Privacy Policy

Last updated: May 17, 2026

This Privacy Policy explains how Sole Proprietor Kursa Technology processes and protects personal data of users of its website and digital products.

1. General Provisions

The personal data operator is Sole Proprietor Kursa Technology (Republic of Kazakhstan, Almaty), owner of https://kursa.technology and Kursa Technology digital products.

This Policy applies to users of the website, feedback forms, client accounts, and other Kursa Technology services.

Data processing is carried out in accordance with the Law of the Republic of Kazakhstan On Personal Data and Their Protection dated May 21, 2013 No. 94-V and, where applicable, Regulation (EU) 2016/679 (GDPR).

2. Data We Collect

Depending on how you use our website and services, we may collect the following categories of data:

  • Identification data: first name, last name, role, organization, date of birth, and other profile data you provide voluntarily.
  • Contact data: email, phone number, messengers, and other communication channels you choose to provide.
  • Technical data: IP address, cookies, browser type, device, interface language, and system logs.
  • Service usage data: pages visited, forms submitted, and interactions with platform content and features.
  • Payment data: payment amount, status, and date received from payment providers. Full bank card details are not stored by us.

3. Purposes and Legal Basis of Processing

We process personal data for the following purposes:

  • Contract performance: account registration, access to services, service delivery, and user support.
  • Legitimate interest: analytics, service quality improvement, and platform functionality and stability development.
  • Communication: service notifications, responses to inquiries, and organizational messages.
  • Security: authentication, abuse prevention, incident investigation, and fraud prevention.
  • Legal compliance: fulfilling legal obligations and retaining data for required periods.

4. Data Sharing with Third Parties

We do not sell personal data. Sharing is possible only to the extent necessary to operate our services and on lawful grounds.

For cross-border transfers, we apply safeguards required by applicable law.

  • Service providers: hosting and cloud infrastructure, communication tools, analytics, and payment providers.
  • Government authorities and other authorized persons in cases required by the laws of the Republic of Kazakhstan, the EU, or other applicable law.
  • Partners and contractors where you have given explicit consent or when necessary to provide a service you requested.

5. Data Protection and Retention

We use organizational and technical safeguards, including access controls, TLS encryption, backup procedures, monitoring, and logging.

Data is retained no longer than necessary for processing purposes, contractual terms, and legal requirements, after which it is deleted or anonymized.

6. User Rights

You may submit a request to access and manage your personal data.

Depending on applicable law, you may have the following rights:

  • Right of access: obtain confirmation of processing and a copy of personal data.
  • Right to rectification: update inaccurate or incomplete data.
  • Right to erasure: request deletion of data where lawful grounds exist.
  • Right to data portability: receive data in a structured format where applicable.
  • Right to withdraw consent and object to certain types of processing, and the right to lodge a complaint with a competent authority.

7. Third-Party Services and Links

Kursa Technology websites and services may include third-party services and links to external resources.

Data processing by such services is governed by their own privacy policies, and we recommend reviewing them separately.

8. Data of Minors

Some Kursa Technology digital products may be used by minors.

If a user has not reached the age required by applicable law to provide independent consent, data processing is carried out with the participation of a parent or legal representative.

Upon a legal representative request, we will clarify, correct, or delete a child's data in accordance with applicable law.

9. Policy Changes

We may update this Policy when services, business processes, or legal requirements change.

The current version is always published on this page with the date of the latest update.