top of page
Privacy Policy

We publish this Policy to explain how Probe Point Analytics handles personal data — our purposes, legal bases, your rights, and the safeguards we apply (including for EU data transfers to Moldova) — in line with GDPR and applicable local laws.

Last updated October, 2025

1. Purpose of this Document

Probe Point Analytics SRL is committed to protecting the privacy and security of personal information in the course of our business operations. This Data Protection Policy explains how we collect, use, disclose, and safeguard personal data. 

Although our registered office is in Moldova, we voluntarily comply with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other relevant data protection laws where applicable, since we process data relating to individuals located in the European Union.

In accordance with the GDPR and relevant legislation, we are required to provide information about:

  • Who we are,

  • How and why we process personal data,

  • The rights of data subjects, and

  • How those rights can be exercised.
     

This Policy applies to:

  • Employees, contractors, and job applicants,

  • Clients and business partners,

  • Suppliers and vendors,

  • Business contacts (including those contacted for marketing and newsletters), and

  • Any other third parties whose data we process in the context of our operations.
     

Probe Point Analytics acts as a data controller for the purposes described herein.

2. Data Protection Principles

We comply with data protection law and GDPR principles. This means that collected personal data will be:

  • Processed in a lawful, fair, and transparent manner.

  • Collected for specified, explicit, and legitimate purposes, and not further processed in a manner incompatible with those purposes.

  • Adequate, relevant, and limited to what is necessary.

  • Accurate and kept up to date.

  • Retained only for as long as necessary for the stated purposes.

  • Processed securely, using appropriate technical and organisational measures.

3. The Kind of Information We Hold About You

Depending on the context, we may collect, store, and use the following categories of personal data:

  1. Employee and Contractor Data

    • Name, contact details, identification information, payroll and tax information, employment history, performance data.
       

  2. Client and Business Partner Data

    • Name, professional title, employer, business contact details, communications, billing and transaction records.
       

  3. Marketing and Newsletter Data

    • Name, email address, company, role, subscription preferences, engagement metrics (e.g., email opens/clicks).
       

  4. Supplier and Vendor Data

    • Contact information, contract details, payment/billing data.
       

  5. Communications Data

    • Copies of correspondence (emails, letters, inquiries, complaints).
       

  6. Other Data

    • Data collected through professional networking, referrals, or public sources (e.g., LinkedIn, company websites) for legitimate business development purposes.

4. How is Personal Information Collected?

We collect personal information:

  • Directly from you (when you enter into a contract, send us communications, or register for newsletters).

  • Automatically when you interact with our services (system logs, website analytics, cookies, subject to applicable consent requirements).

  • Indirectly from professional sources or publicly available platforms (open source information, business directories, professional social networks).

5. Lawful Bases for Processing

The lawful basis of our processing operations depends on the context of the processing activity:

  • Contractual necessity [Article 6(1)(b) GDPR]: where processing is required to perform a contract with the data subject or to take steps prior to entering into such a contract (e.g., fulfilling client agreements, managing supplier contracts, or processing employee data). 

  • Legal obligation [Art. 6(1)(c) GDPR]: where processing is necessary to comply with legal obligations applicable to Probe Point Analytics, including but not limited to tax, labor, accounting, financial reporting, anti-money laundering, and other statutory or regulatory requirements.

  • Legitimate interests [Article 6(1)(f) GDPR]: where processing is necessary for the effective operation of our business, including maintaining client relationships, preventing fraud, improving our services, and sending newsletters or communications to professional contacts. We ensure that our legitimate interests do not override the fundamental rights and freedoms of individuals.

  • Consent [Article 6(1)(a) GDPR]: in specific cases, such as optional marketing communications or when legally required before contacting certain individuals, we will request clear and informed consent, which may be withdrawn at any time.

    • By subscribing to our newsletter, you consent to the collection and use of your personal data (such as your name and email address) for the purpose of receiving news, updates, and marketing communications from Probe Point Analytics.

    • You also acknowledge and explicitly consent to the transfer of your personal data to Probe Point Analytics in Moldova. Moldova is a country outside the EU/EEA that does not currently benefit from a European Commission adequacy decision. This means that the European Commission has not yet confirmed that Moldova provides the same level of data protection as within the EU/EEA.

    • However, Probe Point Analytics voluntarily applies GDPR-aligned policies and safeguards to protect your personal data to a standard essentially equivalent to EU requirements. You may withdraw your consent at any time by clicking “unsubscribe” in any email or by contacting us at contact@probepointanalytics.com

6. How We Will Use Information About You

Personal data is used for the following purposes:

  • To administer contracts and deliver services.

  • To manage business relationships and communications.

  • To process payroll, HR, and employment obligations.

  • To send newsletters, updates, and marketing materials (subject to rights and opt-outs).

  • To comply with applicable legal and regulatory obligations.

  • To protect our legal rights, security, and property.

​​

Some purposes may overlap which can enable multiple lawful bases to apply simultaneously.

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. As you have shown interest in our company, products or services or attending our events (virtual and in-person), we rely on this legal basis to send you information and updates about future events, services and products that may be of interest to you. If you DO NOT wish to receive this information, you have the right to object to this at any time, by contacting our officer, responsible for data protection, at contact@probepointanalytics.com or by clicking the unsubscribe link in our emails. 

7. Automated Decision-Making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

8. Data Sharing

We may share personal data with:

  • Service providers: IT hosting, cloud storage, email providers, CRM, payroll processors, professional advisors.

  • Business partners: Where necessary to perform contractual obligations.

  • Regulatory authorities: Where legally required.
     

All third parties are contractually bound to process personal data in compliance with GDPR (GDPR-compliant contracts Art.28) and only for the purposes specified by Probe Point Analytics.

9. Transferring Information Outside the EU

As Probe Point Analytics is headquartered in Moldova, which is outside the European Union (EU) and European Economic Area (EEA), any transfer of personal data originating in the EU/EEA to Moldova is considered an international transfer under the GDPR.

Moldova has recently adopted Law No. 195/2024 on Personal Data Protection, which transposes many GDPR requirements into national law, but this legislation will only come into force after a transition period. Nevertheless, Probe Point Analytics already implements GDPR-aligned policies and safeguards across its operations.

To ensure compliance with GDPR and to protect the rights of data subjects, we rely on the following transfer mechanisms:

  • Standard Contractual Clauses (SCCs) or other approved contractual safeguards when personal data is transferred from the EU/EEA to Moldova or other countries without adequacy;

  • Transfers to countries with an adequacy decision, where applicable; or

  • In limited circumstances, the explicit consent of the data subject, after being informed of the potential risks of such transfers.

These measures guarantee that personal data transferred to Moldova is afforded a level of protection essentially equivalent to that required under the GDPR.

10. Data Security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees who need-to-know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality. Details of these measures may be obtained from the officer responsible for data protection. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

11. Data Retention

We will retain your personal information only for as long as we need it or until you withdraw your consent, (in those instances where we process your information based on your consent) or you object to processing when exercising your rights in accordance with section 13 below. You can contact our officer responsible for data protection at contact@probepointanalytics.com to find out more about our retention times.

12. Rights of Access, Correction, Erasure, and Restriction

Under GDPR, individuals may:

  • Request access to their data (Data Subject Access Request).

  • Request rectification of inaccurate or incomplete data.

  • Request erasure where no lawful basis remains for processing.

  • Object to processing based on legitimate interests or for direct marketing.

  • Request restriction of processing in specific cases (e.g., contesting accuracy).

  • Request portability of data processed by automated means under consent or contract.

  • Withdraw consent at any time, where processing is based on consent.
     

Such requests must be sent to contact@probepointanalytics.com

13. Amendment of this Policy

Probe Point Analytics SRL reserves the right to review and amend this policy periodically to reflect legal, technological, and organisational changes.

The most recent version will always be available on request or via our corporate website.

bottom of page