Our Data Protection policy indicates that we are dedicated to and responsible for processing the information of our, customers, stakeholders, employees and other interested parties with absolute caution and confidentiality. This policy describes how we collect, store, handle and secure our data fairly, transparently, and with confidentiality. This policy ensures that Bambus Group follows good practices to protect the data gathered from its customers, employees, and stakeholders. The rules outlined in this document apply regardless of whether the data is stored electronically, on paper or on any other storage device.

1. Policy Elements

As a key part of our operations, we gather and process any information or data that makes an individual identifiable such as full name, physical address, email address, photographs, etc. This information is collected only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply to our company. Our data will: Be precise and consistently updated;
Is collected legitimately and with a clearly stated purpose;
Be processed by the company in line with its legal and ethical binds;
Have protection measure that protects it from any unauthorized or illegal access occurring by internal or external parties.
Our data will NOT: Be communicated informally;
Exceed the specified amount of time stored; o Therefore, personal data of employees, customers, and affiliates who no longer use Bambus Group services will be archived for 3 years and deleted afterwards;
Be transferred to organizations, states or countries that do not acquire proper data protection policies;
Be spread to any party unless approved by the data’s owner (except for the legitimate requests demanded from law enforcement authorities).

2. Roles and Responsibilities

Everyone who works for or with Bambus Group is responsible for ensuring that the collection, storage, handling, and protection of data is being done appropriately.
Email: [email protected]
Phone: +383 (0)38 606 012
In addition, the following functions within Bambus Group hold the key areas of responsibility:

Information Security Manager and Data Protection Officer (DPO) is responsible for:

IT Systems Manager:

Systems Administrator:

3. General guidelines

4. Data Storage

These rules describe how and where data are safely stored. When data is stored on paper, it is kept in a secure place accessed only by authorized personnel.

When data is stored electronically, it must be protected from unauthorized access, accidental deletion and malicious internal or external threats.

5. Data usage

6. Data accuracy and actions

To exercise data protection, Bambus Group takes reasonable steps and is committed to:

7. Subject access requests

All individuals and organizations who are the subject of personal and other data held by Bambus Group are entitled to:

If an individual contacts the company requesting this information, this is called a subject access request. Requests from individuals should be made by email, addressed to the data protection officer at [email protected] The data controller can supply a standard request form, although individuals do not have to use this.

Our clients can contact us directly requesting these information through the subject access request. Such requests can be made via email addressed at our team at [email protected] We will always verify the identity of anyone making a subject access request before handing over any information. Confirmation will be asked from data subject using the email data subject used to register an account at BAMBUS GROUP. We will aim to provide the relevant data within 14 days.

7.1. Data Modification

Our clients can contact us requesting data modification and/or correction by sending an email to [email protected] or through the digital form available here. BAMBUS GROUP will verify the identity of anyone making a data subject access request before modifying or correcting any information.

7.2. Data erasure

Our clients can contact us requesting data erasure via email at [email protected] In addition, data subject will be provided with all necessary information before proceeding with erasure. Before proceeding with the erasure, the data subject will read the statement of our data protection officer, explaining the outcome of the data being deleted. Erasure of data can be requested at any time.

8. Children

Our website is not appealing to children, nor are they directed to children younger than 16. BAMBUS GROUP does not knowingly collect personally identifiable data from persons under the age of 16, and strives to comply with the provisions of The European Union General Data Protection Regulation (EU GDPR). If you are a parent of a child under 16, and you believe that your child has provided us with information about him or herself, please contact us at [email protected]

9. Disclosing Data

In certain circumstances, when required, BAMBUS GROUP can disclose data to law enforcement agencies without the consent of the data subject. However, the data controller will ensure the request is legitimate, seeking assistance from the board and from the company’s legal advisers where necessary.

10. Privacy Policy

We have a privacy policy available on our website, stating out how data relating to customers, stakeholders, employees, and other parties involved is used in our company.