Euris as Data Controller is committed to protecting your privacy. Euris will not collect any personal information about you unless you provide it voluntarily or unless we are legally required to obtain it in terms of our Anti-Money Laundering (‘AML’) obligations. We will process any personal data only insofar as is necessary to provide one or more Services you have requested or otherwise with your consent. Any personal information communicated to Euris is kept within its own records in accordance with the Data Protection Act (Chap. 586 of the Laws of Malta) as currently in force as well as the General Data Protection Regulation (Regulation (EU) 2016/679).
|Client||Means the Entity or any physical person engaging Euris to provide the Services.|
|Euris||Euris Consult Limited C 29476
Vault 13-15, Valletta Waterfront, Floriana, FRN 1914
|EurisGroup||Means any entity being a holding, subsidiary, associated or related company, entity or firm of Euris|
|Entity||Means the legal person engaging Euris to provide the Services.|
|Personal Data||Means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic cultural or social identity of that natural person.|
|Personal Data Breach||A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.|
|Personnel||Means and includes the directors, other officers, employees, consultants, and staff of Euris and the partners and staff of its holding, subsidiary, associated and related companies, firms and entities and their successors in title.|
|Services||Means those services in respect of which Euris has been engaged (whether by Letter of Engagement or otherwise) to provide to you or to the Entity in which you are involved whether directly or indirectly or which you represent.|
|Website||Means the EURIS website available at: www.eurisconsult.com|
|Website Visitor||Means any person browsing through the Website not being a Client.|
|Special Categories of Data||Means any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.|
2. Who is the Controller?
Euris is the Controller in respect of your personal data and can be contacted at the below address:-
Euris Consult Limited
Tel. No.: +356 2203 0000
3. Legal Basis & Purpose
(a) Contact Services: Get a quote!
What personal data do we collect?
When using the Contact Services, we ask you to provide your name, surname and email address (collectively, “Contact Data”). This information will be provided by you by filling in the online form on our Website. The information will be used so that our representatives can contact you with further details and will be processed by us on the basis of your request prior to providing any Services.
What Personal Data does Euris collect?
When engaging Euris to provide Services, as a minimum we will collect your name, surname, contact details (email and phone) and address of the person engaging us and where such person is an Entity, the personal data of the physical person acting as a contact person for the Entity. Said details are obtained to establish proper communication channels in respect of the performance of the contract as well as for billing and debt collection purposes.
We process your personal data in order to perform the Services and otherwise to comply with our legal and regulatory requirements.
4. How long is it kept?
When submitting a “Get a Quote” request, your Contact Data will be retained until you are contacted by our representatives with further information regarding our Services; your information will be retained throughout our correspondence and will be deleted if we do not hear back within twelve (12) months from the last communication.
If you engage Euris to provide Services you will be entered into our client database and we are then required to keep a record of the information collected under point (b) for as long as you are a Client in accordance with our Terms and Conditions. Even when you are no longer a Client, Euris may be required to keep certain data including any correspondence, invoices and receipts for a longer period in line with its accounting, tax and VAT compliance requirements. In any case, the retention period shall not exceed ten (10) years from the date when Euris ceases all Services to the Client.
5. Who does Euris share the data with?
(a) We will share the data with other entities forming part of the EurisGroup as well as any other persons appointed by Euris to provide any of the Services.
(b) We will share the data with our sub-contractors performing translation services on our behalf;
(c) We will also share your data with the competent authorities if we are required to do so in order to comply with any applicable law, regulation or court order.
(d) From time to time, Euris may need to disclose personal, commercial or other data pertaining to the Client to third parties engaged to perform services on behalf of the Client (for example consultants, banks, legal advisors, lawyers, accountants and trademark agents).
6. Transfers to third countries?
Any personal data processed by Euris is stored on servers hosted on the Microsoft Cloud service and is therefore stored on servers within the European Union and the United States (https://docs.microsoft.com/en-us/microsoft-365/enterprise/o365-data-locations?view=o365-worldwide#data-center-locations). The processing of personal data in terms of this service is subject to the Microsoft Privacy Statement (https://privacy.microsoft.com/en-gb/privacystatement) and is in compliance with GDPR.
Furthermore, as part of the Services, Euris may need to share your data with third parties established or operating in other countries which may not have equivalent data protection or confidentiality/secrecy laws in place. While all efforts are made to minimise the risk to the Client’s personal data, the processing of Client personal data in countries which do not afford equivalent protection exposes the personal data to additional risk of disclosure and breach. The sharing of such data shall be carried out subject to appropriate safeguard being in place, including the use of transfer model clauses. Furthermore, any such disclosure shall not concern any special category of data except with the specific consent of the data subject and shall only be done if necessary for the provision of the Service(s) or at the request of the Entity (where applicable).
7. Your Rights
You have certain rights in relation to your personal information. If you would like further information in relation to these or would like to exercise any of them, please contact us via email at firstname.lastname@example.org at any time. You have the following rights:
(a) Access to your information: You may at any time submit a request to know what information is held in your regard, if any. You can ask us for a copy of your personal information; confirmation as to whether your personal information is being used by us; details about how and why it is being used; and details of the safeguards which are in place if we transfer your information outside of the European Economic Area ("EEA").
(b) Rectification: Euris will use its best endeavours to update and maintain the data as accurate as possible within a reasonable time. You may, at any time, submit a request to have any inaccuracies corrected. Euris assumes no responsibility or liability for the accuracy or correctness of any data provided if changes are not communicated to us.
(c) Right to be forgotten: where processing is based on consent and in other specific circumstances, you may request to have any or all of your details erased. You can ask us for further information on these specific circumstances by contacting us using the details below. We will pass your request onto other recipients of your personal information unless that is impossible or involves disproportionate effort. You can ask us who the recipients are using the contact details below.
(d) Restriction of processing: You may, at any time, submit a request to restrict the processing of your data. You have a right to ask us to restrict the way that we process your personal information in certain specific circumstances. You can ask us for further information on these specific circumstances by contacting us using the details below. We will pass your request onto other recipients of your personal information unless that is impossible or involves disproportionate effort. You can ask us who the recipients are using the contact details below.
(e) Right to data portability - You may request to receive your personal information in a commonly used structure and machine-readable format and have it transferred to another controller. This right only applies where we use your personal information on the basis of your consent or performance of a contract and where our use of your information is carried out by automated means.
(f) Right to object and automated individual decision-making - where processing is based on the performance of a task in the public interest or based on our legitimate interests, you may object to the processing, however, this is subject to any of our overriding interests including in particular compliance with legal requirement on our part. In such case we will aim for a result that is mutually satisfactory such as taking your personal information off the live environment and archiving it for the necessary period to enable us to comply with our legal requirements.
(g) Right to object to direct marketing: You may object to the processing of your personal data for the purpose of direct marketing. In the event of such an objection, we will no longer be able to provide you with updates regarding our products and services. We will consider all such requests and provide our response within a reasonable period (and in any event within one month of your request unless we tell you we are entitled to a longer period under applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims. If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.
9. Links to other Web Sites
Euris will use its best endeavours to ensure that adequate and reliable security measures are in place to protect personal data from being lost, misused or illegally accessed.