1. Home
  2. Privacy and Cookies Policy

Privacy and Cookies Policy


This Website may collect some Personal Data from its Users.

This Privacy and Cookies Policy is governed and construed in accordance with the Acting Law of the AIFC and the Processing of Personal Data is made in accordance with the AIFC Data Protection Regulations No. 10 of 2017 (“DPR”).

Terms used in this Privacy and Cookies Policy have the same meanings as they have, from time to time, in the DPR, or the relevant provisions of DPR, unless the contrary intention appears.

Any dispute between User and us arising under or in connection with this Privacy and Cookies Policy shall be resolved in the AIFC Court under the Rules and Regulations of the AIFC Court.

If any provision (or part of a provision) of this Privacy and Cookies Policy is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, such term, condition or provision will to that extent be severed from the remaining terms, conditions and provisions which will continue to be valid to the fullest extent permitted by law.

Types of Data collected
Contact form (this Website) and correspondence data

By filling in the contact form with their Data, the User authorizes this Website to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header. The correspondence data may be processed for the purposes of communicating with the User and record-keeping. Personal Data collected: email address, first name and last name, company’s details, communication content and metadata associated with the communication.

Mailing list or newsletter (this Website)
The User’s email address may be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning this Website.

Usage Data
Information collected automatically from this Website (or third party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

System logs and maintenance
For operation and maintenance purposes, this Website and any third party services may collect files that record interaction with this Website (System logs) or use for this purpose other Personal Data (such as IP Address).

Publication data
The Website may process information that the User posts for publication on the Website or through our services. The publication data may be processed for the purposes of enabling such publication and administering the Website and services. Personal Data collected: email address, first name and last name, address, telephone number, publication pictures, gender, date of birth, educational details and employment details.

Providing Personal data
The Personal Data is freely provided by the User, or, in case of Usage Data, collected automatically when using this Website.

All Data requested by this Website is mandatory for submission and failure to provide this Personal Data may make it impossible for this Website to provide its services. In cases where this Website specifically states that some Personal Data is not mandatory, Users are free not to communicate this Personal Data without any consequences on the availability or the functioning of the service.

Users who are uncertain about which Personal Data is mandatory for submission are welcome to contact AIX (Owner).
Any use of Cookies – or of other tracking tools – by this Website or by the owners of third party services used by this Website serves the purpose of providing the service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
Users are responsible for any third party Personal Data obtained, published or shared through this Website and confirm that they have the third party’s consent to provide the Personal Data to the Owner.

Mode and place of processing the Data
Methods of processing
The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. An updated list of these parties may be requested from the Data Controller at any time.

International Data transfers

The User acknowledges that the Data may be transferred, processed, and stored with reputable cloud service providers located in a jurisdiction outside the AIFC.

Retention time
The Data is kept for the time necessary to provide the service requested by the User, or stated by the purposes outlined in this document, or to comply with legal or regulatory obligations of Data Controller, and the User can always request that the Data Controller suspend or remove the Data as it is stipulated hereof. The Data shall in any case be withdrawn from our systems after 7 (seven) years except for the Data that we are required to keep for longer on the basis of specific legislation or in the event of ongoing litigation for which Data shall be necessary.

The use of the collected Data
The Data concerning the User is collected to allow the Owner to provide its services.
The Data Controller may disclose personal data of the User to any member of our group of companies (this means our subsidiaries, our holding company and all its subsidiaries) insofar as reasonably necessary.
The Data Controller may disclose Personal Data of the User to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes. The User’s Personal Data may be used for legal purposes by the Data Controller, in Court or in the stages leading to possible legal action arising from improper use of this Website or the related services.

Legal action
In addition to the specific disclosures of Personal Data set out in this Privacy Policy, the Data Controller may also disclose User’s Personal Data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect User’s vital interests or the vital interests of another person.
The User declares to be aware that the Data Controller may be required to reveal Personal Data upon request of public authorities.

The rights of Users


Right of access

The User shall have the right to ask at any time whether his (her) Personal Data have been collected, over what period of time, and for what purpose.

Right to rectification

The User shall have the right to ask that false or incomplete Personal Data be corrected or completed at any time on a simple request.

Right to restriction of processing

The User may request that the processing of his (her) Personal Data be limited. This means that the Data in question must be “marked” in our computer system and cannot be used for a certain period of time.

Right to erasure

Subject to the exceptions required by AIFC Laws, the User shall have the right to demand that his (her) Personal Data be erased. The Personal Data shall be deleted without delay, in particular, if one of the following reasons applies:

  1. the Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed;
  2. the User revoked its consent on which the processing of it’s Personal Data was based, and there is no other legal basis for the processing;
  3. the Personal Data has been processed unlawfully.

The right to erasure does not exist insofar as the User’s Personal Data is required for the assertion, exercise or defence of legal claims.

To exercise User’s rights (if applicable) and/or for any other questions about the handling of User’s Personal Data, we refer User to the Data Controller at the contact information set out below.
This Website does not support “Do Not Track” requests. To determine whether any of the third party services it uses honor the “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy
The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to its Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a User objects to any of the changes to this Privacy Policy, the User must cease using this Website and can request that the Data Controller remove the Personal Data. Unless stated otherwise, the then-current Privacy Policy applies to all Personal Data the Data Controller has about Users.

Personal Data (or Data)
Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.

The individual using this Website, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refers.

Data Subject
The legal or natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor)
The natural person, legal person, public administration or any other body, association or organization authorized by the Data Controller to process the Personal Data in compliance with this Privacy Policy.

Data Controller and Owner
Astana International Exchange Limited.
Owner contact email: [email protected]

This Website
The hardware or software tool by which the Personal Data of the User is collected.

Legal information
This Privacy Policy relates solely to this Website. Links to websites by other providers are not covered by this Privacy Policy.



Information about our use of cookies

Our Website uses cookies to distinguish User from other Users of our Website and to provide User with access to content. This helps us provide User with a good experience when User browses our Website and also allows us to improve our site.

This Cookie Policy provides the User with clear and comprehensive information about the cookies we use and the purposes for using them.

What are cookies?

Cookies are small pieces of data, stored in text files, that are stored on User’s computer or other device when websites are loaded in a browser. They are widely used to “remember” User and User’s preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that User visits (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”).

How we use cookies

We use cookies for a number of different purposes. Some cookies are necessary for technical reasons; some enable a personalized experience for both visitors and registered users; and some allow the display of advertising from selected third party networks. Some of these cookies may be set when a page is loaded, or when a visitor takes a particular action (clicking the “like” or “follow” button on a post, for example).

For now, AIX collects cookies for analytics purposes only in order to improve our Website and to monitor the Website’s traffic and usage.

User’s consent

The Website collects cookies irrespective of whether the User presses “Consent” button or not.

By continuing to use our Website, User agrees that we may place cookies on User’s computer in order to analyze the way User uses our Website.

Types of Cookies

Cookies may be either “persistent” cookies or “session” cookies. The Website uses persistent cookies.

A persistent cookie consent of a text file sent by a web server to a web browser, which allows us to collect and analyze (on an anonymous basis) traffic and use of the website, monitor the system and improve operating performance, for example, store User’s preferences to enhance User’s subsequent visits. It will not be automatically deleted when the browser is closed but is stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date).

A complete list of the cookies we use is set out in the table below.  This list (together with the rest of this policy) is subject to change from time to time.

Category of cookies Why we use these cookies

“Functionality” cookies are used to provide services or to remember settings to improve the users’ visit. Some Functionality cookies are necessary to allow the user to move around the Website, use essential features like secure areas, and access and use mobile apps.

We use Functionality cookies to manage the registration of User’s account and for general administration purposes. These cookies are usually deleted when User logs out but may remain to remember User’s preferences and settings when User is logged out.

Security We use these cookies to help identify and prevent potential security risks.
Analytics and Performance

“Performance” cookies collect information about how User uses our Website (e.g., which pages User visits and if User experiences any errors). These cookies do not collect any information that could identify the User and are only used to help us improve how our Website works, understand what interests our Users and measure how effective our content is.

We use performance cookies for:

  • Web analytics to provide anonymous statistics on how our Website is used.
  • Error management to help us improve the Website by measuring any errors that occur.

By using our Website, User accepts the use of “Performance” cookies. Accepting these cookies is a condition of using the Website, so if User prevents them, we cannot guarantee how our site will perform for User.

Third Party cookies / Embedded Content

This Website uses third party cookies from trusted third parties. Some third party cookies are necessary to allow User to access content provided on our Website by one or more third parties. These cookies may also track User’s use of the Website, including how long User spends on the Website and the pages that User visits so that we can continue to provide engaging content.

Google Analytics is among the third party cookies used on this Website. Google Analytics is a common and trusted analytics solution on the Web for helping us understand how User uses our Website and the ways that we can improve User’s experience.

For more information about Google Analytics cookies, please see Google’s help pages and privacy policy:

Google’s Privacy Policy

Google Analytics Help pages


If the User identifies a Cyber and Information Security incident with AIX Website or suspicion of such an incident, she/he must immediately report the details by email at https://www.aix.kz/contact/

Contact Us

Any questions about our use of cookies, can be addressed to the most relevant contact details in https://www.aix.kz/contact/