Privacy Policy

1. This General Policy on Personal Data Processing (hereinafter – “Policy”) defines general requirements for the processing of personal data in SIGMA (as defined below).

2. Personal data means any information relating to an identified or identifiable natural person (‘data subject’).

3. Personal data processing is performed in a strict compliance with the international and local legislation of the countries of SIGMA presence and its customers’ presence.

4. SIGMA acknowledges and agrees to comply with the requirements of the General Data Protection Regulation (Regulation (EU) 2016/679), as well as with the relevant legislation of the operating countries.

5. SIGMA develops and implements internal regulatory documents concerning personal data processing.

6. Internal regulatory documents specify the requirements for particular and/or for general data processing cases in accordance with applicable legislation.

7. Internal regulatory documents are based on the provisions of this Policy and applicable legislation.

8. Internal regulatory documents of SIGMA cannot contradict the General Data Protection Regulation (Regulation (EU) 2016/679)) and should primarily be aimed at protecting the rights and freedoms of the subject of personal data.

9. SIGMA does not collect or process data from persons under age of majority (18 years or more), except as provided by law.

10. All persons carrying out the processing of personal data must be familiarized with this Policy and internal regulatory documents of OCT, and act in strict compliance with their provisions.

11. SIGMA takes into account the differences in the legislation of the countries where personal data is processed, and always acts in the interests of the personal data subject.

12. SIGMA undertakes all possible legal, technical and organizational measures to protect personal data, considering possible risks.

13. SIGMA commits to inform the subjects of personal data about the changes in this Policy in an accessible form by publishing information on the SIGMA website.

13. SIGMA undertakes not to disclose personal data to third parties, except for cases determined by law of the operating countries, and only on the basis of a written decision of courts or public authorities.

14. In order to protect the interests of personal data subjects, SIGMA appoints data protection officers.

15. Subjects of personal data have the right to communicate with a data protection officer about the processing of his/her personal data.

16. SIGMA undertakes to secure the confidentiality of applications of personal data subjects as well as impartiality and independence in considering each request.