Languages
English (US)
en ka
 
0Cart

Privacy and Personal Data Protection Policy

Article 1.  General Provisions


1.1. This Privacy and Personal Data Protection Policy (hereinafter referred to as the “Policy”) is an official document of LLC Victoria-98 (ID number: 253070484), a legal entity established and operating under the legislation of Georgia. It defines the rules, principles, and safeguards for the processing of personal data of data subjects (customers, employees, partners, and other individuals).
1.2. The purpose of this Policy is to ensure a high level of protection for customers’ and other data subjects’ personal data, transparency, and compliance with legal, technical, and organizational requirements during the data processing procedures.
1.3. This Policy applies to all personal data held or potentially held by LLC Victoria-98 in the course of its communication with customers or any other data subjects, including data obtained through websites, applications, services, product inventory systems, or business partnerships.
1.4. This Policy is an integral part of the terms of use of Victoria-98’s website and goods. By accepting it, the user agrees to all provisions herein.
1.5. The Policy may be updated from time to time. A new version will be published on the website and shall enter into force immediately upon publication. Customers are responsible for periodically reviewing the updated Policy

Article 2. Definitions


The terms used in this Policy shall have the following meanings:
"Legislation" – The Law of Georgia on Personal Data Protection and other relevant regulatory acts in force in Georgia;
"Policy" – This Privacy and Personal Data Protection Policy, defining Victoria-98’s data processing approach;
"Personal Data" – Any information relating to an identified or identifiable natural person, as defined under Georgian law;
"Data Subject" – A person whose personal data is being processed by Victoria-98;
"Processing" – Any operation performed on personal data, including collection, recording, organization, storage, modification, use, transfer, blocking, deletion, and destruction;
"Data Controller" – A natural or legal person who determines the purposes and means of data processing and processes such data independently or through another party;
"Data Processor" – A person processing personal data on behalf of the controller based on a contract or other legal basis;
"Consent" – Freely and clearly expressed will of the data subject, based on sufficient information, to allow the processing of their data for specific purposes, provided in written (including electronic), oral, or other active form;
"Third Party" – Any natural or legal person other than the data subject, controller, or processor;
"Direct Marketing" – Communication intended to provide customers with information on products, services, or offers through direct communication channels (email, SMS, phone calls, etc.);
"Cookies" – Small text files stored on the user's device during website use that enable technical, analytical, and marketing functionalities;
"Informed Consent" – Consent based on clear and comprehensive prior information about all significant aspects of personal data processing.

Article 3. Legal Basis for Data Processing


3.1. Victoria-98 LLC processes personal data on the following legal grounds:
a) With the data subject’s prior, voluntary, and informed consent;
b) For the performance of a contract concluded with the data subject;
c)  For the fulfillment of legal obligations imposed on the company;
d) To protect the legitimate interests of Victoria-98 or a third party, provided this does not violate the subject’s fundamental rights;
e) From publicly available sources, in accordance with Georgian legislation.


Article 4. Sources of Data Collection


4.1. Victoria-98 LLC collects data from:
a) User registration on the website or application;
b) Purchase of goods or services;
c) Communication through various channels (email, telephone, chat);
d) Public registries and platforms;
e) Partner companies or service providers with a lawful basis.


Article 5. Categories of Processed Data


5.1. Victoria-98 LLC may process the following categories of data:
a) Identification data (name, surname, personal number, date of birth);
b) Contact information (email, telephone, address);
c) Financial information (account number, card type);
d) Technological data (IP address, cookies, device ID);
e) Behavioral and analytical data (navigation, user activity);
f) Audio/video recordings (phone calls or recorded footage);
g) Correspondence (chats, written communications);
h)  Publicly available information;
i) Any other data voluntarily submitted by the user.


Article 6. Purposes of Data Processing


Data processing serves the following purposes:
6.1. Efficient provision of services and goods – to ensure the receipt, processing, and delivery of orders placed by the customer for goods, including the updating of information related to such orders and the facilitation of relevant communication with the customer.
6.2. Management of customer communication – to establish contact with the customer, to deliver messages, information, notifications, and other service-related communications, including for the purpose of improving service quality and resolving issues.
6.3. Marketing activities – to carry out communication through various advertising channels, including personalized advertisements, offers, and promotional campaigns, based on the user’s consent.
6.4. Product improvement and development – to optimize services and develop new products based on the analysis of customer behavior, feedback, and usage patterns.
6.5. Internal analytics and market research – to analyze customer needs and market trends based on statistical and anonymized data.
6.6. Security and fraud prevention – to detect misuse of our services, and to monitor and prevent security incidents.
6.7. Responding to customer requests – to process and respond to customer complaints, inquiries, and requests.
6.8. Fulfillment of legal obligations – to comply with legal obligations established under Georgian and international law, including tax, accounting, consumer protection, and data protection regulations.


Article 7. Processing of Data for Direct Marketing Purposes


7.1. Victoria-98 LLC  is entitled to process a customer’s personal data for direct marketing purposes only upon obtaining the customer’s prior, voluntary, and informed consent.
7.2. Such processing includes the delivery of promotional, informational, or marketing messages to the customer.
7.3. Based on the data processed for direct marketing purposes, LLC Victoria-98 may provide personalized offers to the customer. These may include discounts, updates, and recommendations regarding new products and services tailored to the customer’s interests and behavioral patterns. Messages may be sent via email, SMS, or other electronic communication channels.
7.4. Consent may be given through the company’s website, application, or registration form by selecting the relevant checkbox (e.g., by clicking the “Privacy and Personal Data Protection Policy” acceptance button).
7.5. With the customer’s consent, LLC Victoria-98 is authorized to transfer personal data to selected third parties (including advertising agencies, marketing platforms, and messaging service providers) solely to the extent and for the duration necessary to deliver such marketing services.
7.6. The customer has the right to object to the processing of personal data for direct marketing purposes or to withdraw previously given consent at any time. Objection may be expressed by declining to sign the relevant marketing annex when entering into a contract or by selecting an appropriate opt-out option.
7.7. Consent withdrawal shall take effect no later than 7 (seven) business days from the date the customer submits the request. Requests must be sent to the following email address: garderob emeta@victoria98.com.ge In such cases, Victoria-98 LLC is obligated to cease processing the customer’s data for direct marketing purposes and to discontinue related communications.


Article 8. Cookie Policy


8.1. Victoria-98 LLC uses cookies and other supporting technologies to ensure the functionality of its application/website, improve performance, and enhance the user experience.
8.2. These may collect information about device type, browser, number of visits, time spent on the website, visited pages, and behavior.
8.3. Besides strictly necessary cookies, the following types are used:
a) Analytical Cookies – for site statistics and improvements;
b) Functional Cookies – for personalization and added functionality;
c) Marketing Cookies – for advertising targeting;
d) Social Media Cookies – for social media integration.
By clicking the "Accept Privacy Policy and Data Processing" button, the user consents to:
a) Collection of browser and IP-related data;
b) Sharing of data with third parties for technical and marketing purposes
c) Data processing in accordance with the cookies used.
8.4. Customers can modify or revoke their cookie preferences at any time via the "Cookie Preferences" link on the website
8.5. Further details are available in the “Cookie Privacy Policy.”


Article 9. Data Retention Period


9.1. 'Victoria-98' LLC retains personal data only for the period necessary to achieve the purpose of data processing, as well as for the period established by the applicable legislation. Specifically:
9.1.1. During the period of sales and service provision – for as long as the customer uses the services of LLC "Victoria-98" and a contractual relationship exists;
9.1.2. For a period not exceeding 3 years following the provision of the service, unless a longer retention period is required by law;
9.1.3. The retention and archiving of documentation and data is carried out for the period established by the limitation periods or administrative control periods stipulated under Georgian legislation (e.g., for tax or civil dispute purposes);
9.1.4. Upon expiration of the retention period, the data shall be destroyed in a secure and non-commercial manner that excludes the possibility of recovery.


Article 10. Data Security


10.1. “Victoria-98” LLC implements appropriate physical, technical, and administrative measures to ensure data security and to protect data from unauthorized access, use, alteration, or destruction. Specifically:
• Physical security of servers, workspaces, and other infrastructure is ensured;
• Access to data is granted only to authorized personnel through secure passwords and identification mechanisms;
• Employees undergo regular training on information security;
• System monitoring, risk assessment, and incident response mechanisms are in place;
• Security audits and system updates are conducted on a regular basis.


Article 11. Data Subject Rights


11.1. To request information regarding the personal data processed about them, including the source of the data, the purpose of processing, and the legal basis;
11.2. To request the rectification, update, or completion of data if it is found to be inaccurate or incomplete;
11.3. To request the deletion, suspension, or blocking of data, including in cases where the processing purpose has been fulfilled or the data is being processed unlawfully.
11.4. To withdraw their consent to data processing at any time, to the extent that the processing is based on such consent;
11.5. To request data portability – to receive the data in a structured, commonly used format or to have it transferred to another data controller;
11.6. To lodge a complaint with the Personal Data Protection Service or seek judicial remedy in case of a violation of their rights.


Article 12. Limitation of Rights


12.1. The exercise of the above-mentioned rights by the data subject may be restricted in cases provided by law, in particular where such exercise:
12.1.1. Poses a threat to state or public security;
12.1.2. Interferes with the interests of criminal proceedings or the administration of justice;
12.1.3. Infringes upon the lawful rights of other natural or legal persons;
12.1.4. Violates requirements related to professional, commercial, or state secrecy
12.1.5. Conflicts with the need to comply with applicable legal obligations or requirements of the law.

12.2. Any such restriction shall be applied only to the extent proportionate to the legitimate purpose and only for as long as the legal grounds for the restriction exist.


Article 13. Changes to the Policy


13.1. “Victoria-98” LLC reserves the right to update or amend this Policy periodically in response to legal, technological, or administrative changes. Any such changes shall be published on the website and shall become effective upon publication.
13.2. Customers are advised to review the Policy updates on a regular basis.


Article 14. Contact


14.1. For additional information, to exercise your rights, or to inquire about any matters related to data processing, please contact us via the following communication channel:
Email: garderobemeta@victoria98.com.ge

“Victoria-98” LLC remains committed to upholding the highest standards of personal data protection for its customers.