Skip to content

Athens, Greece · Since 2015

Back to Home // LEGAL

Privacy Policy

Last updated: April 2026

1. Introduction

EXM P.C. ("Ex Machina", "we", "us", or "our") is committed to protecting the privacy of visitors to our website at exm.gr and our clients. This Privacy Policy explains how we collect, use, and safeguard your information when you interact with our website and services.

2. Information We Collect

Information you provide directly

  • Contact form submissions: Name, email address, company name, and message content when you reach out to us.
  • Client project data: Technical and operational data processed as part of our IoT service agreements, governed by individual data processing agreements.

Information collected automatically

  • Usage data: Pages visited, time spent, referring URLs, and general interaction patterns.
  • Device information: Browser type, operating system, screen resolution, and language preferences.

3. How We Use Your Information

We use collected information to:

  • Respond to inquiries and provide requested services
  • Improve our website and service offerings
  • Communicate about projects, updates, and relevant industry developments
  • Comply with legal obligations

4. Data Processing & Storage

We process data in accordance with the EU General Data Protection Regulation (GDPR). Contact form submissions are processed through Tally.so, which operates under GDPR-compliant terms. Our website is hosted on Cloudflare Pages with servers in the European Union.

For IoT platform services, client data is processed according to the specific data processing agreement in place. We offer both cloud-hosted and on-premise deployments to meet your data residency requirements.

5. Data Sharing

We do not sell your personal data. We may share information with:

  • Service providers: Cloudflare (hosting), Tally.so (forms), and Google Fonts (typography) — all operating under GDPR-compliant terms.
  • Legal requirements: When required by law or to protect our rights.

6. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate personal data
  • Request erasure of your personal data
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with a supervisory authority

7. Cookies & Tracking

Our website uses minimal tracking. We do not use advertising cookies or third-party analytics that track users across sites. Essential cookies may be used for website functionality.

8. Security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit (TLS), access controls, and regular security reviews. Our IoT platform is built with NIS2 compliance requirements in mind.

9. Contact

For privacy-related inquiries, data access requests, or to exercise your GDPR rights, contact us at:

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated revision date.