Policy on the processing of personal data

1. General provisions

The policy on the processing of personal data is developed in accordance with the requirements of the law No. 133 of 08.07.2011 On the protection of personal data and the  Government Decision No. 1123 of 14.12.2019 on the approval of the Requirements for ensuring the security of personal data when processing personal data within the framework of information systems of personal data  by INTELLECT SCHOOL S.R.L. (hereinafter – Controller).

1. The Controller shall make the protection of the right and freedom of the individual and the citizen to the processing of personal data, including the protection of the right to privacy, personal and family secrecy, the main purpose and condition for the performance of its activity.
2. This Controller’s policy on the processing of personal data (hereinafter – the  Policy) applies to all information, which the Controller may receive about the Users of the https://intellectcenter.md/

2. General Notions

1. security control – actions taken by personal data holders or the National Center for Personal Data Protection (hereinafter – the Center) to verify and / or ensure the adequate level of security of personal data processed in the information systems and / or manually kept registers in accordance with these Requirements;
2. temporary files – collection of data or information in digital form created for a limited period of time before the start of the tasks for which they have been designated;ormații pe suport digital creat pentru o perioadă de timp limitat până la inițierea îndeplinirii sarcinilor pentru care au fost desemnate;
3. integrity – the certainty, uncontroversiality and up-to-dateness of information containing personal data, its protection from destruction and unauthorized alteration;
4. means of cryptographic protection of information containing personal data – technical, program and technical-applicational means, systems and complexes of systems performing algorithms for the cryptographic conversion of information containing personal data, intended to ensure the integrity and confidentiality of information in the process of processing, storing and transmitting it through communication channels;
5. the person responsible for the personal data security policy – the person responsible for the proper functioning of the comprehensive system for the protection of information containing personal data, as well as for the development, implementation and monitoring of compliance with the provisions of the security policy of the personal data holder;
6. protection of information against unintentional actions – a set of measures aimed at preventing unintentional actions, caused by user errors, faults in the technical-applicative means, natural phenomena or other causes not directly aimed at altering the information, but leading to distortion, destruction, copying, blocking access to information, as well as to loss, destruction or damage of the material support of the information containing personal data;
7. person empowered by the controller – the natural or legal entity governed by public or private law, including the public authority and its territorial subdivisions, which processes personal   
8. personal data carrier – a magnetic, optical, laser, paper or other information carrier on which the document is created, fixed, transmitted, received, stored or otherwise used and which allows the document to be reproduced;
9. data restoration – procedures for the restoration of personal data to the state they were in before their loss or destruction;
10. informational technology (IT) – all methods, procedures and means of processing and transmitting information containing personal data and the rules for its application; – all methods, procedures and means of processing and transmitting information containing personal data and the rules for its application;
11. personal data information system – the totality of interrelated information resources and technologies, methods and personnel, designed to store, process and deliver information containing personal data;
12. storage – storing personal data on any medium whatsoever;
13. automated processing of personal data – processing of personal data using information systems;
14. webpage – all graphical and computer-based materials, including information systems and databases, available on the Internet at https://intellectcenter.md/;
15. anonymization of personal data — the action, as a result of which it is impossible to identify, without the use of additional information, the personal data of a specific User or other personal data subject;
16. controller – the individual or legal entity governed by public or private law, including the public authority, any other institution or organization which alone or jointly with others determines the purposes and means of processing of personal data for the purposes and means of processing of personal data as expressly provided for by the applicable law;
17. personal data – any information which refers, directly or indirectly, to a specific or identifiable User of the https://intellectcenter.md/;
18. user – any user of the https://intellectcenter.md /;
19. provision of personal data – action, aimed at disclosing personal data to a specific person or group of persons;

3. The controller may process the following personal data:

1. Surname, given name, assets;
2. Electronic address;
3. Telephone number;
4. Name of the legal entity;
5. The website collects and processes anonymized data about users (including cookies) with the help of internet-statistical services (Google Analytic and other electronic systems).
6. Data mentioned above in the following text of the Policy are grouped under the notion of Personal Data.

4. Purpose of processing personal data

1. The purpose of processing the User’s personal data – informing the User by sending electronic letters, SMS or phone calls about the events carried out by the Controller; conclusion and termination of contracts
2. The Controller is entitled to send the User notifications about events and services provided by the Controller. The User may at any time opt out of receiving such notifications by sending a letter to the e-mail address intellectschool4you@gmail.com  with the subject „Opt-out from receiving notifications about products, services and special offers”.
3. The User’s anonymized data, which are processed with the help of internet-statistical services, are used to collect information about the User’s actions on the website, to improve the quality and content of the website.

5. The legal right to process personal data

1. The Controller shall process the User’s personal data only in the event that the User fills in and / or sends the personal data to the Controller on his / her own, through the forms placed on the website https://intellectcenter.md and other third-party electronic resources, such as social networks (Facebook, Instagram, etc.). By filling in the respective forms and / or sending the personal data to the Controller, the User expresses his / her consent to the Policy.
2. The Controller processes the anonymized data of the User if this is allowed in the settings of the User’s browser (saving cookie files and the use of JavaScript technology is enabled).

6. Order of collection, storage, transmission and processing of personal data

The security of Personal Data, which are processed by the Controller, is achieved by implementing the legal, organizational and technical measures necessary to fully comply with the legislation in force on the protection of personal data.

1. The Controller shall ensure the security of Personal Data and shall apply all necessary measures that exclude access to Personal Data by unauthorized persons.
2. The User’s Personal Data will never be transmitted to third parties, except in the cases provided for by law.
3. In case of errors in the Personal Data, the User may update them on his / her own, by sending a letter to the e-mail address intellectschool4you@gmail.com  with the subject „Update Personal Data”.
4. The duration of processing of personal data has an indefinite term. The User may at any time withdraw his / her consent to the processing of Personal Data by sending a letter to the e-mail address intellectschool4you@gmail.com with the subject „Withdrawal of consent to the processing of Personal Data”

7. Final provisions

1. The User may receive any clarification that interests him / her regarding the processing of Personal Data by the Controller by the e-mail intellectschool4you@gmail.com
2. This document will reflect any changes to the personal data processing policy. The policy has no time limit until the new version replaces it.
3. The updated version of the Policy is freely available on the Internet at  https://intellectcenter.md/politica/.