Data Protection

Last updated: 16 July 2026

Top Consulting SRL (“we”, “us”, “our”) operates this website. This notice explains what personal data this website processes, why we process it, the legal basis for doing so, how long we keep it, who else receives it, and what rights you have.

We have written this notice to describe what this website actually does, rather than to make general reassurances. Where your data reaches a third party, we say so explicitly.

1. Who is responsible

The data controller is Top Consulting SRL, Republic of Moldova.

For any question about this notice, or to exercise any of the rights described in section 7, contact us at info@topconsulting.md.

2. What we collect, and why

You can browse this website without telling us who you are. We do not ask you to create an account, and we do not run advertising or marketing analytics on this site. The processing below is what actually takes place.

2.1 Contact form

What: the name, email address, telephone number and message you type into our contact form.
Why: to read and answer your enquiry.
Legal basis: steps taken at your request prior to entering into a contract, and our legitimate interest in responding to people who contact us.
Retention: 24 months from our last correspondence with you, unless the enquiry becomes part of a client engagement, in which case our normal engagement records apply.
Note: submissions are emailed to us and are also protected by the spam checks described in sections 3 and 4.

2.2 Live chat

What: the messages you send in the chat widget, and any name or email address you choose to provide in it.
Why: to answer your questions in real time.
Legal basis: your consent, given by choosing to start a chat, and our legitimate interest in answering enquiries.
Retention: 12 months.
Note: our chat runs on our own server. Chat transcripts are stored in this website’s own database and are not sent to an external chat provider.

2.3 Comments on articles

What: if you leave a comment, we store the name and email address you supply, the comment itself, and — as standard WordPress behaviour — your IP address and browser user-agent string.
Why: to publish your comment and to moderate spam and abuse.
Legal basis: your consent, given by submitting the comment.
Retention: for as long as the comment remains published. You can ask us to delete it at any time.

2.4 Server logs

What: our web server records the IP address, date and time, requested page, referring page and browser user-agent for requests made to the site.
Why: to keep the site available and secure, and to diagnose faults.
Legal basis: our legitimate interest in the security and stability of the website.
Retention: short-term, as operated by our hosting provider; we do not use these logs to build profiles of visitors.

3. Third parties that receive data

Two Google services are built into the pages of this website. Because your browser must contact Google’s servers to load them, Google receives your IP address when you visit this site, even if you never fill in a form. We consider it more useful to state this plainly than to omit it.

3.1 Google reCAPTCHA

We use reCAPTCHA to stop automated abuse of our contact form. It loads on all pages of this site, not only on the page containing the form, and it assesses whether you are a human by collecting your IP address, information about your device and browser, and your interaction with the page (such as mouse movement and time spent). This information is transmitted to Google and may be processed on servers outside the Republic of Moldova, including in the United States.

Legal basis: our legitimate interest in protecting our website and our contact form from spam and automated abuse.
Provider: Google Ireland Limited / Google LLC. See Google’s Privacy Policy and Terms.

3.2 Google Fonts

The typefaces used in our design are currently requested from Google’s font servers when a page loads. Your IP address is transmitted to Google in order to deliver those font files. No cookie is set by this request.

Legal basis: our legitimate interest in presenting the site consistently. Provider: Google Ireland Limited / Google LLC.

3.3 Hosting

Our hosting provider stores this website and its database on our behalf, and processes data only on our instructions.

3.4 What we do not do

  • We do not run Google Analytics or any comparable audience-measurement or advertising tracker on this site.
  • We do not use advertising pixels, and we do not share your data with advertising networks or data brokers.
  • We do not sell your personal data.
  • Our spam filter for comments runs entirely on our own server and does not send your data to an external spam-checking service.

4. Transfers outside the Republic of Moldova

The Google services described in section 3 may involve processing of your data in the United States. Google LLC is certified under the EU–U.S. Data Privacy Framework and additionally relies on the European Commission’s Standard Contractual Clauses as a transfer mechanism.

If you would like a copy of the safeguards applying to these transfers, write to info@topconsulting.md.

5. Cookies

This site does not set advertising or analytics cookies. The cookies it does use are limited to the following purposes:

PurposeSet byWhy
Language preferenceThis site (WPML)Remembers whether you are reading the site in English, Romanian or Russian.
Comment detailsThis site (WordPress)If you leave a comment, remembers your name and email so you need not retype them. Set only when you comment.
Pop-up displayThis site (Popup Maker)Remembers that you have already closed a pop-up, so it is not shown to you repeatedly.
Session / securityThis site (WordPress)Keeps the site working correctly and protects forms against cross-site request forgery.
reCAPTCHAGoogleUsed by Google to tell humans apart from bots — see section 3.1.

You can delete or block cookies through your browser settings. Blocking them may stop parts of the site, such as the contact form or the language switcher, from working properly.

6. Security

This website is served over an encrypted HTTPS connection, so the data you send us in transit is protected. We restrict access to the personal data described here to the people within our firm who need it in order to answer you.

7. Your rights

In relation to your personal data, you have the right to:

  • Access — obtain confirmation of whether we process your data, and a copy of it.
  • Rectification — have inaccurate or incomplete data corrected.
  • Erasure — have your data deleted where there is no overriding reason for us to keep it.
  • Restriction — ask us to pause processing while a dispute about it is resolved.
  • Portability — receive the data you gave us in a structured, machine-readable format.
  • Objection — object to processing based on our legitimate interests, on grounds relating to your situation.
  • Withdraw consent — where processing rests on consent, withdraw it at any time. This does not affect processing carried out before you withdrew it.
  • Complain — lodge a complaint with the supervisory authority, whose details are given below.

To exercise any of these rights, write to info@topconsulting.md. We will respond within the period required by the applicable law. We will not charge you for a request, and we will not treat you differently for making one.

We would prefer to resolve any concern directly, so please do contact us first. You remain free at any time to complain to the supervisory authority:

National Center for Personal Data Protection of the Republic of Moldova
str. Serghei Lazo 48, MD-2004, Chișinău
Tel: +373 22 820 801
Email: centru@datepersonale.md
Web: datepersonale.md

If you are in the European Union, you may also complain to the data protection authority of the country where you live or work.

8. Automated decision-making

We do not make decisions about you by automated means that produce legal effects or similarly significantly affect you, and we do not profile visitors for marketing purposes. The reCAPTCHA scoring described in section 3.1 is used only to distinguish humans from automated scripts.

9. Changes to this notice

If we change how this website handles personal data, we will update this page and change the “last updated” date at the top. Where a change is significant, we will make that clear rather than relying on you to spot it.