Privacy Policy

GENERAL PRIVACY POLICY OF Emia Technology Services S.R.L. on collecting, processing and retention of personal data

Under the requirements of Regulation No. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), this Privacy Policy only concerns the customers of Emia Technology Services S.R.L. and the users of our online services, as well as the visitors of our website. Emia Technology Services S.R.L. makes efforts to ensure the protection of your personal data privacy in your capacity as data subject when using our services. To that end, we hereby lay down how the way in which your personal data shall be processed, your rights as a data subject, as well as how your data shall be protected. Any changes to this Privacy Policy can be found by accessing our website.

Emia Technology Services S.R.L. aligns to the requirements of Regulation No. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and we shall outline several significant matters in this Privacy Policy.

1. The purpose of using your personal data as data subject

By providing your personal data as data subject, you expressly and unequivocally manifest you consent regarding Emia Technology Services S.R.L. using the collected data for the following purposes:

  • To receive your complaints and/or your suggestions and to properly reply to you, in which case we will require e.g. your name, landline/mobile phone number, email address;
  • To receive online requests submitted via the form available on  https://emia.com, in which case we will require e.g. your name, landline/mobile phone number, address;
  • To contact you in case any issues occur in the delivery of our services, in which case we will require e.g. your landline/mobile phone number;
  • In the recruitment process, when you apply online for one of our open positions, in which case we will require your name, landline/mobile phone number, email address; Application for a job/recruiting. When you apply for a job with Emia Technology Services S.R.L., your personal data shall be processed and controlled by Emia Technology Services S.R.L. and shall only be used for recruitment purposes (interview, communication related to the recruitment process). The personal data used in the recruiting process shall not be stored for a period of time longer than the one required for the recruitment, and shall not be disclosed to third parties. If applicants wish to access, rectify or delete the personal data after the completion of the recruitment process, please contact data.protection@emia.com

Your data collected for the above-mentioned purposes shall only be kept as long as it is required to meet the purposes for which they were collected, i.e. one (1) year or for as long as the law requires. After that period, the personal data shall be deleted or rendered anonymous, unless we are required to keep it under an imperative legal requirement.

2. Your rights as data subject

Regulation No. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) grants a number of rights to the persons whose personal data are processed. Throughout the entire period when your personal data is kept by Emia Technology Services S.R.L., you have the following rights as a data subject:

Right of access means that you shall have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to that personal data and information on how the data is processed.

Right to data portability means the right to receive the personal data in a structured, commonly used and machine-readable format and the right to directly transmit that data to another controller, where this is technically feasible.

Right to object means the right to object to the processing of personal data when the processing is required for the performance of a task carried out in the public interest or on grounds of the legitimate interests of the controller. Where data is processed for direct marketing purposes, you have the right to object to the processing at any time.

Right to rectification refers to the rectification of inaccurate personal data without undue delay. The rectification shall be communicated to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

Right to erasure (‘right to be forgotten’) means that you shall have the right to request us to erase your personal data without undue delay, where one of the following grounds applies: it is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you withdraw your consent and there is no other legal ground for the processing; you object to the processing and there are no overriding legitimate grounds for the processing; the personal data has been unlawfully processed; the personal data has to be erased for compliance with a legal obligation; the personal data has been collected in connection with the offering of information society services.

Right to restriction of processing may be exercised when the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; where Emia Technology Services S.R.L. no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defense of legal claims; where the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.

All these rights can be exercised by means of a signed and dated written request, sent to our headquarters or by email at data.protection@emia.com

Furthermore, starting 25 May 2018, if you have any complaints or questions on personal data processing, you may contact our Data Protection Officer at data.protection@emia.com. Any complaints regarding personal data processing can be submitted with the National Supervisory Authority for Personal Data Processing.

3. Data transfer

Emia Technology Services S.R.L. shall not transfer, sell or exchange your personal data to or with third parties for marketing purposes.

4. Your data security

Emia Technology Services S.R.L. has taken technical and organizational measures to ensure a proper level of protection and security in the operations performed on personal data by limiting unauthorized access, or against loss or unauthorized handling of the data. Furthermore, according to the progress of information technology, we make permanent efforts to adapt our security measures.

5. Use of personal data

We shall only use the personal data for the purpose for which it was collected. We shall keep that information for the period specified under Art. 1 above. The access to personal data is strictly restricted to the staff of Emia Technology Services S.R.L..

6. Accountability

Emia Technology Services S.R.L. shall be responsible for complying with GDPR, as well as with the principles laid down herein. Emia Technology Services S.R.L. shall maintain under its responsibility a register keeping the records of personal data processing and the purpose for which it was collected, and, where required, shall make the information available to the supervisory authorities.

Any questions regarding this privacy policy can be sent to data.protection@emia.com

7. Processing security

We shall process the data safely, we shall apply and maintain appropriate technical measures to protect the personal data against accidental or unlawful destruction or loss, alteration, disclosure or unauthorized access. If any data security breaches are found, Emia Technology Services S.R.L. shall notify the National Supervisory Authority for Personal Data Processing within 72 hours and the data subjects as soon as possible.

8. Access to, and rectification or erasure of, personal data

Users shall be entitled to request at any time during the storage period described under Art. 1 herein to exercise their data subject rights as stipulated under Art. 2 herein and under Regulation No. 679/2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) by sending an email to data.protection@emia.com.

9. Complaints/requests and response times

The users whose data was collected and/or processed and who consented for such purposes for the entire period for which such data was collected may submit complaints/requests with Emia Technology Services S.R.L. by sending an email to data.protection@emia.com. The response time for such complaints/requests shall be thirty (30) days after the date when such complaints/requests are received and registered.

10. Changes/additions to this Policy

Emia Technology Services S.R.L. reserves the right to unilaterally change this Policy whenever it finds it necessary or e.g. following relevant legislation changes. If changes are made to this Policy, Emia Technology Services S.R.L. shall make these public on our website: https://emia.com. We encourage our users to check this website regularly to familiarize with the latest updates of the General Privacy Policy.

11. Contact data

Emia Technology Services S.R.L., headquartered in 175 Floreasca Avenue, Side B, 6th floor, office nr. 2, Bucharest, sector 1, 010564, registered with the Trade Register under no. J40/11005/2009, Tax ID: RO 26215836, email address: office@emia.com