POLICY CONCERNING THE USE OF COOKIES
WEBSITE CONFIDENTIALITY POLICY
Policy for using cookies
I.1. Website (hereinafter referred to as the “Website”) uses “ cookies”, ie small files containing information sent by the server to user’s browser (the person visiting the website, hereinafter referred to as the “User”) and allowing the server to store data that can be updated and retrieved by the entity responsible for their installation. Generally, cookies can be classified:
- according to the entity that manage them, may be own (in this case, the Safety Broker) or of other entities;
- depending on the time they remain activated in the user’s computer, files can be temporary or permanent;
- Depending on the purpose, can be technical files (necessary for navigation) file for customization (allowing access to the Website with several features set by the User), file for analysis (allowing analysis of user’s behavior), advertising files (management of advertising space) or behavioral advertising files (website advertising). The website is managed by Safety Broker.
I.2. On the one hand, the website uses its own files that are necessary for its correct functioning. Own files are:
– SSESS + cod_unic – this file is used to establish the session of User’s connection who visit the website. It is a type of identification and management of the connection state of a specific user;
– googleanalytics – contains the user’s consent for loading statistics module
The purpose of these own files is to improve the access to the Website, to facilitate browsing on Website and to remember User’s preferences when she/he revisits the website (eg what language for navigation prefer), so it does not need the User select them again. These own files used on Website shall not take personal data, shall not aim to analyses the user access and can not read data or other existing files in the user equipment.
I.3. The website also uses, and foreign files in order to analyses and makes a statistics of Website visitors, and to use the website comments. These files are: – _ga, _gat, _gid, __utma
I.4. In order to prevent him/her before installing files, the User shall be informed about the use of files and shall be able to access this document via a link to get more information about files on the Website. After being informed of the existence of these files, the User could perform the following actions:
a) shall accept cookies by pressing “I accept the recommended settings”
b) shall continue pressing the “COOKIES USE POLICY” or close information by pressing “X”, which will not be considered an express agreement to the use of cookies;
c) shall change the browser settings to not install files and / or deleting files already installed (which means revoking the consent to install them). If these options are selected, it is possible that your website may not function properly and / or may restrict user access to certain features of the Website.
I.5. To lock one or more files, the User can change the configuration settings of the browser. Steps for most used browsers are:
a) if the user’s browser is Microsoft Internet Explorer 6.0, 7.0, 8.0: the User can click on “Tool” in the upper corner of the browser or can select “ Internet Options” and then click on “Confidentiality”. The User shall select the desired settings, then select “Apply” and “Accept /OK;
b) if the User’s browser is Mozilla Firefox: the browser menu, the User shall select “Options”, then shall access the menu “Confidentiality”, and in the menu that will appears, shall choose “Customized Configuration History”. The user shall choose the desired settings;
c) if the browser is Google Chrome: the User shall access the Chrome menu, which is located in the upper right corner, shall choose “Configuration” where will then click. The User shall choose the settings she/he want, and then click “OK”;
d) if used browser is Safari: the User shall select “Preferences”. In this panel will then select “Confidentiality” and then make the settings she/he wants, and then will click “OK”.
Confidentiality Policy
II.1. The personal data that the User provided through one of the forms available on the Website, in order to access and / or use certain services (eg, to register and access the pages of resources or to get in contact with Safety Broker ), but also for any other personal information about the User to be sent to the Safety Broker in order to use the services of Website, will be included in the database Safety Broker. These data will be used in order to provide, control, increase and improve the services provided by the Website, to inform the User about web services or the electronic communications services provided by Safety Broker, or to process complaints made by Users .
II.2. Personal data collected will be processed in compliance with legal provisions in force.
II.3. The user shall express his/her express and unequivocal consent for using personal data for the purposes described above and will be able to exercise their right to information, right of access, the right of opposition, the right to intervene, right to go to court and the right not to be subject to a individual decision; these rights shall be exercised by written request, signed and dated at Safety Broker address, namely 21, Ioana Radu street, Chisinau, except the right to go to court, which is exercised by written request submitted to the competent court. Safety Broker is registered under no. _____ in the Register for Personal Data Processing. If the User is the one who activated the account, she/he can also access, modify or update the personal data using means available on “My Account”.
II.4. In general, personal data requested through the forms available on the Website are mandatory and necessary for the user to access and / or use the services the concerned form referred, without indicate in these forms personal data that are optional and are mandatory. If not provided all personal data deemed mandatory Safety Broker shall, in certain cases, forbid the use of that service, or not to comply with the request made by the User.
II.5. By expressing the appropriate decisions, in accordance with this document, the User will be able to oppose that Safety Broker sends the information for commercial purposes, where Safety Broker would intend to send such information, on electronic communication services or other services and / or product of Safety Broker, similar to those contracted by the User.
II.6. Safety Broker shall guarantee the confidentiality of personal data received from User, and consequently, has adopted the level of security required by the rules on personal data protection and has installed, if possible, appropriate technical means, proportional with the available resources, to avoid loss, damage, unauthorized access and theft of personal data.
II.7. Safety Broker shall not transmit users’ personal data to third parties. Also, Safety Broker shall disclose personal data of candidates to public authorities, in order to prevent, investigate, found and prosecute the acts constituting offenses and crimes, in accordance with the laws in force.
II.8. It is possible that the Website or the services contain links to other websites and / or forms or services managed by third parties. This Confidentiality Policy does not cover the practices and policies of such third parties related to those services or websites. Safety Broker shall not control such websites and / or third parties forms. The user shall have to consult and check the confidentiality policies of those sites / services before access or use, taking full responsibility in this regard, Safety Broker being exonerated of any responsibility in this regard.
III. Final clauses
For the avoidance of any doubt, the User agrees that the access to Website and further browsing on website is his/her express and unequivocal consent regarding the entire content of the Cookies Use Policy and Confidentiality Policy. Safety Broker shall reserve the right to modify unilaterally and anytime the provisions concerning the Cookies Use Policy and Confidentiality Policy without prior notice to User. In this respect, the User shall undertake to inform continuously on the content of these policies and / or provision by consulting the Website.
These conditions set the rules for providing services electronically by the company B.A.R. Safety – Broker S.R.L., as well as the rules for concluding insurance contracts via website www.safetybroker.md. Using services from the website www.safetybroker.md is equivalent to acceptance of these Terms and Conditions.
Providing insurance services via the Internet
The services are provided by the company B.A.R. Safety – Broker S.R.L. hereinafter referred to as “Safety Broker”, or “Service provider”; is an insurance broker and has all the necessary permits to conduct this activity. www.safetybroker.md is the brand under which the company operates.
1.2 Safety Broker de Asigurare is registered at the State Registration Chamber, with unique registration code: 1013605002213, License no. 000747
1.3 Identification data of B.A.R. Safety – Broker S.R.L.:
- A.R. Safety – Broker S.R.L.
- Registered office: Hincesti town, 1, Industriala Street
- Registered with the State Registration Chamber, with no. 1013605002213
- License no. 000747
- Phone nr.: 078651111
Definitions
The definitions used in these Terms and Conditions shall have the following meaning:
- password – a string of characters to identify the User, defined by the User in order to obtain authorized access to website services;
- user name (Login) – email address entered by the User, with confirmation on e-mail address provided by the User, where the User, declares that the e-mail address provided by him/her does not violate the rights of a third party, and all potential disputes in this matter will be settled without participation of Safety Broker de Asigurare;
- logging – identification by the website www.safetybroker.md of this User who logs with the conditions that the User will write the user name (login) and password;
- calculation – calculation of the value for insurance offers based on the data provided by the User;
- internet website – www web pages system accessible on the website address http://www.safetybroker.md, representing collection of static and dynamic documents, containing graphic folders, scripts and other elements united by mutual relations, designed for concluding insurance contracts.
- providing services electronically- performing services, that take place by sending and retrieving data using teleinformatic systems, at the individual request of the User, without the presence of the Parties.
- User – natural person who has the full capacity to perform legal activities or entrepreneur who uses the web page;
- contractor – individual, corporate or organizational unit having no legal personality, which concludes the insurance contract and is obliged to pay the insurance premiums;
- policyholder – the person, whose health or property are protected under the contract;
- insurance contract – the contract under which the insurer undertakes to perform the services set out in case of the event specified in the contract and the policyholder undertakes to pay the insurance premium;
- cookies – text folders stored in the user’s browser on the computer’s hard drive, which can be used by website operators to recognize users and adapt to them the content displayed;
- consumer – an individual performing legal activities not directly related to his professional or economic activity (eg. the person lodging a declaration of will through the website or concluding insurance contracts);
- information system – programming and computing devices that work together, providing processing and storage as well as sending and retrieving of data through telecommunications network using appropriately for the type concerned of final device network.
Rules for providing services electronically
3.1 Types of services provided
On the website, Safety Broker de Asigurare provides insurance brokerage services consisting in the conclusion on behalf and for insurance partner companies the insurance contracts.
Use of website and protection of transmitted information
- Website: safetybroker.md can be used only by adults, who have reached 18 years holding full capacity to perform legal actions;
- Using the website is possible if n the user’s Internet browser is activated JavaScript and cookies folders;
- A website is protected by encrypted connection using the https protocol. Transfer of personal data and the authorization process, if used, takes place using SSL security protocol – 128 bits. Safety Broker de Asigurare makes every effort to ensure the security of transmitted data. The access to account is protected by login and password;
- Password should be kept in a safe place or stored, Safety Broker de Asigurare shall not be liable for any damage caused by the provision, by the User, of his/her password and username to unauthorized persons;
- The user can finish at any time using services provided electronically;
- The user can, at any time, detect and correct his/her errors arising from data entry by modifying data in personal account management section.
Rules regarding the conclusion of insurance contracts
4.1 Activities related to signing the contract
4.1.1 The insurance contract is concluded on the basis of:
- these Terms and Conditions;
- call for tenders of Users;
- offers of Safety Broker de Asigurare submitted to User.
4.1.2 The User, by accepting these terms and conditions, empowers B.A.R. Safety – Broker S.R.L. to represent him in relation to insurance companies, respectively, to request insurance offers and to request the issuance of insurance policies.
4.1.3 User will fill out the application form for the call for tenders by choosing the option “Order”. Based on the information provided by the User, the system calculates insurance premiums from insurance companies that Safety Broker de Asigurare has signed term contracts.
4.1.4 If User accepts the premium amount calculated by the system, the User chooses the premium payment option, then fills the appropriate fields concerning the delivery of the insurance policy and, where appropriate, the policyholder or the insured property.
4.1.5 In the call for tenders the User is obliged to declare:
- knowledge and acceptance of terms and conditions;
- filled data are correct and accurate. Any untrue statement may result in cancellation of the insurance policy by the insurance company. The User is fully liable for any damage caused by this action to insurance company or Safety Broker de Asigurare;
- the consent to process personal data of Users in order to prepare tenders required.
Optionally, the user can express the consent to the processing of his/her personal data to be used in marketing and telemarketing activities conducted by Safety Broker de Asigurare or its partners. This statement is not binding for concluding an insurance contract.
4.1.6 The information system of Safety Broker de Asigurare shall analyze the call for tender of the Users and shall automatically prepare the insurance offers that include data on the insurance contract as well as information on the amount and method of payment of the insurance premium.
4.1.7 Safety Broker de Asigurare shall save in the user’s personal account (created on the site www.safetybroker.md) the saved policies and offers.
4.1.8 The conclusion of the insurance contract takes place on the date of entry into the indicated bank account the insurance premium or the first installment, the payment to the rapid courier approved by Safety Broker de Asigurare or upon confirmation of payment (for online payments).
4.1.9 The insurance contract, by using the website, may be concluded the by the User as follows:
- only if the property or insured person is in the Republic of Moldova;
- If the CASCO insurance contract is concluded, the User shall be obliged to make the risk inspection of the insured vehicle in accordance with written instructions received from Safety Broker de Asigurare;
- if the home insurance contract is concluded, the user shall be obliged to provide information about location and value of the property and to allow a risk inspection if the insurer expressly requires it.
4.2 Costs related to the conclusion of the contract
The User shall not incur additional costs related to the conclusion of the insurance contract except the insurance premiums, which is paid in MDL. Using the website and sending insurance policy are not the responsibility of the User.
The travel insurance policies are issued only in electronic format.
4.3 Method of payment
4.3.1 The user shall fill the form on the site and choose the method of payment of the insurance premiums. For payment, the User can choose the authorized transaction targeted on the secured website of BC “Victoriabank” SA, (https://egateway.victoriabank.md, online payment) or payment (offline) by payment in cash to the courier approved by Safety Broker de Asigurare or by direct bank transfer;
4.3.2 For payment, the user receives a return of premium in electronic format and the document collection will be issued by the online payment processor, or by courier in case of cash on delivery;
4.3.3 The user can choose the following forms of payment for insurance: making online payment, approved by CB “Victoriabank” SA: – online payment with cards: Visa, MasterCard, Maestro, In this case the User is directed on secure website https://egateway.victoriabank.md, where there is transaction authorization, achievement of offline payment – cash on delivery or cash at Safety Broker de Asigurare, bank transfer or card, following the instructions printed in the return of premiums saved in your account, noting that the payment of the premium must take place before the due date specified in the return of premiums, otherwise the policy is canceled and the premium can not be paid.
4.4 Confirmation on contract conclusion
4.4.1 Safety Broker de Asigurare shall confirm the conclusion of insurance contract by corresponding information displayed on the website after payment, according to Section 4. The policy becomes active after the payment of the premium and accounting for the payment into the account of Safety Broker de Asigurare. The policies shall be stored in the application www.safetybroker.md or user account (“My Account”) window “Ordered Insurance” and are accessible to User after logging into this application. These are electronic documents saved in PDF format.
4.4.2 After the conclusion of the insurance contract, Safety Broker de Asigurare send by courier the insurance policy document, to the address indicated by the Insured (in case of mandatory RCA insurance and Green Card) or by e-mail indicated by the User (in case of Travel insurance).
Termination of the insurance contract by the User
5.1 The User of Safety Broker de Asigurare website, who acquired an insurance shall has the right, as ensured, to terminate it until the beginning of the insurance period. The User shall receive the premium paid, without penalties and without giving any reason (in relation to insurance for travel abroad).
5.2 During the insurance contract, in order to cancel the travel, based on documents attached (application on termination, copy of the ID or passport), the insured is returned 70% of the insurance premium calculated according to the unused insurance period, just in case the insurance premium exceeds 5 euros. The unused period is calculated from the date of termination of the insurance contract, indicated in the application for termination (concerning the insurance contracts for travel abroad).
5.3 Declaration on renunciation of the contract is sent by the insured to: BAR Safety -Broker SRL, Chisinau, 21, Ioana Radu Street, or e-mail address info@safetybroker.md including the supporting documents (copy of the insurance policy and request for termination specifying IBAN account number where the reimbursement of the insurance premium is requested).
5.4 If before termination, the insured has received compensation, the remaining insurance premium shall not be returned.
Protection of personal data
This form is created under Law No. 133 as of 08.07.2011 on the protection of personal data and is intended to inform you about the rights you have in relation to the processing of such data, information helping you to decide on your consent for processing of certain personal data that belong to you ( “Data”) for the purposes and conditions listed below. Data Processing that you shall fill in this contact form will be made by BAR “Safety- Broker” SRL, legal entity headquartered in Hincesti, 1, Industriala Street, e-mail: office@safetybroker.md, tel: 078651111, registered with the State Registration Chamber, with unique registration code: 1013605002213, License no.000747, hereinafter referred to as the “Company”. BAR “Safety- Broker” SRL will process personal data consisting of, but not limited to the, name, given name, identification number, series and number of identity card, passport and / or driver’s license, signature, contact address, phone, email, function / occupation, marital status, nationality, bank account (for receiving compensation / return of premium) photo, data on insured good, information of property documents and other documents made available to the parties, data regarding the contractor, insured and / or policy holders, payer or claims histori, as applicable.
Purposes of data processing are generated by the insurance brokerage activity and related services consisting of the following: (i) “Purpose tender/issue of insurance contract” – processing by the Company of Personal Data is to obtain the most advantageous insurance offers from insurance partner companies in accordance with the law on the processing of personal data, legislation on insurances and codes of conduct in the industry. For certain insurance products (eg RCA) can be achieved automated profiling for risk assessment in accordance with Financial Supervisor Authority regulations so the insurance offer will be issued on the basis of automated decisions. This purpose does not include insurance policies that require processing of information about your health or information about minors or other persons under your responsibility (ii) “Purpose of insurance policy administration, assistance for damages and consultancy – the Company will process personal data in order to provide brokerage services for insurances, administration of your insurance policies and to assist you in relation with insurance companies in insurance cases, in accordance with the legislation on personal data processing, legislation on insurances and codes of conduct in the industry. (iii) “Purpose Commercial Communication” – processing by the Company of data including the name, given name, contact address, phone and e-mail will be made for sending commercial communications about offers, promotions, products and services offered by our company.
The legal basis for the collection and processing of personal data may be, as appropriate: – The insurance contract / insurance policy to which the concerned person is party or express request of the person concerned to obtain an insurance offer through the company and / or issuance of the insurance policy in question by the Company – Fulfilling legal obligations of the Company, – Fulfilling the legitimate interests of the Company in the context of the scope of activity – Consent of concerned person, where appropriate personal data can be transferred, depending on the types of insurance that we mediate for you to: public authorities, suppliers involved directly / indirectly in the bidding process, issuing, managing insurance policies and providing assistance to damage (insurance-reinsurance companies from the Republic of Moldova and other companies from the group to which they belong, service companies in the event of damage, archiving companies, IT service providers, courier companies, law offices). Please note that the transformation of insurance offer accepted by you in insurance policy / insurance contract will be subject to acceptance by you of the information note on the processing of personal data, or, where appropriate, the consent belonging to Insurer chosen.
Data will be stored / archived by the Company as follows: – For “Purpose Bidding general insurance” for a period of 90 days from the issue of the supply or as of withdraw of your consent when personal data concerning the health of the person concerned. – For “Purpose Insurance policy administration, assistance for damages and consultancy on the validity of the policy plus 10 years from the date on which insurance comes to an end or 10 years after opening the claim file. Please note that you have, aggregate, these rights concerning the Data in the relationship between you and the Company: Right to access, right to rectification, right to delete data ( “right to be forgotten”) right to withdraw consent, right to data portability, right to restricting processing, right to oppose processing, right to file a complaint with the Company.
Important: If, in order to conclude an insurance contract with BAR “Safety- Broker” S.R.L, send us personal data of another person, you are required to communicate this information to concerned person and get the consent of this person in cases applied, within maximum one month from the date of providing personal data. To exercise the above rights and details, please contact the Company through the following ways: (i) a written request dated and signed in any office or place of activity, (ii) completing an application online by accessing the following link: www.safetybroker.md , section “contact” (iii) by e-mail: info@safetybroker.md or (iv) by mail to the postal address of the Company’s registered office mentioned above. The responsible for the protection of personal data, can be contacted for any clarification, information, and requests in connection with the exercise of the above rights to any of the contact information listed above.
By signing this, I declare on my honour that I am aware of the content of Information Note on personal data processing and I know the contact details for exercising my rights.
Complaints
7.1 Complaints regarding the site operation can be submitted using the form on the website, accessible to the page of “contact” or also in written at B.A.R. Safety – Broker S.R.L., str. 21, Ioana Radu street, Chisinau municipality.
7.2 The complaint lodged properly must contain at least the following data: information on the User, his/her name, e-mail, mailing address and the description of the problem, to which the complaint relates.
7.3 Regarding complaint analysis results, Safety Broker de Asigurare immediately notify the person who has lodged the complaint via e-mail provided by the User. The complaints will be reviewed within 30 days of receipt thereof by Safety Broker de Asigurare.
Language
Language used in relationships between Users, Insurer and Safety Broker de Asigurare is Romanian.
Copyright and materials included on pages
9.1 The copyright for the website, the information and materials contained in this and its systems are the property of Safety Broker de Asigurare. Using page safetybroker.md, information and / or part thereof by third parties requires the prior consent of Safety Broker de Asigurare.
9.2 Information and parts of the information contained on these pages are subject to changes. Safety Broker de Asigurare shall reserve the right to edit information or parts of the information contained on these pages without prior notification to Users.
Amendments
10.1 These Terms and Conditions version 1 are effective dated 01.12.2018.
These and amendments thereto are available to the User by accessing the website.
10.2 Safety Broker de Asigurare is entitled to unilaterally change the provisions of these Terms and Conditions. The amendments shall enter into force upon the availability of text of Terms and Conditions on the website together with the numerical marking of the next version of the regulation. User’s use of the website after the introduction of these changes is equivalent to expressing acceptance by them and their understanding.
10.3 In case of discrepancies between the Terms and Conditions and the general insurance conditions, the general insurance conditions shall prevail, respecting the provisions on conclusion and the right to terminate the contract.
10.4 To successfully reap the benefits of the services delivered by using website www.safetybroker.md is to accept the decisions of this Regulation.
Responsibility
11.1 Safety Broker de Asigurare is not liable for any damage (direct or indirect) caused to you or any other party on the use of this site and the information that it contains – by you or another person – or any other damages or injury caused by errors, omissions, malfunctions, delays or interruptions in operation or transmission, line failures, viruses or any other similar factors.
11.2 Even if Safety Broker de Asigurare has taken all the measures that the information presented on this site is accurate and correct, it can not be responsible for inaccuracies that may appear in filling the forms on our site. The Users are responsible for evaluating the accuracy, completeness and usefulness of the information provided in the forms available on this site.
11.3 Any links to other websites are provided solely for purposes of increased accessibility to information, and Safety Broker de Asigurare shall not assume its responsibility or liability for the content of these sites, for products or services advertised or marketed by these sites.
Availability of insurance products
The products and services mentioned on this site are available only in Moldova, to Moldovan citizens, persons with permanent residence in the Republic of Moldova or foreigners residing in the Republic of Moldova. Prices and other information may be subject to change without notice.
Data Security
By browsing the site www.safetybroker.md, Safety Broker de Asigurare can record only information or personal data provided voluntarily.
“Personal data” means individual unique data regarding the name, address, personal identification number or telephone number. Periodically, we might ask through our website personal information to send you the requested materials, answer your questions or to offer an insurance product / service.
By submitting information or material via this site, you shall provide to our company irrevocable and unrestricted access thereto, the right to use, reproduce, display, modify, transmit and distribute those materials or information. You also agree that Safety Broker de Asigurare can use freely, in self-interest, these ideas, concepts, know-how or techniques that you send via our website. Safety Broker de Asigurare shall not be subject to obligations relating to confidentiality of information submitted, except as otherwise provided in this legislation.
Under the legal conditions on personal data protection, we shall not disclose, without authorization, any information regarding our clients. Based on the expressed and unequivocal consent and only within the legislation, in order to respond to your requests by offering new products/services, it shall be possible to provide such information to third parties (eg marketing service providers, other services suppliers, public and government agencies, or insurance associations, where provided for by the legislation; other companies with which we can develop joint programs of market offering of our products and services).
Safety Broker de Asigurare SRL has developed administrative, physical and technical measures to protect the information stored on this site, but accepts no responsibility or liability for data security.
To protect personal information, Safety Broker de Asigurare shall use encryption technologies for certain types of transmissions coordinated by this site. Even if we give these technologies along with other measures to protect confidential information and ensure the appropriate security, we shall not guarantee that the information transmitted via Internet are secure, or these transmission will not be delayed, interrupted, intercepted or will not result in errors, for reasons not related to Safety Broker de Asigurari.
INFORMATION ABOUT COMPLAINT RESOLUTION
Complainant means any natural or legal person who is an insured, beneficiary, contractor or injured person as defined by applicable law.
The complainant shall be identified by name, signature, and address.
Petition means any request, complaint, notification in writing or by email, through which a complainant, as defined in para. (2) or his/her legal representatives, who acts on behalf of the complainant and for the purposes outside the scope of their activities, and without a proper commercial interest, expresses their dissatisfaction on the activity of insurers and insurance brokers.
To resolve amicably the complaints that are related to the activity of the undersigned, you can use the following ways:
- lodging the written complaints at the company (headquarters and work points SAFETY BROKER) or filling the existing complaint form within territorial units;
- by e-mail to info@safetybroker.md;
- by postal service / courier to the address: 21, Ioana Radu street, Chisinau municipality;
- via the company website safetybroker.md
All complaints are registered in the single register for complaints regardless the way of their receipt.
For the complaints received by one of the ways mentioned above, SAFETY BROKER will send a formal reply to the address indicated by the complainant (by e-mail or courier).
The deadline for settling the complaint is within 30 days from the registration date of its receipt, according to this Rule.
For information on the state of complaint’s resolution, please contact us:
- e-mail address: info@safetybroker.md ;
- Phone number: 078651111 (Phone calls are charged according to the rates in force)
Personal data security policy
- INFORMATION NOTE ON PROTECTION OF PERSONAL DATA
- TRANSACTION SECURITY
Firewall
The access to the Company’s systems (servers) shall be controlled by a firewall, which allows the use of certain services by users/subscribers, restricting, in parallel, the access to systems and databases and confidential information of the Company.
Confidentiality of transactions
As mentioned above, the confidentiality shall be mandatory. All the information sent by the user / subscriber is confidential, the Company taking all necessary measures so that they can be used only to the extent that it is deemed necessary in the context of services. Only authorized employees have access to information on transactions and only when it is absolutely necessary.
Secure payment solutions
The products / services on this web site are sold via online payment solutions offered by BC “Victoriabank” SA: – online payment cards: Visa, MasterCard, Maestro; in this case the User is directed on secure website https://egateway.victoriabank.md, where transaction authorization occurs.
In order to eliminate the risk that your data come into possession and be misused by third parties:
- Information on bank card details (card number, expiration date, etc.) will not be transferred or stored on servers BAR Safety – Broker SRL
- If the 3D Secure system for paying with Visa or MasterCard, data related on your card are entered directly into the Visa or MasterCard systems, and if your card is issued by a bank certified in the 3D Secure system, the transaction authorizations is done only after your authentication in this system – the introduction of a code / password known only by you, similarly to PIN to ATM transactions.
Any attempt to access personal data of other users or to change website content or to affect the performances of the server on which runs the site, it will be considered an attempt to defraud the site and the person who tries or tried to do this fact will be subject to criminal investigation.
DATA SECURITY POLICY
In accessing the site and using the services supplied, only in cases where it is necessary to obtain a “username” you agree to provide true, accurate and complete information about yourself as required in the user registration form.
If the information is not true, inaccurate or incomplete, BAR Safety – Broker SRL shall reserve the right to suspend or terminate your account without any notice. The users of the site shall have the possibility at any time to view and modify personal data where changes have occurred.
BAR Safety – Broker SRL meets the minimum security requirements of personal data processing, namely:
User identification and authentication
The User is any person acting under the authority of the controller, the empowered person or the representative, with recognized right of access to personal databases. In order to obtain access to a personal database, the User must identify himself/herself. The identification can be done in several ways, such as: entering an identification code from the keyboard (a string of characters), using a card with a bar code, using a smart card (smart card) or a magnetic card. Each user has its own identification code. Never more users must have the same ID. The identification code (or user accounts) not used for a longer period must be deactivated and destroyed after a prior internal control of the operator. The period after which the numbers must be deactivated and destroyed is established by the operator. Any user account is accompanied by an authentication procedure. The authentication can be done by entering a password or by biometric means: dactyloscopical fingerprint, voice print, retinal angiography etc. Passwords are string of characters. As the string of characters is longer, the password is hard to find. When entering the passwords they must not be displayed clearly on the screen. The passwords should be changed periodically according to the security policies of the entity (operator or authorized person). The periodical change of passwords shall be made only by users authorized by the operator. Any users who receives an identification code and a means of authentication must maintain their confidentiality and to be liable for it in front of the operator. Each entity will establish their own procedures for administration and management of user accounts. The operators shall authorize some users to revoke or suspend an identification or authentication code, if their user has been dismissed or was fired, has been concluded the contract, was transferred to another job and new tasks do not require his/her access to personal data, has been abused of received codes or if she/he will absent for a long period established by entity. The user access to personal databases carried out manually will be made under a list approved by the entity administration.
Type of access
The users shall have access only the personal data needed to perform their job duties. Therefore operators should establish the types of access by functionality (such as: manage, enter, process, save, etc.) and by actions applied on personal data (such as: read, write, delete), as well as procedures on these types of access. The programmers of processing personal data systems shall not have access to personal data. The operator shall allow the access of programmers to personal data after they have been transformed into anonymous data. The department ensuring the technical support can have access to personal data for solving exceptional cases.
For the activity of users’ training or for presentations will be used anonymous data. The employees who teach training courses will use personal data for their own training. The operator will set strict modalities that will destroy personal data. The authorization for this processing of personal data should be limited to a few users.
Data Collection
Data collection shall be done by direct introduction by the concerned person by filling the forms available on the company website. Any change of personal data can be made only by authorized users designated by the operator. The operator will take action the informational system to register who did the modification, the date and time of the modification. For better administration, the operator will take measures that the informational system to maintain deleted or modified data.
Execution of backups
The operator will determine the time when would perform the backups of personal databases and of software used for computer processing. The Users who perform these backups will be appointed by the operator, in a limited number. The backups shall be stored in different rooms, in sealed plugs of metal, and, if possible, even in rooms in another building. The operator will take measures the access to backups to be monitored.
Computers and Access Devices
The computers and other terminals of access will be installed in rooms with restricted access. If these conditions can not be met, computers will be installed in rooms that can be locked or be ensured that the access to computers shall be done with keys or magnetic cards. If the screen shall display personal data that are intact for a time period set by the operator, the working session shall be automatically closed. The length of this period shall be determined depending on the operations to be carried out. The access devices used in relation with the public, on which appears personal data, will be positioned so that it can not be seen by the public, and after a short period set by the operator, when they are intact, they shall be hidden .
Access files
The operator is obliged to take measures that any access of personal databases to be recorded in an access file (called log to automatic processing) or in a registry for manually processing of personal data, established by the operator. Information recorded in the access file or registry shall be: – identification code (username for manually personal databases ); – the name of the accessed file (sheet); – number of records; – type of access; – working operation code or used program; – access time (year, month, day); – time (hour, minute, second). For automatic processing, this information will be stored in a general access file or in separate files for each user. Any attempt of unauthorized access will be also recorded. The operator is obliged to keep access files at least two years to be used as evidence for investigations. If the investigations are extended, these files will be kept as long as deemed necessary. By these files of access the operator or the person authorized shall identify the persons who have accessed personal data without a reason, in order to punish them or to inform the competent bodies.
Telecommunication systems
The operator is obliged to periodically check the authentication and access types to detect any malfunctions regarding the use of telecommunication systems. The operators are required to build the telecommunication systems so that personal data can not be intercepted or transmitted anywhere. If the telecommunication system can not be secure in this manner, the operator is obliged to enforce the use of encryption method for transmitting personal data. By the telecommunication systems should be transmitted only the strictly necessary personal data.
Staff training
During the preparation courses of users, the operator is obliged to inform them about the Law no.133 of 08.07.2011 on the protection of individuals with regard to the processing of personal data and the free movement of such data, the minimum safety requirements for personal data processing and on the risks posed by personal data processing, depending on the activity of the user. The users who have access to personal data will be instructed by the operator on their confidentiality and be alerted by messages that will appear on the screen during the activity. The users are required to log out when leaving their work places.
Computer use
To maintain personal data processing security (especially against viruses), the operator will take measures consisting in: a) prohibit the use of software programs from external or dubious sources; b) inform users about the danger of computer viruses; c) implement anti-virus and computer security automatic systems; d) turn off, if possible, the key “Print screen”, when the personal data are displayed on the monitor, thus forbidding their printing.
Printing of data
The printing of personal data shall be made only by users authorized for this operation by the operator. The operators are required to approve specific internal procedures regarding the use and destruction of these materials. Each entity will approve its own security system, taking into account the minimum safety requirements for the processing of personal data and according to the importance of processed personal data, shall impose additional safety measures.