Privacy Policy

Last updated: 20 august 2025

This Privacy Policy explains what data we collect, why we collect it, how we protect it, and your rights under:

  • Law No. 133/2011 on the Protection of Personal Data (Republic of Moldova)
  • Regulation (EU) 2016/679 (GDPR) on the protection of natural persons with regard to the processing of personal data

1. Data Controller

The website www.gestecorestart.md is operated by Gest Eco Restart, a non-governmental organization based in the Republic of Moldova, acting as the data controller.

📧 Email: info@gestecorestart.md

2. Data We Collect

a) Through Contact Forms

  • Full name
  • Email address
  • Phone number (optional)
  • Company name (for business inquiries)

b) Through Website Browsing

  • IP address
  • Browser and device type
  • Pages visited and duration of visits
  • Cookies (see our Cookie Policy for details)

3. Purpose of Data Collection

We collect and process data only for legitimate purposes, such as:

  • Responding to inquiries and requests
  • Sending collaboration offers or informational content
  • Fulfilling legal and contractual obligations
  • Optimizing website performance and user experience
  • Creating anonymized statistical reports

4. Legal Grounds for Processing

Under the GDPR, your data may be processed based on:

  • Your consent – Art. 6(1)(a)
  • Performance of a contract – Art. 6(1)(b)
  • Compliance with legal obligations – Art. 6(1)(c)
  • Legitimate interests – Art. 6(1)(f)

5. Data Access and Disclosure

We do not sell or rent your data. Disclosure may occur only:

  • To IT service providers (e.g., hosting, email), under confidentiality agreements
  • To public authorities, where required by law
  • To trusted partners, only with your explicit consent

6. Data RetentionWe keep your data:

  • For the duration of our collaboration with you or your company
  • Or up to 12 months from the last interaction, if no collaboration occurs

After this period, data will be securely deleted or anonymized.

7. Data Security

We implement strict measures to safeguard your data:

  • SSL encryption
  • Regular backups
  • Restricted access controls
  • Multi-factor authentication for platform access

8. Your Rights Under GDPR

You have the right to:

  • Access – request a copy of your data
  • Rectification – correct inaccurate information
  • Erasure – request deletion (“right to be forgotten”)
  • Restriction – limit how your data is processed
  • Portability – receive your data in a structured format
  • Objection – object to certain processing activities
  • Withdraw consent – at any time, without affecting prior processing

 To exercise these rights: info@gestecorestart.md
We will respond within 30 calendar days.

9. International Data Transfers

We do not actively transfer personal data outside the European Economic Area. If such a transfer becomes necessary, it will only be made to countries that offer adequate protection under GDPR.

10. Policy Updates

We may update this Privacy Policy periodically. The latest version will always be available on this page, with the date of the last update clearly stated.

11. Complaints

If you believe your data has been processed unlawfully, you can contact:

A relevant EU supervisory authority, if you are located in the EU

The National Center for Personal Data Protection of Moldova: www.datepersonale.md