General Provisions

This personal data processing and protection policy (hereinafter – the Policy) is an internal and regulatory document of LLC "DRIFT" (hereinafter – the Company). It defines the general provisions of the Company's policy regulating the procedure and conditions for processing personal data and ensuring the protection of processed personal data by the Company and/or by products and services, programs, websites, and applications owned, offered, or controlled by the Company. By using or accessing the website, services, or applications, you accept the practices described in this Privacy Policy and agree to the Company's data processing as set forth herein.

Terms and Definitions

Personal Data – any information relating to an individual that allows or may allow direct or indirect identification of that person.

Processing of Personal Data – any operation or set of operations performed on personal data (including automated or manual methods), such as collection, recording, input, organization, storage, use, transformation, retrieval, transfer, correction, blocking, destruction, or other actions.

Data Collector – the Company that organizes and/or carries out the processing of personal data.

Data Subject – individuals, employees, service providers, partners, users, and applicants who establish contractual and/or other relationships with the Company.

Collection of Personal Data – we collect your personal data when you voluntarily register in the Application, use the Services, or send information/communications to the Application or other Users. Examples include: name, surname, business name, address, email, phone, date of birth, social security number, employment information, location, IP address, payment and credit card data, and other non-public information.

Third-Party Personal Data – we may collect personal data about certain third parties from you and vice versa. By providing such data, you guarantee that it was obtained with the full consent of those third parties.

Cookies, Web Beacons, and Log Files – technologies used during website and service operation. Cookies store data in your browser; web beacons track content usage; log files are automatically recorded by your browser or mobile app. These tools help improve service functionality and analytics.

Credit Card Information – by using the service, you authorize the Company to use your payment details for billing services rendered.

Measures to Ensure Personal Data Security

To protect processed personal data, the Company applies legal, organizational, and technical measures in line with regulatory requirements. These include contracts, regulations, internal and external agreements, system designs, and documentation related to information systems.

The Company follows these principles:

- legality and accuracy of processing purposes and methods,

- processing only with the subject's consent or legal basis,

- adequacy of data for the stated purposes,

- accuracy, completeness, reliability, and security of data,

- notification of users regarding lawful and safe handling of personal data,

- internal control and readiness for state inspections.

Purpose of Personal Data Processing

Personal data is processed for interaction under contracts, compliance with legislation, and fulfillment of regulatory requirements.

Consent and Rights of Data Subjects

Personal data processing is lawful if:

- the subject consents (unless otherwise required by law), or

- data is obtained from public sources.

Consent may be given in written, electronic (with digital signature), or oral form.

Data subjects have the right to:

- confirmation of processing and its purpose,

- information on processing methods,

- recipients of personal data,

- list of processed data and its sources,

- processing timeframes,

- potential legal consequences of processing.

Confidentiality of Personal Data

Information about personal data known to the Company is confidential and protected by law.

Employees and authorized persons with access to personal data have signed confidentiality agreements and are warned of possible disciplinary, administrative, civil, and criminal liability for violations.

Final Provisions

This Policy and all amendments are approved by the Company and take effect upon publication on the Company's website www.apexcab.net. Amendments replace previous versions from the date of entry into force. If any provision of this Policy conflicts with the laws of the Republic of Armenia, the provisions of the law shall apply. This Privacy Policy may be updated from time to time at our discretion for any reason. We will notify you of any material changes by posting the new Privacy Policy on the Company's website.