prevent fraud. 
  • to confirm the accuracy and completeness of personal data provided by User. 
  • to create an account for carrying out transactions. 
  • to notify User about the status of client orders.
  • to process and receive payments, to confirm taxes or tax benefits, to challenge payments. 
  • to provide User with effective customer and technical support in case of problems associated with the use of the Company's Services. 
  • to provide User with updates to the Company's products, special offers, information on promotions, newsletters and other information on behalf of the Company or the Shareholder of the Company. 
  • to provide User with the access to the Company’s websites or Services or those of Shareholder of the Company for obtaining products, updates and services.

4. Terms and conditions of data processing

4.1. In the course of use of User Data, the Company is guided by this Privacy Policy as well as the requirements of Law No. 94-V “On personal data and their protection” of the Republic of Kazakhstan dated May 21, 2013, as well as the international treaties ratified by the Republic of Kazakhstan. This Privacy Policy has been developed in accordance with their appropriate standards.

4.2. The User Personal Data are processed without any time limits, in any legal way including in the personal data information systems using automation tools or without such tools.
 
5. Provision of User Data to third parties

5.1. The Company has the right to provide User Data to its Shareholder, affiliates, partners or other companies associated with the Company for the purposes specified in chapter 3 of this Privacy Policy except for the data being commercial secret on the securities market. That said, the Company ensures compliance with the current laws of the Republic of Kazakhstan and this Policy with respect to User Data by concluding appropriate agreements, which will ensure that the above recipients of User Data will keep the appropriate level of protection. 

5.2. The Company does not provide User Data to the companies and individuals not associated with the Company except when Users give their consent. 

5.3. An additional consent of User is requested by the Company in accordance with applicable laws of the Republic of Kazakhstan to provide User Data to the companies and individuals not associated with the Company including other Users. 

5.4. The Company may provide the pooled depersonalized User Data of Users of the Company’s Services to its partners (e.g., for statistical, analytical or other reviews). If the User Data are provided outside the borders of the Republic of Kazakhstan, the Company ensures compliance with the laws being in force in the Republic of Kazakhstan and this Privacy Policy in respect of User Data by concluding contracts, which will ensure that the recipients of the User Data will keep the appropriate level of protection. 
 
6. Security measures to keep confidentiality

6.1. The Company takes all the possible measures to ensure protection and security of User Data from unauthorized attempts to access, alter, disclose or destroy it, as well as other ways of abuse. 

6.2. In particular, the Company constantly improves the ways of data collecting, storing and processing including physical security measures intended to counteract unauthorized access to the Company's systems for theft of assets, phishing or other types of fraud.

6.3. The Company also limits the access to employees, contractors and agents to User Data, and establishes strict contractual confidentiality obligations, violation of which results in liability and penalties set forth with the laws of the Republic of Kazakhstan. 

6.4. The User Personal Data can be provided to the authorized governmental bodies of the Republic of Kazakhstan only on the grounds and in the manner established by the laws of the Republic of Kazakhstan.

6.5. In case of loss or disclosure of User Personal Data, the Company informs User about the loss or disclosure of his/her personal data. 

6.6. The Company and a User take all the necessary measures to prevent losses or other negative consequences caused by the loss or disclosure of User Personal Data. In order to ensure secure use of the Company’s Services, the Company recommends User to keep the following recommendations: 

  • User must keep the account data such as login and password in secret from any third parties. 
  • User undertakes to immediately inform the Company about any suspected case of unauthorized use of his/her account. 

6.7. Keeping the Company’s recommendations allows User to ensure maximum safety of the information provided to the Company including details of User‘s payment card (or other electronic means of payment), and other data, and to reduce the risks when operations are carried out using the details of payment card (or other electronic means of payment) for non-cash payment for goods and services including payments via the Internet. 
 
7. Liability

7.1. If the Company fails to fulfill its obligations under this Privacy Policy, it will be liable for the losses incurred by User in connection with the unlawful use of personal data in accordance with the laws of the Republic of Kazakhstan, except for the cases set forth in clauses 5.1., 6.4. and 7.2. of this Privacy Policy. 

7.2. In the event of loss or disclosure of Confidential Information, the Company is not liable if the Confidential Information: 

  • became public domain before it was lost or disclosed. 
  • was received from a third party prior to its receipt by the Company. 
  • was disclosed with the User’s consent. 

8. Dispute Resolution

8.1. Before submitting a claim to a court in respect of the disputes arising from the relationships between User and the Company, it is mandatory to submit a pre-judicial claim (a written proposal for a voluntary settlement of a dispute). 

8.2. The recipient of the pre-judicial claim notifies the applicant of the claim in writing about the results of consideration of the claim within 30 calendar days from the date of receipt of the pre-judicial claim. 

8.3. If no agreement is reached, the dispute will be referred to a court in accordance with the current laws of the Republic of Kazakhstan. 

8.4. The current laws of the Republic of Kazakhstan apply to this Privacy Policy and the relationships between User and the Company. 
  
9. Amendments to Privacy Policy

9.1. The Company has the right to amend this Privacy Policy without User’s consent. 

9.2. A new version of the Privacy Policy comes into force when it is posted on the Company’s corporate website unless otherwise set forth by the new version of the Privacy Policy. Any suggestions or questions about this Privacy Policy should be submitted to halykfinance@halykfinance.kz

9.3. If the Company makes any amendments to the Privacy Policy to which User does not agree, he/she must stop using the Company’s Services. A failure to stop using the Company’s Services means that a User agrees to and accepts the appropriate version of the Privacy Policy. 

9.4. The current Privacy Policy is posted at https://halykfinance.kz/privacy-policy/?lang=en

9.5. The Company recommends Users of the Company’s Services to regularly check the latest updated version of this Privacy Policy. 
 

Request to open account
Request to open account
Request to open account
Apply for a job
Request for units purchase
Brokerage account at Halyk Finance
Войти в личный кабинет
Access requires registration on the site, please log in.
EngҚазРус