Privacy Policy

1. General provisions

1.1. This Privacy Policy (hereinafter referred to as the “Policy”) determines the procedure for processing and protecting personal data of users of the OZTA service (hereinafter referred to as the “Users”).

1.2. The operator of personal data is the Limited Liability Company "Great Stone" (hereinafter referred to as the "Company"), the owner of the OZTA IT service, registered in the Kyrgyz Republic.

1.3. The policy is developed in accordance with:

  • Law of the Kyrgyz Republic “On the Protection of Personal Data”;
  • Regulation (EU) 2016/679 (GDPR) - where applicable;
  • other applicable regulations on the protection of personal data.

1.4. This Policy is an integral part of the Company’s Public Offer and is applied in conjunction with the Payment Terms, Cookies Policy and AML/KYC Policy posted on the OZTA service.

2. Basic principles of data processing

2.1. The Company processes personal data lawfully and fairly, exclusively for predetermined and legitimate purposes.

2.2. Processing is limited to the minimum required amount of data (data minimization).

2.3. The company does not sell personal data to third parties.

3. Categories of personal data processed

3.1. The company may process the following categories of data:

3.1.1. Identification and contact details

  • Full name;
  • email address;
  • phone number; *account details.

3.1.2. Data required to execute orders

  • information about instructions and orders;
  • information provided for interaction with third parties;
  • documents provided for compliance checks (AML/KYC).

3.1.3. Technical data

  • IP address;
  • browser and device data;
  • cookies and similar technologies.

3.2. The Company does not process special categories of personal data, except in cases expressly provided by law or with the explicit consent of the User.

4. Purposes of processing personal data

4.1. The company processes personal data for the following purposes:

  • providing access to the OZTA service;
  • execution of User instructions;
  • communication with Users;
  • compliance with legal requirements and AML/KYC;
  • ensuring the security of the service;
  • improving the functionality of the service;
  • marketing communications (subject to consent).

5. Legal grounds for processing

5.1. Processing of personal data is carried out on the following grounds:

  • User consent;
  • execution of the contract (public offer);
  • compliance with legal obligations;
  • legitimate interests of the Company.

5.2. For EU Users, processing is carried out in accordance with Article 6 of the GDPR.

6. Transfer of personal data to third parties

6.1. The Company has the right to transfer personal data solely to the extent necessary to fulfill the User’s instructions to the following categories of persons:

  • banking and payment partners through which the transfer of targeted funds is carried out;
  • IT service providers;
  • logistics and other contractors;
  • government bodies - in cases provided for by law.

6.2. The transfer of data is carried out subject to legal grounds and in compliance with confidentiality requirements.

7. Cross-border data transfer

7.1. Personal data may be transferred outside the Kyrgyz Republic if necessary to fulfill the User’s instructions.

7.2. When transferring data to countries that do not provide an adequate level of protection, the Company applies the guarantees provided by law.

8. Data storage periods

8.1. Personal data is stored:

  • during the term of the contractual relationship;
  • within the time limits established by law;
  • until the purposes of processing are achieved;
  • before withdrawal of consent - when processed on the basis of consent.

9. User Rights

9.1. The user has the right:

  • receive information about the processing of your data;
  • demand correction or deletion of data;
  • limit processing;
  • revoke consent;
  • file complaints with authorized bodies.

10. Security measures

10.1. The company applies technical and organizational measures to protect personal data, including:

  • access control;
  • encryption;
  • backup;
  • internal security policies.

11. Minors

11.1. The OZTA service is intended for persons over 18 years of age.

12. Change of Policy

12.1. The company has the right to change this Policy by publishing a new version on the OZTA website.

12.2. Using the service after publishing changes means the User agrees with the new edition.

13. Final provisions

13.1. Applicable law is the legislation of the Kyrgyz Republic.

13.2. For questions regarding the processing of personal data, the User can contact: privacy@ozta.com.

Details of the Contractor

Limited Liability Company "Great Stone"

Registration number: 308258-3301-OOO

TIN: 01109202410482

OKPO code: 33257108

Legal address:

720031, Kyrgyz Republic, Bishkek city, Oktyabrsky district, st. Kulatova 7a

Contacts for contracts

Main email: info@ozta.com

Technical support: support@ozta.com

Legal issues: legal@ozta.com

Financial issues: finance@ozta.com

Agreements and documents: contracts@ozta.com

Telephone: +996 (507) 131-159

Latest update: 3/2/2026