info.cert@stisc.gov.md
(022) 820 911
logo Government
Platform of
Cyber Event
Disclosure

Privacy Policy

The platform collects, stores, and processes personal data in accordance with data protection legislation in the Republic of Moldova.

The personal data provided are used exclusively for investigating and combating cyber threats.

Access to the information in the database is strictly limited to designated personnel and authorized collaborators who need this data for their duties.

Personal data is not disclosed to third parties without the consent of the data subject. The exception is law enforcement agencies in the case of an investigation.

The data remains confidential for the entire storage period and is stored in a secure environment, subject to technical and organizational protection measures.

  • The purpose of the platform is to collect reports of cyber events, gather statistical data related to the threat landscape, and provide informational support in cybersecurity.
  • User obligations - Users are required to provide accurate information to the best of their knowledge and abilities. Repeated false reports may lead to access restrictions.
  • Ownership of the cyber event - Submitted reports become the property of the platform owner and may be shared with law enforcement authorities if there is a need for notification, based on current legislative framework and the owner's area of jurisdiction.
  • Anonymization - Personal details may be removed from reports where possible, but cannot be guaranteed in all cases, except when such information is critical for documenting/analyzing the cyber incident.
  • Data Correlation  - Reports and related data may be correlated with other internal or open-source information for analysis purposes.
  • Data accuracy - Although efforts are made to ensure accuracy, the platform does not guarantee that the data will always be correct or up to date.
  • Availability disclaimer - The platform will strive for high availability, but occasional interruptions may occur beyond the owner's control.

Reporting a CYBER INCIDENT using the Governmental Cyber Event Disclosure Platform is a voluntary notification, according to the provisions of Article 13 of Law 48/2023, and DOES NOT replace the official reporting of cyber incidents as provided for in Article 12 of Law 48/2023 on cybersecurity, to CERT or NSA or other public institutions empowered by law (as appropriate).