The Deposit Guarantee Fund in the Banking System (hereinafter the DGSGF) is constantly concerned with ensuring a high level of protection of personal data, which it processes in accordance with the legislation in force.
FGDSB processes the data provided to it in accordance with Law 133/2011 on the processing of personal data, Law 982/2000 on access to information, as well as in accordance with the principles laid down in Directive 95/46/EC.

UNICTIONS
Personal data - any information relating to an identified or identifiable natural person (personal data subject). An identifiable person is a person who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity;
Personal data subject - identified or identifiable natural person. An identifiable natural person is a person whose identity can be established, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
Controller - a natural or legal person governed by private or public law, including a public authority, any other organization which, alone or jointly with others, determines the purposes and means of processing of personal data for the purposes and means of processing of personal data expressly provided for by the applicable legislation. Processing of personal data - shall mean any operation or set of operations which is performed upon personal data or sets of personal data by automatic or non-automated means, such as collection, recording, organization, storage, keeping, preservation, restoration, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise, alignment or combination, blocking, erasure or destruction.

FGDSB PRINCIPLES
processes personal data in compliance with the following principles:

• lawfulness, fairness and transparency - personal data are processed in good faith and in accordance with the legal provisions in force, in a fair and equitable manner;
• specified, explicit and legitimate purposes - the processing of personal data by the FGDSB is done for specified, explicit and legitimate purposes and is not further processed in a way incompatible with those purposes; personal data for the purpose of fulfilling the legal obligations of the FGDSB towards;
• legal basis - any processing of personal data has a well-determined basis, such as legal provisions, consent, execution of concluded contracts, legitimate interest of the FGDSB;
•  purpose limitation - the GDDSF processes personal data only if they are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
•  limitation by reference to time - we keep the data of data subjects for no longer than is necessary for the purposes for which the data are processed, unless there are legal provisions requiring us to keep the data for longer;
•  Accuracy and accuracy - personal data is processed accurately and in a reasonable manner to ensure that inaccurate data we become aware of is deleted or rectified;
• security - FGDSB is dedicated to ensuring the security of all personal data it processes including by training our employees, collaborators and partners and by implementing strict security measures.

PURPOSE AND LEGAL BASIS OF FGDSB DATA PROCESSING
as controller, processes the data solely for the specific purpose for which they were collected. Browsing the FGDSB website - Browsing the FGDSB website automatically generates information about your visit to the website. This information includes IP address, operating system, browser used, time of access, page or document accessed and other technical information. The basis for this processing is the legitimate interest of the FGDSB according to art. (5) of Law 133/2011. The FGDSB processes this data to ensure the proper functioning and improvement of the services offered by the site, to identify users who have abusive behavior (countering DoS-type cyber attacks), as well as to generate traffic statistics (total number of accesses to the site, number of unique IPs, most accessed pages, IPs with the most accesses, etc.). The generation of access statistics takes place on a daily basis. Detailed information older than 10 days is automatically deleted. Identification of holders - natural persons/ legal representatives entitled to compensation payments - In order to honor guaranteed deposits that have become unavailable following the implementation of resolution tools/ the initiation of a bank's liquidation process, the FGDSB collects the identification data of depositors. The data collected is the name, surname, date of birth, IDNP, address, total amount of deposit held with the bank and the amount of deposit guaranteed up to the ceiling. These data are requested by the FGDSB only in case the need to honor the guaranteed deposits arises. The transfer of personal data is carried out through secure channels by authorized FGDSB staff.

STORAGE PERIOD OF PERSONAL DATA
The processing of personal data within the system of claims registration of guaranteed deposits is carried out during the period of payment of guaranteed deposits in accordance with Law 575/2004 on guaranteeing deposits in the banking system.

ACCESS TO AND RECIPIENTS OF PERSONAL DATA
Access to personal data is granted to authorized FGDSB staff, as well as to the bank's representatives, mandated by FGDSB to pay deposits that have become unavailable. These data may be disclosed to third parties only when this is necessary to achieve the purpose of the processing and/or in the cases provided for by law.

CROSS-BORDER TRANSMISSION OF PERSONAL DATA
FGDSB does not transfer personal data to other countries. In the event of
changes, we will keep you informed.

RIGHTS OF THE PERSONAL DATA SUBJECT
To the extent that the conditions of the applicable legislation are met, the subjects have the following rights in accordance with Law 133/2011:
1) The right of access to personal data (Art.13) - The subject of personal data has the right to confirmation as to whether or not data concerning him/her are processed by the controller, as well as information as to the purposes of the processing, the categories of data concerned and the recipients or categories of recipients to whom the data are disclosed.
2) The right to intervention on personal data(art.14) - Any subject of personal data has the right to obtain from the controller, upon request, without delay and free of charge:
a) the rectification, updating, blocking or erasure of personal data the processing of which contravenes the law, in particular due to the incomplete or inaccurate nature of the data;
(b) notifying third parties to whom personal data have been disclosed of the operations carried out pursuant to point (a), unless such notification is impossible or involves a disproportionate effort compared to the legitimate interest that could be harmed.
3) The right to object of the personal data subject (Article 16) - The personal data subject shall have the right to object at any time, free of charge, on compelling legitimate grounds relating to his or her particular situation, to the processing of personal data concerning him or her. If the objection is justified, the processing carried out by the controller may no longer relate to those data.
4) The right not to be subject to an individual decision (Art.17) - Everyone has the right to request the annulment, in whole or in part, of any individual decision which produces legal effects on his rights and freedoms and which is based solely on automated processing of personal data intended to evaluate certain aspects of his personality, such as his professional competence, reliability, conduct and other
5) Access to justice - Any person who has suffered damage as a result of unlawful processing of personal data or whose rights and interests have been violated has the right to bring an action before the courts for compensation for material and non-material damage.

SECURITY OF PERSONAL DATA PROCESSING
In processing personal data, FGDSB uses technical and organizational measures to ensure a high level of protection and security against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access.
- Protection of minors - FGDSB does not request personal data from minors. Persons under the age of 16 to submit personal data without parental or guardian consent.
- Links to external websites - The FGDSB website contains useful links to external websites which are not the responsibility of FGDSB.
- Exercising rights - Individuals who have questions about the processing of personal data or wish to exercise a legal right may write to the FGDSB's personal data controller at info@fgdsb.md. The legal deadline for responding to such requests is 15 working days.
- Update - The information given may be subject to subsequent changes. All updates and modifications are valid as of the date of notification, which will be made through publication on the FGDSB website.