Privacy and personal data security policy
E-commerce portal www.pride.md it is owned and managed by PRIDE SYSTEM S. R. L. and is fully dedicated to protecting the privacy of all personal data we collect, process and store, being the controller of personal data processing.
Controller: any natural or legal person, private or public law, including public authorities, institutions and their territorial structures, which establishes the purpose and means of processing personal data.
This privacy and security policy helps you understand:
- What is personal data;
- What data we collect and how we collect it;
- How, why and how long we process this data;
- To whom and why we transmit personal data;
- How we protect this data;
- What rights do you have;
- How you can exercise these rights.
1. What is personal data
According to law no.133 of 08.07.2011 on the protection of personal data; national normative acts GD no.296 of 15.05.2012; art.74/1, 74/2, 74/3, 74/4, contravention code of the RM for the protection of personal data of the Republic Of Moldova personal data is any information that relates to an identified or identifiable natural person. The different information that, gathered, can lead to the identification of a particular person is also personal data.
Examples of personal data: a first and last name; a home address; an email address such as email@example.com; an ID number; location data; an internet protocol (IP) address; a cookie identifier.
2. What data we collect and how we collect it
- Information you provide to us
The data you submit through the forms available on this portal (registration/authorization, registration/reservation of courses, registration to the newsletter/community/forum, registration and participation in the seminars organized by us, return requests/refunds/rights requests, certificates/warranty cards, registration and participation in the competitions organized) in physical or digital format, through e-mail messages sent to us or following telephone calls.
- Data collected automatically
When you access our portal (www.pride.md) the web server automatically saves access logs containing the visitor's IP address, the web resource (document) accessed as well as information about the operating system/browser used. We store this data to prevent fraud and to ensure the security of the portal and information.
3. How, why and how long we process this data
Processing of personal data: any operation or set of operations that is performed on personal data by automatic or non-automatic means, such as collection, recording, organization, storage, adaptation or modification, extraction, consultation, use, disclosure to third parties by transmission, dissemination or in any other way, joining or combining, blocking, erasure or destruction.
- The controller will process personal data for the following purposes:
- Offering the services / products requested by you;
- To confirm the services / products you have ordered and to provide additional information about them;
- For bidding, contracting, invoicing operations;
- For compliance with the laws in force;
- For activities specific to the Human Resources Department, in case you are interested in being part of our team;
- To inform you about the promotional offers, news about the services in our company's portfolio or to invite you to the free seminars organized;
- To prevent fraud and to ensure the security of the portal and information.
We will process this data throughout our contractual relationship and after its completion, at least for the period required by the applicable legal provisions in the field, including but not limited to the provisions on archiving.
4. To whom and why we transmit personal data
Privacy of personal data is one of the most important aspects for us. We do not transmit this data to third parties unless necessary, and only the data necessary for compliance with legal or accreditation requirements.
The Site may contain links to other sites. The Site is not responsible for the content, quality and security policies of these sites. This Privacy Statement applies only to information displayed directly on the site.
5. How we protect this data
Personal data are processed safely because we have taken appropriate technical and organizational measures regarding data security, against unauthorized processing or alteration, against loss or destruction, as well as against unauthorized disclosure and access to personal data transmitted, stored or processed, thus ensuring the integrity, availability, confidentiality and authenticity of personal data.
We make all reasonable and commercially justified efforts to protect the personal data we hold, analyze new technologies in the field and, when and where appropriate, apply them to upgrade our security systems.
We have also implemented appropriate technical and organizational measures to ensure that only personal data necessary for the specified purposes are processed. The principle of implicit data protection will also be followed during the development of new products or services.
However, despite efforts to store the information collected in a secure operating environment that is not publicly available, we cannot guarantee the absolute security of this information during transmission or storage on our systems. In case of security breaches that endanger your privacy or personal information, we undertake to inform you of these things, either through this portal or through other methods at our disposal (email messages, phone calls).
6. What rights do you have
Informing the subject of personal data
Where personal data are collected directly from the data subject, the controller or processor is obliged to provide him with the following information, unless he already owns that information:
1. identity of the controller or, where applicable, of the processor;
2) the purpose of processing the collected data;
3) additional information such as:
- recipients or categories of recipients of personal data;
- the existence of data access, data intervention and opposition rights and the conditions under which they may be exercised;
- whether the answers to the questions with which the data is collected are mandatory or voluntary, as well as the possible consequences of the refusal to answer.
Right of access to personal data
(1) any subject of personal data has the right to obtain from the controller, on request, without delay and free of charge:
- confirmation that the data concerning him are or are not processed by him, also information on the purposes of the processing, the categories of data envisaged and the recipients or categories of recipients to whom the data are disclosed;
- communication, in an intelligible form and in a way that does not require additional equipment, of the personal data subject to processing, as well as of any available information on the origin of such data;
- information on the principles of operation of the mechanism by which the automated processing of data concerning the subject of personal data is carried out;
- information on the legal consequences generated by the processing of personal data for the subject of such data;
- information on how to exercise the right of intervention over personal data.
(2) if personal data on health status are processed for scientific research purposes, if there is no risk of affecting the rights of the subject of personal data and if the data are not used to make decisions or measures towards a particular person, the communication of the information provided in para. (1) it can be done within a longer period than the one established by the law on access to information, insofar as it could affect the research or its outcome, but not later than the time when the research is completed. The subject of personal data must give his consent to the health data to be processed for scientific research purposes, as well as to the possible postponement for this reason of the communication of the information provided in para. (1).
Right of intervention on personal data
Any subject of personal data has the right to obtain from the controller or the processor on request and free of charge:
a) rectification, updating, blocking or deletion of personal data the processing of which is contrary to this law, in particular due to the incomplete or inaccurate nature of the data;
b) notification of third parties to whom personal data have been disclosed about the operations performed under lit. (a) Unless such notification proves to be impossible or involves an effort disproportionate to the legitimate interest which might be harmed.
Right of opposition of the personal data subject
(1) the subject of personal data has the right to oppose at any time, free of charge, for good and legitimate reasons related to his particular situation, that the personal data concerning him to be the subject of a processing, unless the law establishes otherwise. If the opposition is justified, the processing carried out by the controller may no longer concern these data.
(2) the subject of personal data has the right to oppose at any time, free of charge and without any justification, that the data concerning him be processed for commercial prospecting. The controller or the processor is obliged to inform the subject of the right to object to such work before the disclosure to third parties of his personal data.
The right not to be subject to an individual decision
(1) Everyone has the right to request the annulment, in whole or in part, of any individual decision which produces legal effects on his rights and freedoms, being based solely on automated processing of personal data intended to assess some aspects of his personality, such as professional competence, credibility, behavior and the like.
(2) the person may be subject to the decision provided in para. (1) where:
- the decision is authorized by a law establishing the measures guaranteeing the protection of the legitimate interest of the personal data subject;
- the decision is taken within the framework of the conclusion or performance of a contract, provided that the request for conclusion or performance of the contract submitted by the subject of personal data has been satisfied.
Access to justice
Any person who has suffered damage as a result of an unlawful processing of personal data or whose rights and interests guaranteed by this law have been violated has the right to apply to the court for compensation for material and moral damages.
If you believe that our personal information processing activities do not comply with the applicable data protection legislation, you may file a complaint with: the National Center for Personal Data Protection located in Chisinau. Chisinau str. Serghei Lazo 48, MD-2004, or by accessing the portal www.datepersonale.md