General Information
Since ensuring the confidentiality and proper processing of client data is one of the main priorities of Punto Bianco, through this document we wish to inform clients about the processing of collected personal data.
“Punto Bianco” SRL (hereinafter referred to as “Punto Bianco”), as a data controller, collects personal data from data subjects (hereinafter “client”) who visit its website (www.PuntoBianco.md) through cookies or communication means available on the webpage.
- Identity of the controller
Controller’s name: “Punto Bianco” SRL
Address: 31 August Street 37/1, Chisinau, Republic of Moldova
IDNO: 1016600019703
Email: info@PuntoBianco.md
- Contact details of the Data Protection Officer
Name: Mihail Ceropita
Email: privacy@PuntoBianco.md
Categories of Personal Data Collected
Through the website: www.PuntoBianco.md, the following categories of personal data are collected from clients: name, surname, email, phone number, other data categories provided by the client when filling in the message field addressed to Punto Bianco or contained in the file attached to the message.
Additionally, during website access, various technologies (cookies, web analytics services) may collect data identifying the device used for accessing the site, such as the device IP address.
Methods, Purposes, and Legal Bases of Processing
We collect personal data from the client via the form on the website, where the client is required to enter their name, surname, and a contact detail (email address/phone number). Also, the message or a file the client wishes to send to Punto Bianco may be included depending on their interest.
For communication, the client may use the messaging box on the website, where they must enter their name and email or log in via Facebook or Google to establish their identity.
Upon use of the file or messaging box, personal data is received at the email address managed by Punto Bianco.
The website also provides other contact details of Punto Bianco representatives, which the client may use to send messages and obtain necessary information.
If the client intends to send Punto Bianco information containing personal health data, it is recommended to archive such information in a password-protected file with at least 8 characters, no consecutive identical symbols, and not composed entirely of groups of digits or letters, sent through another communication method indicated on the website.
Additionally, as a result of accessing the website, technical processing may occur through web analytics services and cookies (www.PuntoBianco.md/en/cookies/ – link to cookie policy).
We may use third-party web analytics services and social media platforms to analyze how clients use the site. Information collected, including IP address, is disclosed to these service providers who use it to evaluate site usage. These services can be disabled by the client in their browser settings.
Also, when using the form on the site, the “reCAPTCHA” system is used to ensure the form is completed and submitted by a human. The privacy policy of this system can be accessed here: https://policies.google.com/privacy?hl=en.
Thus, personal data collected as a result of the processes described above are processed by Punto Bianco following its legitimate interest to achieve the following purposes:
- Examination of questions, information requests, or other communications to formulate and send a response to the client.
- Facilitation of communication methods.
- Improvement of service quality.
- Keeping records of received messages and sent responses.
- Ensuring proper website functionality.
- Keeping statistics on website usage by clients.
- Optimizing content and advertising on the website.
Cross-Border Transfer of Personal Data
The servers where data collected through the website is stored are located in the European Economic Area and the Republic of Moldova. This ensures an adequate level of protection of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament dated April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data, and the national legislation of the Republic of Moldova.
Recipients
Collected data may be disclosed to:
- The client or their legal representative
- Persons authorized by Punto Bianco according to contracts or instructions issued by Punto Bianco
- Control authorities upon justified request
- Service provider companies (e.g., Google, Facebook) to the extent necessary for the purposes indicated above
Data Retention Period
Punto Bianco will process personal data as long as necessary to achieve the purposes mentioned above, after which the data will be anonymized or transformed into statistical data so that the client cannot be identified.
Rights of the Data Subject
The client, as the data subject, has the following rights:
- Right to information — the right to be informed about the identity of the controller, the purposes of processing, recipients of data, existence of rights under the Personal Data Protection Law, and the conditions to exercise these rights.
- Right of access — the right to obtain confirmation or denial of whether personal data concerning them is being processed and information about the right to be informed.
- Right to rectification — the right to obtain the correction, updating, blocking, deletion, or anonymization of data processed unlawfully, especially incomplete or inaccurate data.
- Right to object — the right to object at any time for legitimate reasons related to their particular situation to the processing of personal data concerning them.
- Right not to be subject to automated decisions — the right to request the review of automated decisions producing legal effects based solely on data processing.
- Right to judicial remedy — the right to apply to the National Center for Personal Data Protection or court to defend their rights.
- Right to restrict processing — the right to request the preservation of certain data unchanged for a justified period.
- Right not to participate in automated profiling — the right to request cessation of automated profiling or automated decision-making.
Changes to the Privacy Policy
Due to possible changes in the processing described above or in the relevant legislation, these notifications may be amended. In such cases, we will inform you or request your consent again if necessary.