EU Compliance Policy 649/2016
The company under the name “EMMIS S.A.” (hereinafter referred to as “the Company”) has fully complied with the principles of personal data protection as set forth in the General Data Protection Regulation (European Union Data Protection Regulation – “GDPR”). Our primary concern is the protection of the personal data we collect and process as well as the secure transmission of this information where necessary for the purpose of processing.
The personal data collected is absolutely necessary to fulfill the clearly defined objectives of the Company related to the issuance of legal documents, compliance with tax laws, banking and other transactions with customers, suppliers and outsiders partners, as well as performing other tasks related to our subject, which is the manufacture and marketing of low voltage transformers and other power supplies and control products. The Company also collects and processes personal data for the purpose of organizing and promoting specialized training and training seminars for technicians, electrical engineers and students.
The Company does not process any personal data other than what is required to execute contracts between our customers or affiliates or to comply with the law. The Company also does not transmit personal data outside the Company’s limit to other companies or entities, beyond those strictly defined for the performance of its object or those required by public authorities.
The Company does not maintain any personal data stored outside its premises, including servers of other companies or in cloud providers. To protect the data that the Company processes, it adheres to the process of transferring them to the cloud circulated backup with its shared files as well as with the Oracle databases of the CEN application. As a result, it has taken all the modern technological measures available, ensures that they are constantly updated and up-to-date in the light of current developments, and has implemented appropriate safety and loss or sabotage policies.
As part of compliance with the new GDPR Regulation, it has provided for the establishment of a response system to possible requests related to the exercise of the rights of natural persons – data subjects.
These rights of natural persons are as follows:
- Right of access: information about the personal data we collect and how we process it.
- Right of correction: the ability to correct, supplement or update the data.
- Right to forget: the ability to delete data if it no longer serves the purpose of processing.
- Right to object: the ability of the subject to process personal data.
- Right to portability: the ability to transfer data to another controller at the request of the subject within a reasonable time and if technically feasible.
The purpose of the Company is to satisfy all requests within one month. In extremely rare cases where the request will not be possible, the interested parties will be given an immediate explanation and, to the extent possible, immediately available.
For further clarifications/questions please contact the above contact details.