Personal Data Privacy Policy - GDPR

This privacy policy (Policy) is provided in relation to the processing of personal data of customers of Sidler SA.

1.      Data Controller

For the purposes hereof, the data controller is Sidler SA, with registered office in Via Gaggiolo 27, 6855 Stabio CH, with business register number CHE-100.591.903 VAT (Data Controller). 

The Data Controller is a company operating in the field of recruitment and in the provision of career development services.

2.      Data collected

Your personal data collected are limited to those necessary for the establishment, management, execution and/or conclusion of the relationship with the Data Controller. In particular, your personal data processed may be: (i) identification data (e.g. company data, such as tax code and VAT number and name and surname of the legal representative); (ii) contact data (e.g. e-mail, telephone number) (hereinafter, jointly, the Data).

3.      Purpose of the data processing and legal basis

The Data will be processed in order to establish and correctly execute the relationship with the Data Controller and comply with any legal obligations connected to the same.

The legal basis for the processing of the Data for the above purposes is the legitimate interest of the Data Controller to contact the data subject in order to offer him/her its services and to set up, manage and perform the tasks conferred on the same by virtue of the relationship established with the data subject. This legitimate interest of the Data Controller is compatible with the position of the data subject as it is reasonable to believe that the data subject has a corresponding interest in being informed of the business opportunities relating to the activity carried out by the Data Controller, for example, of any candidate profiles possibly of interest to the company where the data subject works.

It will always be possible, at any time, to object to the receipt of such communications or to the use of one or more of the contact details provided, by contacting the Data Controller at the e-mail address privacy@sidler-sa.ch or by writing to Sidler SA, at the registered office address in Via Gaggiolo 27, CH-6855 Stabio (CH).

The described processing of the Data is not necessary to reply to specific requests and a possible opposition to the receipt of such communications will not affect in any way any different relationship established with the Data Controller.

The data subject undertakes to communicate the content of this Policy to all its employees and/or collaborators whose personal data is provided to the Data Controller in the execution of the relationship to which this Policy relates.

4.      Means of the Data processing

The Data will be processed by employees and/or collaborators of the Data Controller, specifically designated as authorised persons and external data processors, whose respective names are available on request to the Data Controller.

The Data Controller and such third parties process the Data manually or by means of electronic or automated instruments, according to procedures strictly related to the purposes and in any case in order to guarantee the security and confidentiality of the Data.

For the purposes hereof, the Data will be processed and kept outside the European Union, namely in Switzerland, where the Data Controller has its registered office and where the data processors appointed by the Data Controller have their registered office.

In any case, your Data will be processed exclusively in Non-EU countries providing adequate level of data protection pursuant to the rules of the European Institutions, as it takes place in Switzerland, in relation to which the European Commission adopted the Decision of 26 July 2000 on the adequacy of personal data protection in Switzerland pursuant to directive 95/46/EC.

5.      Data notification and recipients

The Data may be notified to third parties only where necessary for the establishment, management, execution and/or conclusion of the relationship with the Data Controller.

The third-party recipients of the Data, autonomous data controllers or duly designated as data processors, belong to the following categories:

  1. subjects who perform, on behalf or in favour of the Data Controller, tasks of a technical and organisational nature or professional assistance/consultancy (e.g. accounting and payroll consultants, legal consultants and notaries, managers of the software infrastructures used by the Data Controller); 
  2. central and local bodies of the Public Administration, local authorities and their local bodies;
  3. Judicial Authorities and Public Security Authorities.

The complete list of data processors is kept at the Data Controller’s registered office and can be consulted on request to be sent to the addresses indicated in article 8 below.

6.      Data disclosure

Data shall not be disclosed.

7.      Data retention

The Data are processed only for the time strictly necessary to achieve the purposes set out in paragraph 3 above and, in any case, for a maximum of 24 months from collection for such purposes.

8.      Data subjects’ rights

The Data subjects are entitled at any time: (i) to obtain confirmation of the existence or non-existence of their personal data; (ii) to know the purposes and terms of data processing, the recipients of such Data, the data retention period; (iii) to obtain personal data rectification or erasure and, if applicable, restriction of processing; (iv) to object to processing; (v) if applicable, to receive their personal data provided to the Data Controller in a structured, commonly used, machine-readable format and send it to another data controller without any impediment by the Data Controller;  (vi)  to file any complaint to the Data Protection Authority (in Italy: Garante per la protezione dei dati personali).

 

The aforementioned rights may be exercised at any time upon request, to be sent to the Data Controller: