2.1. Emvis commits to implement all necessary technical and/or organizational measures to ensure the protection of personal data from any accidental or unlawful destruction, loss, deterioration, unauthorized disclosure or access and any other unlawful form of processing.
2.3. In addition, Emvis collects personal data which the Users provide through this Website, for example when the Users enter personal details on the subscription form (i.e. title, first name, last name, position, company, address, e-mail address, phone number) if the Users subscribe to receive Emvis press releases and other publications. The recipients of such personal data within Emvis are business departments/units related to client services, investor relations or public relations on a need to know basis.
2.4. The source of such personal data originates from the information directly provided by the Users. In principle, no publicly accessible sources will be used for retrieving the categories of personal data indicated above. However, in limited cases, personal data may be sourced from PR and/or media providers, including related public websites (i.e. journalist and/or analyst contact details).
2.5. Emvis is entitled to hold and process personal data on the following lawful grounds:
a. the processing is necessary to operate the Website and provide Subscription Services; and
b. the processing is necessary for the Emvis legitimate interests for the Purpose as defined below, provided your interests and fundamental rights do not override those interests (such as those described in section 2.2 and section 2.6 under sub-paragraphs b) and c)).
2.6. Emvis ensures that the Users personal data will only be collected, stored and processed pursuant to applicable data protection law and regulations and to the extent necessary for the purposes set out below (collectively, the “Purpose"), being to:
a. process personal data for the performance, management and monitoring of Emvis Website and Subscription Services;
b. process personal data for marketing purposes in relation to Emvis Subscription Services;
c. process personal data derived from the use of Emvis Website for technical administration, business analytics and diagnostics; and
d. provide personal data to third party service providers engaged by Emvis to provide administrative, transfer, document storage, record keeping and other functions in connection with Emvis Website and/or Subscription Services.
2.7. The Users hereby acknowledge that in the course of processing their personal data for the Purpose such data may be transferred to entities situated in or operating in countries outside the European Economic Area (“EEA") including cloud services and that such countries may not have an adequate level of data protection. Such countries include jurisdictions in which (i) Emvis has offices outside of EEA countries, and (ii) Emvis service providers are situated and operating. However, Emvis has established appropriate safeguards for such cross-border data transfers by way of an Intra-Group Data Transfer Agreement and the execution of EU model clauses as part of its standard commercial agreements with its external service providers.
2.8. Personal data will be processed for the Purpose in a strictly confidential manner and not communicated to third parties not authorized to receive such personal data, unless disclosure of personal data is required by data protection regulation and/or regulatory authorities.
2.9. Personal data will be stored for the Purpose as defined above as long as is necessary for the Purposes and/or necessary to comply with legal or regulatory obligations, in particular personal data will be retained during the time of the User relationship and up to ten subsequent years (subject to other (local) requirements).
2.10.The Users have the right to request access to personal data or to request rectification, erasure, restriction of processing of personal data as well as the right to object to the processing of its personal data. In selected cases, the Users may also have the right to receive an electronic copy of selected personal data for further use by the Users (data portability right). Any request shall be sent to Emvis data protection officer at firstname.lastname@example.org.
2.11.If the Users believe that Emvis has violated or is violating its data protection rights under data protection regulations, where applicable, the Users have the right to lodge a complaint with a responsible data protection supervisory authority. To find a responsible data protection authority, please see http://ec.europa.eu/justice/article-29/structure/dataprotection-authorities/index_en.htm.
2.12.In case the Users have any questions or requests related to data protection or its personal data, please contact Emvis data protection officer at email@example.com.
Version 1.0/ 04 September 2018