Notice on the processing of personal data
(Art. 13 of legislative decree 196/2003 – Personal Data Protection Code – Art. 13 of Regulation (EU) 2016/679 on the protection of personal data – General Data Protection Regulation)
Alumetal Turbochargers SA, with offices in Via Cereda 3 CH 6828 Balerna (Switzerland) VAT No.
Data Controller pursuant to articles 4 and 28 of Legislative decree 30 June 2003, no. 196 – Personal Data Protection Code (“Code”) and articles 4, paragraph 7) and 24 of Regulation (EU) 2016/679 of 27 April 2016 (“Regulation”) concerning the protection of natural persons with regard to the processing of personal data, hereby states, pursuant to art. 13 of the Code and 13 of the Regulation, that it will process personal data relating to the Company and to natural persons who have legal representation for the purposes and in the manner indicated below.
What are personal data?
Personal data refers to any information regarding a natural person which can make that person identifiable and may include (but is not limited to):
- Name and contact information including, for example, e-mail and telephone number
- National insurance number
- Employment history
- Number of employees
- Credit rating
- Accounting data
What are sensitive data?
Sensitive personal data may refer to the above data but also include genetic and biometric data. For example:
- Medical conditions
- Religious, philosophical and political opinions
- Racial or ethnic origin
- Biometric data (e.g. photo in an electronic passport)
Who is the Data Protection Officer (“DPO”)?
In compliance with the GDPR regulations, the "data processor" means the person or organization that decides on the purposes for which personal data are processed and the manner in which it is carried out.
Alumetal Turbochargers SA is not obliged to appoint a DPO under current legislation.
What is data processing?
Data processing is any operation or group of operations carried out on personal data, or sets of it, whether or not by automated systems.
Examples of data processing explicitly listed in the text of the GDPR are as follows: collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
What information do we collect on you and how?
The data controller is bound by the requirements of the general data protection regulation (GDPR).
When you decide to use our services, you agree that we have the right to obtain, use and process the information you provide to enable us to give you the best user experience possible and for other related purposes, including:
- Updating and improving customer records
- Analysis for management purposes
- Analysis for statistical purposes
- Legal and regulatory compliance
- Crime prevention.
How will we use the information about you and why?
At Alumetal Turbochargers SA we take your privacy seriously and will use your personal information only to provide the services you have requested. We will use this information only according to your instructions, the law on the protection of data and our confidentiality obligation.
As part of our work, we may be required to pass your information on to our third-party service providers, agents, subcontractors and other associated organizations for the purpose of completing activities and providing services to you on our behalf. However, if we need third-party suppliers to provide you with a service, we disclose to them only the personal information necessary to provide our services and require them to keep your information secure and not to use it for their direct marketing purposes.
We collect information on our website to process your requests, manage registration for events, give help based on the data collected and improve our services. If you give your consent, we will also use this information to share updates with you about our services that we think may be of interest to you.
We will not share, in any way, your information with companies for marketing purposes so that they can offer you their products and services.
Transfer of information outside the European Union
To the extent strictly necessary for the performance of services, your personal data may be disclosed to third parties, such as, by way of example, suppliers of products and / or services, located both within and outside the European Union. Any transfer outside the EU will in all cases be subject to compliance with the legislation in force.
Security measures in place for the data collected
When you provide us personal information, we take all the measures necessary to ensure your data are processed with appropriate security.
Non-sensitive data (your email address, etc.) are normally sent over the Internet and this can never be guaranteed to be 100% secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of the information you transmit to us. Once we have received your information, we do our best to ensure it is secure on our systems. Where we have provided (or where you have chosen) a password which allows you to access certain parts of our websites or services, you are responsible for keeping this password confidential and changing it once you have been notified of it. Please do not share your password with anyone.
We would like to send you information on our services which could be of interest to you. If you have consented to receive advertising and marketing information, you may opt out at any time as set out below.
You have the right, at any time, to stop us from contacting you for marketing purposes. To opt out, please send an email to: firstname.lastname@example.org
How long will we keep your data for?
In line with legal requirements, we will store your data for the minimum time provided for by tax regulations. If required, you will have the right to waive/withdraw, update or request erasure of your data at any time and details on how to do this are contained in this privacy notice.
Access to information, rectification, portability and erasure
What does a request for access mean?
This is your right to request a copy of your data we have in our possession. If you would like a copy of some or all of your personal information, please send us an email to: email@example.com. We will reply within one month from receiving your request.
We want to ensure that your personal information is accurate and up to date. You may ask us to rectify or remove information that you believe to be inaccurate by contacting us using the above procedures.
Objection to the processing of personal data
You have the right to object to the processing of your personal data. We may refuse to process such a request only if we are able to demonstrate valid and legitimate grounds that outweigh your interest, rights and freedoms in that specific case, or that the data is being processed for the purpose of establishing, exercising or defending legal claims.
You also have the right to receive the personal data which you have provided to us, in a structured, commonly used and machine-readable format and transmit this data to another controller
Right to be forgotten (erasure)
If you want us to erase all information about you, you can let us know by sending an e-mail to firstname.lastname@example.org.
Complaints and disputes
If you think that your personal data have not been processed in a manner which complies with the GDPR, you have the right to lodge a complaint with a supervisory authority. The supervisory authority will inform you of the progress and results of your complaint.
How to contact us