It was translated using Google Translate
Policy regarding the processing of personal data of the collection agency “GCS-Moldova”:
1. INTRODUCTION
1.1 The most important condition for the implementation of the objectives of IM “GlobalCreditSolutionsLTD” SRL (hereinafter referred to as the Agency) is to ensure the necessary and sufficient level of information security of assets, which include personal data and the technological processes in which they are processed.
1.2 This policy regarding the processing of personal data is mandatory for review and application by all employees of the Agency when processing personal data of clients and debtors to which employees have access.
1.3. Processing and ensuring the security of information related to personal data in the Agency is carried out in accordance with a set of measures and procedures provided for in accordance with the Law of the Republic of Moldova No. 133 of 08.07.2011 “On the Protection of Personal Data”, and Government Decision No. 1123 of 12/14/2010 “On approval of the requirements for ensuring the security of personal data during their processing in personal data information systems”, Government Decision PMNr. 296 dated 05/15/2012 “On the approval of the Regulation on the register of personal data controllers” and the current legislation of the Republic of Moldova. These procedures and measures make it possible to protect personal data processed as in personal data information systems, that is, systems whose purpose is to process personal data and whose protection the requirements and recommendations for ensuring the security of personal data are presented by the National Center for Personal Data Protection of the Republic of Moldova ), SE “Rezhistru”, and in other information systems in which personal data are processed together with information protected in accordance with the requirements knowledge established for this information (confidential information, trade secrets, etc.).
1.4 This policy defines the principles, procedure and conditions for the processing of personal data of Agency employees and other persons whose personal data are processed by the Agency in order to ensure the protection of the rights and freedoms of man and citizen in the processing of his personal data, including the protection of privacy rights, personal and family secrets, and also establishes the responsibility of Agency officials with access to personal data for failure to comply with the requirements of the rules governing the processing and protection of personnel GOVERNMENTAL data.
1.5 Personal data is confidential, strictly protected information, and they are subject to all the requirements established by the Agency’s internal documents for the protection of confidential information.
2. CONCEPT AND COMPOSITION OF PERSONAL DATA
2.1. The list of personal data to be protected in the Agency is compiled in accordance with the Law of the Republic of Moldova No. 133 of 08.07.2011 “On the Protection of Personal Data”.
2.2 The information constituting personal data in the Agency is any information relating directly or indirectly to a specific or determinable natural person (subject of personal data).
2.3 Depending on the subject of personal data, the Agency processes personal data of the following categories of subjects of personal data:
– personal data of an employee of the Agency – information necessary for the Agency in connection with labor relations and relating to a specific employee;
– personal data of the affiliate or the personal data of the head, participant (shareholder) or employee of the legal entity that is affiliated with the Agency, – information necessary for the Agency to be reflected in reporting documents on the activities of the Agencies and in accordance with the requirements of laws and other regulatory legal acts;
– personal data of the client (potential client, partner, counterparty), as well as personal data of the head, participant (shareholder) or employee of the legal entity that is the client (potential client, partner, counterparty) of the Agency, – information necessary for the Agency to fulfill its obligations in within the framework of contractual relations with the client and to fulfill the requirements of the legislation of the Republic of Moldova;
– personal data of the borrower (mortgagor, guarantor, principal) / potential borrower (mortgagor, guarantor, principal), as well as personal data of the head, participant (shareholder) or employee of the legal entity that is the borrower (mortgagor, guarantor, principal) / potential borrower ( mortgagor, guarantor, principal) —information necessary for the Agency to fulfill its contractual obligations and exercise rights under the relevant agreement concluded with the borrower (mortgagor m, surety, principal), to minimize the Agency risks associated with the breach of the obligations under the credit agreement (the pledge agreement, guarantee agreement, the agreement on the provision of Agency safeguards), and to comply with Moldovan legislation.
3. PERSONAL DATA PROCESSING OBJECTIVES
3.1. The agency processes personal data for the following purposes:
– the implementation by the Agency of operations and activities to search for a borrower, in accordance with the Law of the Republic of Moldova No. 133 of 08.07.2011 “On the Protection of Personal Data”
– conclusion, execution and termination of civil contracts with individuals, legal entities and other persons in cases provided for by applicable law;
– organization of personnel records of the Agency, enforcement of laws and other regulatory legal acts, conclusion and fulfillment of obligations under labor and civil law contracts; conducting personnel records management.
4. PERSONAL DATA PROCESSING TERMS
4.1 The terms for processing personal data are determined in accordance with the term of the contract with the subject of personal data, the limitation period, as well as other requirements of the legislation of Moldova.
4.2. The Agency creates and stores documents containing information about the subjects of personal data. The requirements for the use of these standard forms of documents at the Agency are established by Government Decision No. 1123 of 12/14/2010 “On Approving the Requirements for Ensuring the Safety of Personal Data when Processing It in Personal Information Information Systems”, Government Decision PMNr. 296 dated 05/15/2012 “On approval of the Regulation on the register of personal data controllers register”
5. RIGHTS AND RESPONSIBILITIES
5.1. Agency rights and obligations
5.1.1 The Agency as the operator of personal data has the right:
– defend their interests in court;
– provide personal data of entities to third parties, if this is provided by applicable law (tax, law enforcement agencies, etc.)
– refuse to provide personal data in cases stipulated by law;
– use the personal data of the subject without his consent in cases stipulated by law.
5.2. Rights and obligations of the subject of personal data
5.2.1 The subject of personal data has the right:
– require clarification of their personal data, their blocking or destruction if personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, and also take measures prescribed by law to protect their rights;
– require a list of their personal data processed by the Agency, and the source of their receipt;
– receive information on the processing time of their personal data, including the storage time;
– require notification of all persons who were previously provided with incorrect or incomplete personal data about all exceptions, corrections or additions made to them;
– appeal to the authorized body for the protection of the rights of subjects of personal data or in a court of law unlawful acts or omissions in the processing of his personal data;
– to protect their rights and legitimate interests, including for damages and (or) compensation for non-pecuniary damage in court.
6. PRINCIPLES AND TERMS OF PERSONAL DATA PROCESSING
6.1. The processing of personal data by the Agency is based on the principles of:
– the legality and fairness of the purposes and methods of processing personal data;
– compliance of the purposes of processing personal data with the goals previously defined and declared during the collection of personal data, as well as the powers of the Agency;
– compliance of the volume and nature of the processed personal data, methods of processing personal data with the purposes of processing personal data;
– the reliability of personal data, its sufficiency for the purposes of processing, the inadmissibility of the processing of personal data excessive in relation to the purposes stated during the collection of personal data;
– Inadmissibility of combining databases containing personal data created for incompatible purposes;
– storage of personal data in a form that allows to determine the subject of personal data, no longer than the purpose of their processing requires;
– destruction of personal data upon achievement of processing goals or in case of loss of need to achieve them.
6.2. The processing of personal data is carried out on the basis of conditions determined by the legislation of the Republic of Moldova.
7. SECURITY OF PERSONAL DATA
7.1 The Agency takes the necessary organizational and technical measures to ensure the security of personal data from accidental or unauthorized access, destruction, alteration, blocking of access and other unauthorized actions.
7.2 In order to coordinate actions to ensure the security of personal data at the Agency, the director is responsible for ensuring the security of personal data.
8. FINAL PROVISIONS
8.1 This policy is an internal document of the Agency, it is publicly available and must be posted on the official website of the Agency.
8.2 This policy is subject to change, addition in the event of the appearance of new legislative acts and special regulatory documents on the processing and protection of personal data.
8.3 Monitoring compliance with the requirements of this policy is carried out by the person responsible for ensuring the security of personal data of the Agency.
8.4 The responsibility of Agency officials with access to personal data for failure to comply with the requirements of the rules governing the processing and protection of personal data is determined in accordance with the legislation of the Republic of Moldova.
Approved 01/01/2015
Director of IM Global Credit Solutions LTD SRL