Privacy policy

Privacy Policy

Privacy Policy in accordance with Regulation (EU) 2016/679 “GDPR”

SiMAC SA respects the privacy of users (customers, suppliers, professionals, consultants, entities, third parties, employees, etc.) and undertakes to protect your personal data on the basis of the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016  "concerning the protection of individuals with regard to the processing of personal data, as well as the free movement of such data and which repeals Directive 95/46/EC (General Data Protection Regulation), in force since May 24, 2016 and applicable from May 25, 2018. Your
personal data is recorded in the database and the system of SiMAC SA, in relation to the activity that we carry out.
In accordance with the aforementioned legislation, it is not necessary for you to express your consent for your data to continue to be recorded in our database, taking into account the legitimate interest underlying the processing itself.

SiMAC SA guarantees to each interested party the exercise of their rights:
• access personal data;
• obtain the correction or cancellation of it or the limitation of the processing concerning it;
• object to the processing;
• data portability;
• to revoke consent, where applicable, the revocation of consent does not affect the lawfulness of the processing based on the consent given before the revocation;
• lodge a complaint with the supervisory authority (Privacy Guarantor).

The rights can be exercised by sending a request to the e-mail address: info@simacsa.ch as better specified in the last chapter

1. Introduction
These confidentiality rules describe the use of the user's personal data by SiMAC SA. on the occasion of the interaction with SiMAC SA for our relations or simply for the consultation of the website of our company.
They also serve to make the user aware of the rights related to privacy and the relative protection offered by the legal system.
We ask the user to read these confidentiality rules carefully in order to be informed of the use of their personal data by us.
For any questions or to exercise a right related to privacy, please follow the instructions indicated in this Privacy Policy.
In these privacy rules, we refer to "SiMAC SA", "we" or "we" to indicate the SiMAC SA responsible for processing the user's data.

2. Responsible for
processing The person in charge of the processing carried out by or on behalf of SiMAC SA is Route de Pra-Charbon 38 CH-1614 Granges (Veveyse) VAT: IDI CHE-278.101.734, in the person of the sole administrator.
SiMAC SA They have also been appointed as data processors.
The complete and updated list of subcontractors can be requested by sending an express request to the e-mail address: info@simacsa.ch.

3.
Corporate site The www.simacsa.ch site deals with the presentation of our company and our products.
Use of the site is intended for everyone and we do not knowingly collect data about them.
SiMAC SA is the data controller for this site and the processing of all personal data carried out by or on behalf of SiMAC SA

4. Personal data we may collect
Personal data, or personal information, is information relating to any person from which their identity can be deduced. Therefore, data from which the user's identity has been removed (anonymous data) is excluded. We collect various information relating to our customers/suppliers. This personal data can be traced to the categories set out below.
• Contact details: company data, postal address, telephone numbers, e-mail addresses, billing addresses.
• User identification codes or keys.
• Data relating to personal characteristics: date of birth, tax code, sex, nationality.
• Identification data: surname, first name and if the user communicates with us via social networks, this category of data also includes the username used on said social networks
• Transaction Data: includes information relating to payments by the user and to you as well as more information about the products and services purchased from us.
We do not collect Sensitive Data about you (this includes data revealing racial or ethnic origin, religious or philosophical beliefs, sex life, sexual orientation, political opinions, information relating to health as well as genetic and biometric data). Furthermore, we do not collect judicial data relating to the user.

5. How does the collection of personal data take place?
Normally we use  direct interaction:  the user decides to communicate identification, contact and financial data to us by filling in a form or by communicating this data by post, telephone, e-mail or via chat or social networks.
This includes personal data communicated by the user when he:
• Request an offer for one of our products;
• Transmits requests or requests the receipt of information;
• Requires an appointment / meeting / visit by a manager;
• Send your curriculum vitae from our site; • Contact us on social networks;
• Subscribe to our newsletter ;

6. How we use your personal data
We use your personal data within the limits set by law. In general, we use personal data in the following circumstances:
• To execute a contract in progress or already concluded with the user. For example, issuing a delivery note or invoice for the sale of products or for a service provided to you.
• Whenever it is necessary to pursue our legitimate interests (or those of third parties) as long as the interests and fundamental rights of the user do not prevail over them.
• If we have to comply with obligations imposed by laws or regulations.
In general, the legal basis on which we base the processing of your personal data does not include your consent, except as expressly provided by law, for example for the sending of certain direct marketing communications. In cases where the legal basis is based on consent, the user has the right to withdraw consent at any time.
For more information, please compare the legal basis on which we rely for the processing of personal data with the legal basis on which we base the processing of personal data.

7. The legal bases we rely on for processing personal data You
are aware that we may process your personal data on different legal bases depending on the specific purpose for which the data is used. Our decision making is not automated.
We invite the user to ask us any questions on this subject by the means indicated in article 16

8. Advertising, Marketing and User Preferences in Communications
If specifically consented, we may use direct marketing strategies by email, telephone, SMS or post. For example, the user could receive our newsletter via his e-mail box. We make every effort to ensure that our site always clearly communicates our activities and the type of messages delivered to the user, both when the user himself decides to receive our newsletter and when he completes the contact form.
The user can change his mind at any time and decide to unsubscribe.

9.Cookies
By using the site, you consent to the use of cookies in accordance with this policy. If you do not consent to the use of cookies in this way, you must configure your browser appropriately or not use the site. If you decide to disable cookies, it may affect the browsing experience on the site.

10. Disclosure of personal data
The personal data of the user will not be shared with third parties, except with external auditors and professional consultants such as banking, legal, accounting and insurance advisers and administrative, regulatory and law enforcement agencies.
In addition, if the activity for which the request was made requires the intervention of an inspector or an external collaborator, the data may be shared with the latter. We ask all third parties to respect the security of the user's personal data and to manage it in accordance with the legislation in force. We do not allow third party service providers to use your personal data for specific purposes, but only allow them to process your personal data for specified purposes and in accordance with our instructions.

11. Data Security
We have implemented appropriate security measures to prevent the accidental loss of the user's personal data, as well as their use or access by unauthorized subjects, their alteration or dissemination. In addition, access to the user's personal data is limited to collaborators and other third parties who, for reasons related to the exercise of their commercial activity, must necessarily know them. Your personal data will be processed exclusively on our instructions and these subjects are bound by the obligation of confidentiality.
We have put in place procedures for the management of any breach of personal data and we will make sure to communicate these breaches to the user and to any supervisory authority if this is required by law.

12. Links with third parties
Our site may include links to third party sites, as well as third party plug-ins and applications (eg Facebook, Instagram, LinkedIn). By clicking on these links or connecting to them, you consent to third parties collecting or sharing user data. Third party sites are not controlled by us and SiMAC SA is not responsible for their respective privacy policies. When leaving our site, the user is required to read the privacy policies of any other site consulted.

13. Data retention
We will only retain user personal data for as long as necessary to fulfill the purposes for which the data was collected, including purposes related to satisfying any legal, accounting or reporting obligations.
To determine the correct retention period for personal data, we consider the amount, nature and degree of sensitivity of the personal data, the potential risk of any damage due to unauthorized use or dissemination of the personal data of the user, the purposes for which the processing takes place and the possible existence of alternatives, as well as the applicable legal obligations.
In certain circumstances, the user can ask us to delete the data concerning him; for more information, see the “Your Legal Rights” section below.

14. Rights guaranteed by law
The European regulation on the protection of personal data applies to the user, he is the holder of the rights guaranteed below by the legislation on the protection of privacy with reference to his personal data.
• Right to information – we are obliged to inform you about the use of your personal data by us (obligation which we fulfill with these privacy rules);
• Right of access – right to submit a “data subject access request” to obtain a copy of the personal data of the interested party stored by SiMAC SA;
• Right of rectification – right to demand the correction of personal data if it is incomplete or incorrect;
• Right of cancellation – also called “right to be forgotten” when, in certain circumstances, the user can request the cancellation of personal data concerning him (provided that there is no rule that provides for their maintenance and which prevails over the request );
• Right to restriction of processing – right to request, in certain circumstances, the suspension of the processing of personal data;
• Right to portability – the right to request a copy of the user's personal data in a commonly used format (eg a .csv file);
• Right to object – the right to object to the processing of the user's personal data (for example, if the user does not authorize the processing of data for direct marketing purposes);
These rights are subject to certain rules which determine their exercise. For more information, you can consult the Guide to the application of the European regulation on the protection of personal data.
There is no charge for accessing your personal data (or for exercising the aforementioned rights). Nevertheless, we reserve the right to apply substantial fees if the request is manifestly unfounded, repetitive or excessive. Alternatively, and in these circumstances, we may refuse to comply with your request.
We may request specific information from you to help us confirm your identity and ensure appropriate access to your personal data (or to exercise any of your rights). This security measure is necessary to ensure that personal data is not disclosed to any third party who does not have the right to receive it. We can also contact the user himself to ask him for additional information in relation to his request in order to speed up the procedure.
We do our best to respond to all legitimate requests within 2 business weeks. Sometimes it may take longer if the request is particularly complex or if the user has submitted many requests.
In these cases, we will be happy to communicate the timing to the user and keep them informed.
If the user has any other questions regarding these privacy rules, or intends to submit a request to exercise any of the rights guaranteed by law, he can contact the RDP working group through the contact details of the section 15 “How to contact SiMAC SA” for privacy issues.

15. How to communicate with SiMAC SA for questions and to exercise your privacy rights
If you have any questions relating to these privacy rules, or if you intend to exercise your rights, you can contact us as follows:
E-mail: info@simacsa.ch

or a written request to the address:
SiMAC
Privacy Division
Route de Pra-Charbon 38
CH-1614 Granges (Veveyse)