PRIVACY POLICY
1. General Provisions
This Privacy Policy (hereinafter — the "Policy") has been developed in accordance with the requirements of the Law of the Republic of Armenia "On the Protection of Personal Data" (No. ZR-49, adopted on May 18, 2015, hereinafter — the "Law"), the Constitution of the Republic of Armenia (Article 34), as well as international treaties of the Republic of Armenia in the field of human rights protection, including the European Convention on Human Rights of 1950.
This Policy determines the procedure for the collection, processing, storage, transfer, and protection of personal data of users of the website http://agny-agency.am (hereinafter — the "Website"), as well as the measures taken by the Operator to ensure the confidentiality and security of such data.
1.1. The Operator regards the protection of the rights and freedoms of individuals in the processing of personal data as a priority, including the right to privacy and the protection of personal data guaranteed by the legislation of the Republic of Armenia.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the Website.
1.3. Supervision over compliance with personal data protection legislation is carried out by the Personal Data Protection Agency of the Republic of Armenia (PDPA), operating within the Ministry of Justice of the Republic of Armenia.
2. Key Definitions Used in This Policy
2.1. Personal Data — any information relating directly or indirectly to an identified or identifiable natural person (data subject), including name, identification numbers, online identifiers, and data specific to the physical, physiological, psychological, economic, cultural, or social characteristics of that person.
2.2. Operator (Data Controller) — a natural or legal person who organizes and/or carries out the processing of personal data and determines the purposes and means of such processing.
2.3. Processing of Personal Data — any operation or set of operations performed with personal data: collection, recording, organization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction.
2.4. Data Subject — a natural person whose personal data is processed by the Operator.
2.5. Consent of the Data Subject — a freely given, specific, informed, and unambiguous expression of will by the data subject, by which he or she gives permission for the processing of personal data relating to him or her.
2.6. Supervisory Authority — the Personal Data Protection Agency of the Republic of Armenia (PDPA).
2.7. Confidentiality of Personal Data — the obligation of the Operator not to disclose or distribute personal data without the consent of the data subject or another legal basis.
3. Operator Details
The Operator of personal data pursuant to this Policy is:
• Full name: "Agny Agency" LLC
• Address: Yerevan, Republic of Armenia
• Email: support@agny-agency.com
• Phone: +374 (33) 255-988
• Website: http://agny-agency.am
4. Categories of Personal Data Processed
4.1. Depending on the nature of interaction with the Website, the Operator may process the following categories of personal data:
4.1.1. Data provided directly by users:
• First name, last name
• Phone number
• Email address
• City / region
• Content of inquiries and requests (when feedback or cost calculation forms are submitted)
4.1.2. Data collected automatically:
• IP address
• Cookies and session identifiers
• Browser, operating system, and device data
• Pages visited on the Website and time spent on them
• Source of referral to the Website (search engines, advertising links, etc.)
• Actions on the Website: clicks, views, form submissions
• Session parameters and timestamps
4.2. The Operator does not process special categories of personal data (data on racial or ethnic origin, political opinions, religious beliefs, health status, biometric data) without the explicit written consent of the data subject or another legal basis provided by the Law.
5. Purposes of Personal Data Processing
Personal data is processed by the Operator for the following purposes:
• Ensuring the functioning of the Website and providing access to its services, information, and materials;
• Processing user inquiries and requests submitted through forms on the Website;
• Determining the user's location (city) to provide relevant information;
• Analyzing Website traffic and performance, improving its functionality and user experience;
• Providing information about the Operator's products and services;
• Personalizing advertising materials and optimizing advertising campaigns — with the user's consent;
• Complying with the requirements of the legislation of the Republic of Armenia.
Personal data is processed exclusively for the purposes specified in this section. Processing of personal data for purposes incompatible with those stated is not permitted.
The Operator does not carry out automated decision-making that produces legal effects on data subjects.
6. Legal Bases for Personal Data Processing
In accordance with the Law of the Republic of Armenia "On the Protection of Personal Data", the Operator processes personal data on the following legal bases:
• Consent of the data subject (Article 8 of the Law) — the primary legal basis for processing the data of Website users;
• Performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract;
• Compliance with the legal obligations of the Operator established by the legislation of the Republic of Armenia;
• Protection of the vital interests of the data subject or another person;
• Pursuit of the legitimate interests of the Operator (including ensuring Website security, preventing fraud, protecting the rights and legal interests of the Operator) — provided that such interests do not override the rights and freedoms of the data subject.
Consent to the processing of personal data must be informed, specific, voluntary, and unambiguous. The user has the right to withdraw their consent at any time in accordance with the procedure provided in Section 9 of this Policy.
7. Rights of Data Subjects
In accordance with the Law of the Republic of Armenia "On the Protection of Personal Data", a data subject has the following rights:
• Right of access — to obtain information about whether personal data is being processed and to access the data and information about the conditions of its processing;
• Right to rectification — to request the clarification, updating, or correction of inaccurate, incomplete, or outdated personal data;
• Right to erasure — to request the deletion of personal data in cases provided by the Law (including upon achievement of the processing purposes, withdrawal of consent, or unlawfulness of processing);
• Right to restriction — to request the temporary suspension of personal data processing in cases provided by the Law;
• Right to withdraw consent — the data subject may withdraw previously given consent to the processing of personal data at any time without giving reasons;
• Right to object — to object to the processing of personal data in cases where processing is carried out on the basis of the legitimate interests of the Operator;
• Right to lodge a complaint — to submit a complaint to the Personal Data Protection Agency of the Republic of Armenia (PDPA) or to a court in the event of violations by the Operator.
To exercise any of the above rights, the data subject may send a request to the Operator at the email address: support@agny-agency.com with the appropriate subject line. The Operator shall review the request and provide a response within 10 business days from the date of receipt, unless a different period is established by the legislation of the Republic of Armenia.
8. Obligations of the Operator
In accordance with the Law of the Republic of Armenia "On the Protection of Personal Data", the Operator is obliged to:
• Process personal data lawfully, fairly, and transparently;
• Notify the data subject of the purposes, scope, and conditions of processing their data prior to the commencement of such processing (Article 9(6) of the Law);
• Ensure the accuracy, sufficiency, and relevance of the personal data being processed;
• Store personal data no longer than is necessary for the purposes of processing;
• Take the necessary legal, organizational, and technical measures to protect personal data;
• Review requests from data subjects and their legal representatives within the established timeframes;
• Upon detection of personal data security breaches, notify the competent authorities in the manner and within the timeframes established by the legislation of the Republic of Armenia;
• Notify the PDPA of its intention to carry out cross-border transfer of personal data in accordance with Article 23 of the Law;
• Ensure unrestricted access to this Privacy Policy.
9. Procedure for Collection, Storage, Transfer, and Other Processing of Personal Data
9.1. The Operator ensures the safety of personal data and takes all reasonable measures to prevent unauthorized access to it.
9.2. Personal data of users is not transferred to third parties without their consent, except in cases expressly provided for by the legislation of the Republic of Armenia, or where such transfer is necessary to fulfill obligations to the user under a civil law contract.
9.3. The retention period for personal data is determined by the achievement of the purposes for which it was collected. Upon achievement of those purposes, personal data is deleted or anonymized, unless otherwise provided by contract or the legislation of the Republic of Armenia.
9.4. To clarify their personal data, the user may send a notification to the Operator's email address support@agny-agency.com with the subject line "Personal Data Clarification".
9.5. The user has the right to withdraw their consent to the processing of personal data at any time by sending a notification to the Operator's email address support@agny-agency.com with the subject line "Withdrawal of Consent to Personal Data Processing".
Disabling cookies is done by the user independently through browser settings.
9.6. The Operator ensures the confidentiality of personal data and obliges all persons with access to it to maintain confidentiality.
9.7. Information collected by third-party services (analytics platforms, payment systems, communication tools) is stored and processed by those services in accordance with their own privacy policies. The Operator is not responsible for the actions of third parties in relation to the processing of personal data.
10. Cross-Border Transfer of Personal Data
10.1. Prior to carrying out a cross-border transfer of personal data, the Operator notifies the PDPA in accordance with the procedure established by Article 23 of the Law of the Republic of Armenia "On the Protection of Personal Data".
10.2. Cross-border transfer of personal data to countries that do not ensure an adequate level of personal data protection (as determined by the PDPA list) is carried out only with the permission of the PDPA and subject to the provision of guarantees of adequate protection of the rights of data subjects.
10.3. The list of countries providing an adequate level of personal data protection is determined and published by the Personal Data Protection Agency of the Republic of Armenia (PDPA). The Operator follows the current version of such list published on the official website of the PDPA.
11. Use of Cookies and Analytics Services
11.1. The Website uses cookies — small text files placed on the user's device — to ensure the proper functioning of the Website, analyze traffic, and personalize content.
11.2. The legal basis for the use of cookies is the user's consent, expressed upon first visiting the Website via a pop-up notification.
11.3. The user may at any time decline the use of cookies by changing the relevant browser settings. Disabling cookies may affect the functionality of the Website.
11.4. The Website may use the following analytics services:
• Yandex.Metrica — for analyzing traffic and user behavior;
• Google Analytics — for statistics and improving Website performance.
These services collect anonymized data on user behavior and process it in accordance with their own privacy policies.
12. Personal Data Security Measures
12.1. The Operator takes the necessary legal, organizational, and technical measures to protect personal data against unlawful or accidental access, destruction, modification, blocking, copying, distribution, and other unlawful actions.
12.2. Security measures implemented include:
• Data encryption during transmission (HTTPS/TLS protocol);
• Access control to personal data — authorized personnel only;
• Regular vulnerability assessments and security system monitoring;
• Storage of data on servers with adequate physical and software protection;
• Training of employees on the requirements of personal data protection legislation.
12.3. In the event of a personal data security breach (data leak, unauthorized access, etc.), the Operator shall notify the Personal Data Protection Agency of the Republic of Armenia and other competent authorities in the manner and within the timeframes established by the legislation of the Republic of Armenia, and shall also inform data subjects if required by law.
13. Liability
13.1. For violations of the requirements of the legislation of the Republic of Armenia in the field of personal data protection, the Operator shall be held liable in accordance with the Law "On the Protection of Personal Data" and other regulatory legal acts of the Republic of Armenia.
13.2. The Operator bears administrative, civil, and criminal liability in the cases and in the manner provided by the legislation of the Republic of Armenia.
13.3. The PDPA has the right to conduct inspections of the Operator's compliance with the legislation on personal data protection and to impose a ban on the processing of personal data in the event of violations being identified.
14. Final Provisions
14.1. This Policy is a public document and is available on the Website at: http://agny-agency.am/privacy_policy.
14.2. The Operator reserves the right to make changes to this Policy. In the event of material changes, users shall be notified by posting an updated version on the Website or by other available means. Continued use of the Website after the changes take effect constitutes the user's acceptance of the updated Policy.
14.3. This Policy is valid indefinitely until replaced by a new version.
14.4. For all questions related to the processing of personal data, the user may contact the Operator:
• By email: support@agny-agency.com
• By phone: +374 (33) 255-988
• By mail: Yerevan, Republic of Armenia
14.5. If the user believes that their rights in the field of personal data protection have been violated, they may lodge a complaint with the Personal Data Protection Agency of the Republic of Armenia (PDPA):
• Website: http://agny-agency.am
• Address: Yerevan, Republic of Armenia
This Privacy Policy (hereinafter — the "Policy") has been developed in accordance with the requirements of the Law of the Republic of Armenia "On the Protection of Personal Data" (No. ZR-49, adopted on May 18, 2015, hereinafter — the "Law"), the Constitution of the Republic of Armenia (Article 34), as well as international treaties of the Republic of Armenia in the field of human rights protection, including the European Convention on Human Rights of 1950.
This Policy determines the procedure for the collection, processing, storage, transfer, and protection of personal data of users of the website http://agny-agency.am (hereinafter — the "Website"), as well as the measures taken by the Operator to ensure the confidentiality and security of such data.
1.1. The Operator regards the protection of the rights and freedoms of individuals in the processing of personal data as a priority, including the right to privacy and the protection of personal data guaranteed by the legislation of the Republic of Armenia.
1.2. This Policy applies to all information that the Operator may obtain about visitors to the Website.
1.3. Supervision over compliance with personal data protection legislation is carried out by the Personal Data Protection Agency of the Republic of Armenia (PDPA), operating within the Ministry of Justice of the Republic of Armenia.
2. Key Definitions Used in This Policy
2.1. Personal Data — any information relating directly or indirectly to an identified or identifiable natural person (data subject), including name, identification numbers, online identifiers, and data specific to the physical, physiological, psychological, economic, cultural, or social characteristics of that person.
2.2. Operator (Data Controller) — a natural or legal person who organizes and/or carries out the processing of personal data and determines the purposes and means of such processing.
2.3. Processing of Personal Data — any operation or set of operations performed with personal data: collection, recording, organization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction.
2.4. Data Subject — a natural person whose personal data is processed by the Operator.
2.5. Consent of the Data Subject — a freely given, specific, informed, and unambiguous expression of will by the data subject, by which he or she gives permission for the processing of personal data relating to him or her.
2.6. Supervisory Authority — the Personal Data Protection Agency of the Republic of Armenia (PDPA).
2.7. Confidentiality of Personal Data — the obligation of the Operator not to disclose or distribute personal data without the consent of the data subject or another legal basis.
3. Operator Details
The Operator of personal data pursuant to this Policy is:
• Full name: "Agny Agency" LLC
• Address: Yerevan, Republic of Armenia
• Email: support@agny-agency.com
• Phone: +374 (33) 255-988
• Website: http://agny-agency.am
4. Categories of Personal Data Processed
4.1. Depending on the nature of interaction with the Website, the Operator may process the following categories of personal data:
4.1.1. Data provided directly by users:
• First name, last name
• Phone number
• Email address
• City / region
• Content of inquiries and requests (when feedback or cost calculation forms are submitted)
4.1.2. Data collected automatically:
• IP address
• Cookies and session identifiers
• Browser, operating system, and device data
• Pages visited on the Website and time spent on them
• Source of referral to the Website (search engines, advertising links, etc.)
• Actions on the Website: clicks, views, form submissions
• Session parameters and timestamps
4.2. The Operator does not process special categories of personal data (data on racial or ethnic origin, political opinions, religious beliefs, health status, biometric data) without the explicit written consent of the data subject or another legal basis provided by the Law.
5. Purposes of Personal Data Processing
Personal data is processed by the Operator for the following purposes:
• Ensuring the functioning of the Website and providing access to its services, information, and materials;
• Processing user inquiries and requests submitted through forms on the Website;
• Determining the user's location (city) to provide relevant information;
• Analyzing Website traffic and performance, improving its functionality and user experience;
• Providing information about the Operator's products and services;
• Personalizing advertising materials and optimizing advertising campaigns — with the user's consent;
• Complying with the requirements of the legislation of the Republic of Armenia.
Personal data is processed exclusively for the purposes specified in this section. Processing of personal data for purposes incompatible with those stated is not permitted.
The Operator does not carry out automated decision-making that produces legal effects on data subjects.
6. Legal Bases for Personal Data Processing
In accordance with the Law of the Republic of Armenia "On the Protection of Personal Data", the Operator processes personal data on the following legal bases:
• Consent of the data subject (Article 8 of the Law) — the primary legal basis for processing the data of Website users;
• Performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract;
• Compliance with the legal obligations of the Operator established by the legislation of the Republic of Armenia;
• Protection of the vital interests of the data subject or another person;
• Pursuit of the legitimate interests of the Operator (including ensuring Website security, preventing fraud, protecting the rights and legal interests of the Operator) — provided that such interests do not override the rights and freedoms of the data subject.
Consent to the processing of personal data must be informed, specific, voluntary, and unambiguous. The user has the right to withdraw their consent at any time in accordance with the procedure provided in Section 9 of this Policy.
7. Rights of Data Subjects
In accordance with the Law of the Republic of Armenia "On the Protection of Personal Data", a data subject has the following rights:
• Right of access — to obtain information about whether personal data is being processed and to access the data and information about the conditions of its processing;
• Right to rectification — to request the clarification, updating, or correction of inaccurate, incomplete, or outdated personal data;
• Right to erasure — to request the deletion of personal data in cases provided by the Law (including upon achievement of the processing purposes, withdrawal of consent, or unlawfulness of processing);
• Right to restriction — to request the temporary suspension of personal data processing in cases provided by the Law;
• Right to withdraw consent — the data subject may withdraw previously given consent to the processing of personal data at any time without giving reasons;
• Right to object — to object to the processing of personal data in cases where processing is carried out on the basis of the legitimate interests of the Operator;
• Right to lodge a complaint — to submit a complaint to the Personal Data Protection Agency of the Republic of Armenia (PDPA) or to a court in the event of violations by the Operator.
To exercise any of the above rights, the data subject may send a request to the Operator at the email address: support@agny-agency.com with the appropriate subject line. The Operator shall review the request and provide a response within 10 business days from the date of receipt, unless a different period is established by the legislation of the Republic of Armenia.
8. Obligations of the Operator
In accordance with the Law of the Republic of Armenia "On the Protection of Personal Data", the Operator is obliged to:
• Process personal data lawfully, fairly, and transparently;
• Notify the data subject of the purposes, scope, and conditions of processing their data prior to the commencement of such processing (Article 9(6) of the Law);
• Ensure the accuracy, sufficiency, and relevance of the personal data being processed;
• Store personal data no longer than is necessary for the purposes of processing;
• Take the necessary legal, organizational, and technical measures to protect personal data;
• Review requests from data subjects and their legal representatives within the established timeframes;
• Upon detection of personal data security breaches, notify the competent authorities in the manner and within the timeframes established by the legislation of the Republic of Armenia;
• Notify the PDPA of its intention to carry out cross-border transfer of personal data in accordance with Article 23 of the Law;
• Ensure unrestricted access to this Privacy Policy.
9. Procedure for Collection, Storage, Transfer, and Other Processing of Personal Data
9.1. The Operator ensures the safety of personal data and takes all reasonable measures to prevent unauthorized access to it.
9.2. Personal data of users is not transferred to third parties without their consent, except in cases expressly provided for by the legislation of the Republic of Armenia, or where such transfer is necessary to fulfill obligations to the user under a civil law contract.
9.3. The retention period for personal data is determined by the achievement of the purposes for which it was collected. Upon achievement of those purposes, personal data is deleted or anonymized, unless otherwise provided by contract or the legislation of the Republic of Armenia.
9.4. To clarify their personal data, the user may send a notification to the Operator's email address support@agny-agency.com with the subject line "Personal Data Clarification".
9.5. The user has the right to withdraw their consent to the processing of personal data at any time by sending a notification to the Operator's email address support@agny-agency.com with the subject line "Withdrawal of Consent to Personal Data Processing".
Disabling cookies is done by the user independently through browser settings.
9.6. The Operator ensures the confidentiality of personal data and obliges all persons with access to it to maintain confidentiality.
9.7. Information collected by third-party services (analytics platforms, payment systems, communication tools) is stored and processed by those services in accordance with their own privacy policies. The Operator is not responsible for the actions of third parties in relation to the processing of personal data.
10. Cross-Border Transfer of Personal Data
10.1. Prior to carrying out a cross-border transfer of personal data, the Operator notifies the PDPA in accordance with the procedure established by Article 23 of the Law of the Republic of Armenia "On the Protection of Personal Data".
10.2. Cross-border transfer of personal data to countries that do not ensure an adequate level of personal data protection (as determined by the PDPA list) is carried out only with the permission of the PDPA and subject to the provision of guarantees of adequate protection of the rights of data subjects.
10.3. The list of countries providing an adequate level of personal data protection is determined and published by the Personal Data Protection Agency of the Republic of Armenia (PDPA). The Operator follows the current version of such list published on the official website of the PDPA.
11. Use of Cookies and Analytics Services
11.1. The Website uses cookies — small text files placed on the user's device — to ensure the proper functioning of the Website, analyze traffic, and personalize content.
11.2. The legal basis for the use of cookies is the user's consent, expressed upon first visiting the Website via a pop-up notification.
11.3. The user may at any time decline the use of cookies by changing the relevant browser settings. Disabling cookies may affect the functionality of the Website.
11.4. The Website may use the following analytics services:
• Yandex.Metrica — for analyzing traffic and user behavior;
• Google Analytics — for statistics and improving Website performance.
These services collect anonymized data on user behavior and process it in accordance with their own privacy policies.
12. Personal Data Security Measures
12.1. The Operator takes the necessary legal, organizational, and technical measures to protect personal data against unlawful or accidental access, destruction, modification, blocking, copying, distribution, and other unlawful actions.
12.2. Security measures implemented include:
• Data encryption during transmission (HTTPS/TLS protocol);
• Access control to personal data — authorized personnel only;
• Regular vulnerability assessments and security system monitoring;
• Storage of data on servers with adequate physical and software protection;
• Training of employees on the requirements of personal data protection legislation.
12.3. In the event of a personal data security breach (data leak, unauthorized access, etc.), the Operator shall notify the Personal Data Protection Agency of the Republic of Armenia and other competent authorities in the manner and within the timeframes established by the legislation of the Republic of Armenia, and shall also inform data subjects if required by law.
13. Liability
13.1. For violations of the requirements of the legislation of the Republic of Armenia in the field of personal data protection, the Operator shall be held liable in accordance with the Law "On the Protection of Personal Data" and other regulatory legal acts of the Republic of Armenia.
13.2. The Operator bears administrative, civil, and criminal liability in the cases and in the manner provided by the legislation of the Republic of Armenia.
13.3. The PDPA has the right to conduct inspections of the Operator's compliance with the legislation on personal data protection and to impose a ban on the processing of personal data in the event of violations being identified.
14. Final Provisions
14.1. This Policy is a public document and is available on the Website at: http://agny-agency.am/privacy_policy.
14.2. The Operator reserves the right to make changes to this Policy. In the event of material changes, users shall be notified by posting an updated version on the Website or by other available means. Continued use of the Website after the changes take effect constitutes the user's acceptance of the updated Policy.
14.3. This Policy is valid indefinitely until replaced by a new version.
14.4. For all questions related to the processing of personal data, the user may contact the Operator:
• By email: support@agny-agency.com
• By phone: +374 (33) 255-988
• By mail: Yerevan, Republic of Armenia
14.5. If the user believes that their rights in the field of personal data protection have been violated, they may lodge a complaint with the Personal Data Protection Agency of the Republic of Armenia (PDPA):
• Website: http://agny-agency.am
• Address: Yerevan, Republic of Armenia
