Privacy Policy
Controller: GreenCoreTech MCHJ
Address: Tashkent, Republic of Uzbekistan
Website: greencoretech.uz
Email: privacy@greencoretech.uz
Telegram: @greencoretech
This Privacy Policy is issued in compliance with:
- Law of the Republic of Uzbekistan No. ZRU-547 "On Personal Data" (02.07.2019)
- Cabinet of Ministers Resolution No. 570 (05.10.2022)
- Constitution of the Republic of Uzbekistan, Article 27
1. SCOPE AND PURPOSE
This Privacy Policy explains how GreenCoreTech MCHJ ("we", "us", "the Company") collects, uses, stores, protects, and discloses personal data when you visit our website greencoretech.uz, submit an inquiry through our contact form, or engage with us in a business relationship.
By submitting your personal data through our website or any other channel, you give informed, voluntary, specific, and unambiguous consent to processing as described herein, in accordance with Article 8 of the Law on Personal Data.
2. PERSONAL DATA WE COLLECT
2.1 Data You Provide Directly
- Full name and job title
- Company name and business address
- Email address and telephone number
- Content of messages and project inquiries
- Any additional information you voluntarily provide
2.2 Data Collected Automatically
- IP address and approximate geographic location
- Browser type, version, and operating system
- Pages visited, time spent, and navigation path
- Referral source (how you found our website)
2.3 Data We Do Not Collect
We do not collect biometric data, financial data, health data, or any special category personal data as defined under the Law on Personal Data. We do not use advertising trackers or sell personal data to third parties.
3. LEGAL BASIS AND PURPOSES OF PROCESSING
| Purpose | Legal Basis | Retention |
|---|---|---|
| Responding to contact form inquiries | Consent (Art. 8, Law ZRU-547) | 12 months from last contact |
| Preparing and executing service contracts | Contractual necessity | 5 years from contract end |
| Issuing invoices and tax documents | Legal obligation (Tax Code UZ) | 5 years (statutory minimum) |
| Website analytics and security | Legitimate interest | 12 months (anonymized after 30 days) |
| Sending service updates to clients | Consent / Contract | Duration of contract + 12 months |
4. DATA STORAGE AND SECURITY
All personal data is stored on servers located in the Republic of Uzbekistan (Airnet.uz data centre, Tashkent, Tier III certified), in compliance with the data localisation requirements of the Law on Personal Data.
We implement the following technical and organisational security measures in accordance with Cabinet Resolution No. 570 (2022) and OʻzMSt ISO/IEC 27002:2024:
- Role-based access control — only authorised personnel access personal data
- Encrypted data transmission via TLS 1.2/1.3 (HTTPS enforced)
- Regular automated backups with encrypted storage
- Firewall protection and intrusion monitoring at infrastructure level
- Confidentiality agreements binding all staff and contractors
5. DATA SHARING AND THIRD PARTIES
We do not sell, rent, or trade personal data. We may share data only in the following limited circumstances:
5.1 Service providers — hosting infrastructure (Airnet.uz) and payment processors, bound by confidentiality agreements and processing data only on our instruction.
5.2 Legal obligations — competent authorities of the Republic of Uzbekistan when required by law, court order, or regulatory request.
5.3 Business clients — when you are an employee of a client company, relevant contact data may be shared with your employer in the context of the service contract between GreenCoreTech and that company.
We do not transfer personal data outside the Republic of Uzbekistan without your explicit consent, except where required by applicable law.
6. YOUR RIGHTS AS A DATA SUBJECT
Under the Law of the Republic of Uzbekistan No. ZRU-547, you have the following rights:
6.1 Right to Access — request confirmation of whether we process your personal data and obtain a copy of it.
6.2 Right to Rectification — request correction of inaccurate or incomplete personal data.
6.3 Right to Erasure — request deletion of your personal data where processing is no longer necessary or consent is withdrawn, subject to statutory retention obligations.
6.4 Right to Restriction — request that we limit processing of your personal data in certain circumstances.
6.5 Right to Withdraw Consent — withdraw consent at any time without affecting the lawfulness of prior processing.
6.6 Right to Complain — lodge a complaint with the Agency for the Protection of Personal Data of the Republic of Uzbekistan (shaxsiyma'lumotlar.uz).
To exercise any of the above rights, submit a written request to: privacy@greencoretech.uz. We will respond within 15 calendar days as required by law.
7. COOKIES
Our website uses technically necessary cookies to ensure basic functionality (session management, security). We do not use third-party advertising cookies or tracking pixels. You may disable cookies in your browser settings; however, some website features may not function correctly as a result.
8. CHILDREN'S DATA
Our services are directed exclusively at businesses (B2B) and professionals. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that a minor has submitted personal data, we will delete it immediately.
9. CHANGES TO THIS POLICY
We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, technology, or applicable law. The current version and its effective date are always published at greencoretech.uz/privacy. Material changes will be notified to registered clients by email at least 30 days before taking effect.
10. CONTACT
GreenCoreTech MCHJ — Data Controller
Email: privacy@greencoretech.uz
Telegram: @greencoretech
Address: Tashkent, Republic of Uzbekistan
For urgent data protection matters, contact us via Telegram for same-day response.