Data Protection Policy
FEMALE ENTREPRENEURSHIP IN MOLDOVA – EMERGENCY INITIATIVE FOR ECONOMIC EMPOWERMENT
The ‘Female Entrepreneurship in Moldova – Emergency Initiative for Economic Empowerment’ (FEMEIE) program was created to provide direct support for Moldovan entrepreneurs and displaced Ukrainian entrepreneurs in Moldova, with a specific focus on supporting women. To create a comprehensive, sustainable and empowering network, the program will provide a support center in Moldova, financial support, access to global network and resources, and entrepreneurship education and training.
The program is implemented by enpact e.V. with the support of the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH on behalf of the Federal Ministry for Economic Cooperation and Development (BMZ). The aim of the program is to counteract the economic and social repercussions caused by the Russian war of aggression.
During the application process, your personal data is collected by enpact e.V. (“enpact”, “we”, “us”) as data controller.
Since we are located in Germany, your data is processed in the European Union. With regard to the processing of your personal data, your fundamental rights and freedoms as a natural person are protected by the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and further applicable national law.
Scope of this policy
This Data Protection Policy applies to all personal data collected, processed and used by enpact during the application process, the execution of the Program, and additional services offered in this context. It does not apply to the data processing of third parties involved in the Program who act as independent data controllers, e.g. the Deutsche Gesellschaft Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH, the European Union, and our partners, if they are not acting as data processors acting on behalf of us (Article 28 GDPR).
Data controller and authorized representatives
enpact e.V. (registered association)
Address: Stresemannstrasse 48, 10963 Berlin, Germany
Representatives: Matthias Treutwein, Dr. Sebastian Rubatscher
Collection and processing of data
We collect the following categories of personal data for the purpose of assessing your application, including communication with you and our partners, and executing the Program in case of admittance to the Program:
(a) Identifying, e.g. name, date of birth, gender, government issued identification;
(b) Contact, e.g. email address, physical address, telephone number, LinkedIn profile;
(c) Communication, e.g. emails, letters;
(d) Professional, e.g. employer, job title, salary, ownership with regard to the employer;
(e) Financial Account, e.g. bank account;
(f) Authenticating, e.g. password for access to this platform;
(g) Computer Device, e.g. IP address, browser fingerprint;
As an additional service you can optionally register for a newsletter and further information services (“Information Services”). For this purpose, the data categories (a) and (b) are processed, limited to the minimum data required.
Legal basis for the processing of data
Programme: Your personal data is processed for the completion of pre-contractual and contractual measures (Article 6(1)(b) GDPR) (data categories (a) to (f)) and to pursue our legitimate interests (Article 6(1)(f) GDPR) (data category (g)), such as fraud prevention and the further development of this website.
Information Services: The processing of your personal data is based on your consent (Article 6(1)(a) GDPR) that can be withdrawn at any time. The withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
Data retention periods and right to erasure
Your personal data will be automatically deleted from our systems and associated paper files will be destroyed once it is no longer necessary in relation to the purposes for which it was collected or otherwise processed. The following retention periods apply.
Program: If your application was not successful, then your personal data will be deleted or destroyed twelve months after the decision was communicated to you. If you participate in the Program, then your personal data will be retained for three years after the completion of the Program, starting at the end of the respective year. The retention periods may be extended if required by the Deutsche Gesellschaft Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH or the European Union as our cooperation partners.
Information Services: Your personal data, limited to the minimum data required, will be stored for two years after our consent was given. Afterwards, we will delete your data automatically if we do not ask you for re-consent to extend the retention period.
Data transfer to third parties in different countries
Your personal data will be transferred to the following third parties and countries:
(a) Deutsche Gesellschaft Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH in Germany and the European Union, for the purpose of auditing the Program;
(b) our local partners in Germany, in other member states of the European Union and in other countries, including your country, for the purpose of organizing mentoring and training measures, and to provide local support.
The legal basis for all data transfers is completion of pre-contractual and contractual measures (Article 6(1)(b) GDPR). The transfer to countries outside the European Union will be either based on an adequacy decision by the European Commission (Article 45(3) GDPR), or it will be subject to appropriate safeguards (Article 46 GDPR). In the absence of an adequacy decision pursuant to Article 45(3) GDPR, or of appropriate safeguards pursuant to Article 46 GDPR, the data transfer will be based on the necessity for the conclusion and performance of the contract concluded in the interest of you (as data subject) and us (as data controller) pursuant to Article 49(1)(c) GDPR.
Your rights with regard to our data processing
Where permitted by law and technically feasible, you have the right to request information about your personal data (Article 15 GDPR), to update or correct your personal data (Article 16 GDPR), to request that your personal data to be deleted from your systems and files (Article 17 GDPR), to restrict the processing of your personal data under certain circumstances (Article 18 GDPR), to withdraw your consent at any time, as far as your personal data is being processed based on your consent (Article 7 GDPR), to object at any time to the processing of your personal data (Article 21 GDPR), to have your personal data supplied in an electronic format (Article 20 GDPR).
You may file a complaint with us, with our data protection officer (“DPO”), or with the relevant data protection authority. The relevant data protection authority is: Berliner Beauftragte für Datenschutz und Informationsfreiheit. By request, our DPO will handle your complaint with strict confidentiality, so that your identity will not be disclosed to us.
Data protection officer
Leu Rechtsanwaltsgesellschaft mbH
Attn: Dr. Norman-Alexander Leu
60528 Frankfurt am Main, Germany
Telephone: +49 69 348 731 880
Fax: +49 69 348 731 889