Privacy Policy
ECOMETAL SA, Via alla Rossa 3, CH-Rancate (hereinafter “Ecometal,” “Company,” “Data Controller”) is committed to processing all personal data collected through its website in accordance with the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP). The Company also adopts appropriate security measures to protect such data from unauthorized access.
In this Privacy Policy, Ecometal specifically informs users about the type of personal data collected and processed concerning the use of the website, the purposes for which the data is used, the parties to whom it may be disclosed, and users’ rights regarding the processing of their personal data by ECOMETAL SA.
By accessing the online portal (hereinafter “portal” or “website”) and/or using the services offered, the user acknowledges having carefully read this privacy statement. Any questions regarding this privacy statement can be directed via email to privacylpd@ecometalsa.ch.
1. PROCESSING OF PERSONAL DATA
Any operation relating to personal data, regardless of the means and procedures adopted, namely the collection, storage, use, review, communication, archiving or destruction of data.
2. COLLECTION OF PERSONAL DATA
a) Personal data automatically transmitted through website usage To enable the use of requested content and services, the Company collects personal data that identifies the user. Among the personal data collected during browsing (for more details on data collected via cookies, see “Cookie Policy”) are IP addresses or domain names of the computers and terminals used by users, addresses in URI (Uniform Resource Identifier) and URL (Uniform Resource Locator) notation of requested resources, date and time of access, geographical connection area, the method used in submitting the request to the server, and other parameters related to the user’s operating system and IT environment.
This personal data may also be used to determine responsibility in the event of alleged cybercrimes against the website, mobile applications, or other tools, or against third parties.
b) Personal data voluntarily provided by the user
The Company collects and processes personal data voluntarily submitted by the user via the contact form (last name, first name, email address).
Without this personal data, the Company cannot provide the requested services.
c) Personal data disclosed to third parties
Personal data provided may be communicated to third parties bound by confidentiality obligations, who will process the data as external processors or as individuals acting under the authority of the Data Controller or Data Processor for the purposes outlined above.
These third parties process the provided data as Data Processors (Art. 9 FADP) or Independent Data Controllers. Specifically, the Company may share the collected personal data with the following categories of recipients:
– The Company’s consultants and suppliers (e.g., entities providing website maintenance, IT system maintenance, and communication network services, including hosting providers, webmasters)
– IT support and assistance providers (e.g., webmasters)
– Authorized personnel working at the Data Controller’s office (employees)
– Competent authorities for compliance with legal obligations and/or regulations upon request
3. PURPOSE OF DATA PROCESSING
The Company uses automatically collected personal data for the following purposes:
a) Personal data automatically transmitted through website usage
– Enable portal display, operation, and functionality
– Ensure system stability and security
– Improve and protect services
– Statistical purposes in case of attacks on the network infrastructure hosting the website
b) Personal data voluntarily provided by the user
– Provide, maintain, protect, and optimize services and information offered
– Communicate with users and offer personalized information (e.g., about services)
– Offer new services and information
– Comply with legal, regulatory, and internal requirements
– Establish, exercise, and/or defend actual or potential legal claims, investigations, or similar proceedings
– Other legitimate purposes arising from circumstances or specified at the time of data collection
4. TRANSFER OF PERSONAL DATA ABROAD
The Company uses service providers based in Switzerland or the EU who process personal data both in Switzerland and in the EU. Transfers to countries that do not adequately protect data according to Swiss or European law are excluded, except with the express consent of the user or by virtue of a legal obligation.
5. DURATION OF PERSONAL DATA RETENTION
In principle, personal data are deleted as soon as they are no longer needed to fulfil the purpose for which they were collected, unless a longer retention period is necessary to fulfil legal obligations (e.g. retention and documentation requirements), contractual or pre-contractual obligations, or justified business interests of us (e.g. to assert, exercise or defend legal claims).
On this basis, we generally process personal data in accordance with the following rules and obligations:
a) Personal data automatically transmitted by you through the use of our portal for the purpose of viewing, operating and ensuring the functionality of the portal, will be deleted at the end of the browsing session (see point 2.a).
b) Personal data provided in connection with requests received via the ‘Contact’ area will generally be retained by us for as long as necessary to achieve the purpose, but for no longer than 6 months (see point 1.b). If a business relationship is established, the data will be retained for up to 10 years.
6. DATA PROCESSING METHODS
Processing will be carried out using methods and tools designed to ensure maximum security and confidentiality, performed by specially trained personnel.
7. DATA SUBJECT RIGHTS
Under the FADP, the data subject has the right to obtain the following rights from Ecometal at any time upon express request (non-exhaustive list):
– obtain the rectification of inaccurate or outdated personal data
– be informed in writing and free of charge if personal data concerning him/her are being processed
– prevent the disclosure to third parties of any sensitive personal data
– obtain the portability of personal data or request that they be transferred to third parties
– request the restriction or blocking of data processing, the prevention of disclosure of data to third parties or the rectification or destruction of personal data
– request the prohibition of a specific processing of personal data and specific communication of personal data to third parties or the deletion or destruction of specific personal data
– revoke any consent given
– if neither the correctness nor the inaccuracy of the personal data can be proved, request the addition of a note indicating the objection
– request that the rectification, destruction, blocking, especially communication to third parties, in addition to the notice of objection or ruling be communicated to third parties or published
– have the processing of personal data declared unlawful
If the data subject believes that their data processing violates FADP, they may file a complaint with the competent data protection authority (Federal Data Protection and Information Commissioner – FDPIC).
8. EXERCISING USER RIGHTS
To exercise their rights, the data subject can contact the Data Controller at privacylpd@ecometalsa.ch,subject to Article 26 of the FADP on “Restriction of the Right of Access.”
9. SECURITY MEASURES
The Company implements and regularly updates technical and organizational measures to maintain data security and protect it from unauthorized or unlawful processing, accidental loss, alteration, disclosure, or unauthorized access.
Third-party data processors engaged by the Company process personal data only in accordance with its instructions and must take strict security precautions under the law.
The transmission of information on Internet is not completely secure and involves risks. In spite of our efforts to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission takes place without our undertaking any liability. For this reason, you may send us your personal data by other means. Once we have received your data, we apply strict procedures and security measures to prevent unauthorised access.
10. ADDITIONAL INFORMATION, CHANGES, UPDATES
This Privacy Policy is effective as of March 15, 2024. Ecometal reserves the right to revise, update, add, or remove any part of this policy at its discretion at any time, including in response to changes in legal and regulatory data protection obligations. Any modifications will be indicated with the updated date.
15.03.2024
