I. General provisions

This policy has been developed in accordance with the provisions of the legislation in force of the Republic of Moldova, including Law no. 133 of 08.07.2011 „on the protection of personal data” and aims to regulate the collection and processing of personal data of consumers, customers, external suppliers or business partners (hereinafter - subjects of personal data), as well as and the conditions of their use within the C.S. “Panilino” L.L.C. (hereinafter - Company).

II. The purpose of processing personal data

The processing of personal data of the subjects covered by Chapter 1 of this policy, aims to:

  • Creating and managing your account on the Panilino page;
  • Order processing, including taking over, validating, shipping and invoicing;
  • Resolving order cancellations or problems that may arise regarding the order, for purchased products;
  • Returning the products according to the legal provisions;
  • Reimbursement of the value of the products according to the legal provisions;
  • Issuance of the discount card when purchasing products.
  • Execution of the contractual provisions concluded with them.
     

1. Improving the level of services provided

As a provider of online pastry purchasing services, Panilino intends to offer you the best online shopping experience.

Thus, we may collect and use certain data to analyze your behavior as a Buyer. We may invite you to complete satisfaction questionnaires subsequent to the completion of an order, or we may conduct market research and research directly. These analyzes are performed in such a way as not to infringe your legal rights.

2. Service promotion

Panilino wants every Buyer to be always up to date with the products and services they can benefit from. In this regard, via e-mail, phone, SMS, we can send you general and thematic information about similar or complementary products you have purchased, information about offers or promotions, information about the products added in Shopping.

In order to ensure the presentation of products of interest to you, we may use certain data regarding your behavior as a Buyer (eg products viewed / added to cart / purchased) to create a profile for you.

We assure you that these processing is carried out in compliance with your rights and freedoms and the decisions taken on the basis of them have no legal effect on you and do not affect you in a significant way.

In certain situations, we may rely on marketing activities in our legitimate interest to promote and develop our business.

However, you can ask us at any time, by the means described above, to stop the processing of your personal data for marketing purposes, and we will process your request.

3. Defending Panilino's legitimate interests

There may be situations in which we use or transmit information to protect our rights and business. These may include:

  • Measures to protect the website against cyber attacks:
  • Measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities;
  • Measures to manage various other risks.

The general basis of these types of processing is our legitimate interest in defending our commercial activity, it being understood that we ensure that all the measures we take guarantee a balance between our interests and your fundamental rights and freedoms.

Also, in certain cases we base the processing on legal provisions such as the obligation to ensure the protection of goods and values provided by the applicable legislation in this matter.

III. Collection, processing and storage of personal data 

The company collects and processes information obtained from the subjects of personal data. They are collected only with their consent and may include the following categories of information:

  • identification data at the time of account creation (name, surname, etc.);
  • contact details (e-mail, telephone numbers, postal code, delivery address, etc.);
  • audio recordings of telephone conversations with the operators of the Company's Call Center;
  • recordings in the video surveillance system within the Company.
  • when placing an order, data is provided, such as: desired product, name and surname, shipping address, billing details, payment method, phone number, bank card details, etc.

Personal data are collected and processed by automated or non-automated means, only to the extent necessary to fulfill the internal and legal purposes of the Company, respecting all measures of security and confidentiality of information, as well as respecting the rights of personal data subjects.

Your personal data will be kept as long as you have an account on the website: www.panilino.md. You may request the deletion of certain information or the closure of your account at any time, and we will comply with such requests, subject to the retention of certain information, including subsequent closure of the account, where applicable law or our legitimate interests so require.

IV. The rights of the subject of personal data

In accordance with the provisions of Law no. 133 of 08.07.2011, the subject of personal data has the following rights: the right to information, the right to access, the right to intervene on the data and the right of opposition, which he can exercise through a written request addressed to the Company.

V. Security of personal data 

Personal data security measures are established in such a way as to ensure the protection of the personal data processed. The company meets the security requirements of personal data and guarantees the protection of information and computer systems from unauthorized access, use, disclosure, interruption, modification or accidental or illegal destruction of personal data.

At the same time, for the purpose of data protection, the following security measures are taken:

  • advanced security methods and technologies are used, together with strict policies applied to employees and work procedures, to protect personal data, collected and processed in accordance with the legal provisions in force;
  • all operational and data processing systems are conducted in secure environments, so that information is protected from access by third parties;
  • access to data is granted only to authorized persons and for well-defined purposes, in strict accordance with internal security policies;
  • employees are trained on the importance of maintaining the confidentiality of information.
     

VI. Principles of personal data processing

  • Legality: personal data are processed in good faith and in accordance with the legal provisions in force;
  • Well-defined purpose: any processing of personal data is done for well-defined, explicit and legitimate purposes, adequate, relevant, and not excessive in relation to the purpose for which they are collected;
  • Confidentiality: the internal regulations within the Enterprise contain provisions regarding the confidentiality of information;
  • Consent of the data subject: any processing of personal data, except for data processing of the categories strictly mentioned by Law no. 133 of July 8, 2011, can be performed only if the subject of personal data has given his express and unequivocal consent to that processing;
  • Security: ensure appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, disclosure or unauthorized access, in particular if such processing involves the transmission of data within a network and against any other forms of illegal processing;
  • Observance of the subject of personal data: personal data are processed in accordance with the rights of the subject of personal data, provided by Law no. 133 of July 8, 2011 with subsequent amendments and completions;
  • Information: The Company undertakes to inform the subjects of personal data of this document through verbal information, posting in accessible places and publication on the web pages managed by the Company.

Director: Sergiu GUZUN