My Account

Privacy policy

1. General Provisions

This Privacy Policy (the “Policy”) describes what personal data the GustViu mobile application (the “App”) collects, how it is processed, stored, and protected.

GustViu is intended for users in the Republic of Moldova and enables users to discover, reserve, and purchase offers from restaurants, cafés, bakeries, shops, and other partners (the “Partners”) at a reduced price.

Personal data is processed in accordance with:

  • Law of the Republic of Moldova No. 133 of July 8, 2011 on the Protection of Personal Data;
  • Requirements of the National Center for Personal Data Protection of the Republic of Moldova (CNPDCP);
  • Apple App Store and Google Play requirements regarding user data processing.

By using the App, you confirm that you have read this Policy and consent to the processing of your personal data on the terms set out below.

2. Data We Collect

2.1. Data You Provide During Registration and Use

  • First name and/or last name;
  • Email address;
  • Mobile phone number;
  • Password (stored in encrypted form);
  • Profile photo (optional);
  • Authentication data via third-party services (Apple ID, Google), if you choose this sign-in method — we receive only the name and email address shared by the provider.

2.2. Payment Data

When you pay for orders in the App, payment information (card number, expiration date, CVV) is processed directly by a certified payment provider. WEBNUM LLC does not store and has no access to your full payment details. We only receive payment confirmation, amount, currency, date, and transaction ID.

2.3. Geolocation

With your consent, the App collects location data (precise or approximate) in order to:

  • show Partner offers near you;
  • calculate the distance to the pickup point;
  • generate personalized recommendations.

You may revoke location permission at any time in your device settings. Some App features will be unavailable in this case.

2.4. Order and Partner Interaction Data

  • History of orders and reservations;
  • Order amount and contents;
  • Pickup location and time;
  • Ratings and reviews you leave for Partners;
  • Any messages you send to our customer support.

2.5. Technical Device Data

  • Device model and operating system version;
  • Unique device and app installation identifiers;
  • Language, time zone, network type;
  • IP address;
  • App error and crash logs;
  • In-app activity data (screen views, taps, frequency of use).

2.6. Push Notifications

If you opt in to push notifications, we store your device’s push notification token to send order updates, new offers, and promotions. You can withdraw consent at any time in your device settings.

3. Purposes and Legal Bases for Processing

PurposeLegal basis (Law No. 133/2011)
User registration and identificationPerformance of a contract (Art. 5(5)(b))
Order and reservation processingPerformance of a contract
Payment processingPerformance of a contract
Transactional notifications (order status, receipts)Performance of a contract
Marketing emails and push notifications about new offersConsent of the data subject (Art. 5(5)(a))
GeolocationConsent of the data subject
Analytics and improvement of the AppLegitimate interest of the Operator
Fraud and abuse preventionLegitimate interest of the Operator
Compliance with legal obligations (accounting, tax, responses to authorities)Legal obligation of the Operator

4. Sharing Data with Third Parties

We do not sell your personal data. Data may be shared only with the following categories of recipients:

4.1. App Partners (restaurants, cafés, shops, etc.)

When you place an order, the Partner receives: your name, order number, order contents, pickup time, and contact details (where necessary). Partners are required to use this data exclusively to fulfil your order.

4.2. Payment Providers

Payments in the App are processed through certified payment systems (PCI DSS compliant). They receive only the data required to process the payment.

4.3. Infrastructure and Service Providers

  • Hosting and cloud storage (e.g., Amazon Web Services, Google Cloud, Supabase);
  • Analytics and crash reporting services (e.g., Firebase Analytics, Crashlytics);
  • Push notification services (Apple Push Notification service, Firebase Cloud Messaging);
  • Customer support tools.

All such contractors process data on the basis of agreements that ensure a level of protection equivalent to the requirements of Moldovan law.

4.4. Government Authorities

In cases provided for by law (in response to a duly substantiated request from a court, prosecutor’s office, police, tax authorities, etc.).

5. International Data Transfers

Some of our technology providers (cloud hosting, analytics, push notifications) are located outside the Republic of Moldova, including in the United States and the European Union.

Such transfers take place on the basis of:

  • Standard Contractual Clauses;
  • Adequacy decisions recognized by international practice;
  • Your explicit consent, where required by law.

We take all reasonable measures to ensure that the level of protection of your data is not reduced as a result of international transfer.

6. Data Retention Periods

Data categoryRetention period
User accountThroughout the period of App use and up to 12 months after account deletion
Order historyUp to 5 years (accounting / tax requirements)
Payment confirmationsUp to 5 years
Marketing consentsUntil consent is withdrawn
Logs and technical analyticsUp to 24 months
Customer support correspondenceUp to 24 months

After the retention period expires, data is deleted or anonymized.

7. Your Rights

In accordance with Law No. 133/2011, you have the right to:

  • Be informed about the processing of your personal data;
  • Access your data and obtain a copy;
  • Rectify inaccurate or incomplete data;
  • Erase your data (“right to be forgotten”) where processing is no longer necessary;
  • Restrict processing in cases established by law;
  • Object to processing based on legitimate interest or for marketing purposes;
  • Withdraw consent at any time (this does not affect the lawfulness of processing prior to withdrawal);
  • Port your data in a structured, machine-readable format;
  • Lodge a complaint with the National Center for Personal Data Protection of the Republic of Moldova (CNPDCP).

To exercise any of these rights, please send a request to: info@webnum.com. We will respond within 30 calendar days of receiving the request.

You can also delete your account directly in the App: Profile → Settings → Delete Account.

8. Data Security

We apply technical and organizational security measures, including:

  • encryption of data in transit via HTTPS/TLS;
  • password encryption (salted hashing);
  • access restrictions for staff and contractors;
  • regular data backups;
  • monitoring of suspicious activity;
  • staff training on confidentiality matters.

Despite all measures, no method of transmission over the internet is fully secure. We cannot guarantee absolute protection but undertake to notify you and CNPDCP without undue delay of any incidents in the manner required by law.

9. Children

The App is not intended for users under the age of 16. We do not knowingly collect data from minors. If you become aware that a minor has provided us with their data without parental or legal guardian consent, please contact us at info@webnum.com and we will delete such data.

10. Cookies and Similar Technologies

In the mobile App, we use local device storage (UserDefaults, AsyncStorage) and SDKs from third-party analytics providers, which may set their own identifiers. They are used to:

  • save your settings and session;
  • analyze App usage;
  • prevent crashes.

The App’s website (where applicable) may use standard cookies. You can manage them through your browser settings.

11. Changes to This Privacy Policy

We may periodically update this Policy. You will be notified of changes through the App and/or by email at least 14 days before they take effect. The current version is always available via a permanent link inside the App and on our website.

Continued use of the App after the changes take effect constitutes your acceptance of the updated Policy.

12. Contact Information

Operator: WEBNUM LLC Email for all questions and requests regarding personal data: info@webnum.com

Supervisory authority for personal data protection in the Republic of Moldova: Centrul Național pentru Protecția Datelor cu Caracter Personal al Republicii Moldova (CNPDCP) Address: str. Serghei Lazo 48, MD-2004, Chișinău, Republic of Moldova Website: https://datepersonale.md Email: centru@datepersonale.md

If you believe your personal data rights have been violated, you are entitled to file a complaint directly with CNPDCP.

Cart Panel 0
Contact us