Politique de confidentialité et de protection des données
Article 1 – General and subject
At Applitec Moutier SA (“our company”), we take protection of our clients’ data very seriously. We want our clients to feel safe when they use our website and the tools on our website.
This “Confidentiality and data protection policy” (“CDPP”) regulates the use of our clients’ data in the context of contractual relationships and/or orders between our clients and our company that are made via our website (E-SHOP).
This CDPP tells our clients about our company’s collection and processing of client data in a transparent manner.
More specifically, this CDPP applies to contractual relationships and orders between our clients and our company, and is an integral element of them.
Updates to this CDPP will be published on our company’s website, with the updated date at the top of this present document.
Article 2 –General principles of processing of our clients' data
Our company processes client data in order to meet client expectations to the best of our ability, particularly when clients place orders with us, and to understand client behaviour on our website and to measure the reach of and traffic on our website.
In this CDPP, our company presents the aims for which our clients’ data is used.
Any processing of our clients’ data requires their explicit consent.
Our company commits to make every effort, in collaboration with our clients, to ensure that client data is accurate and up-to-date.
Article 3 – Clients' prior consent to data processing
When our website is accessed, our company explicitly asks clients to consent to data processing when using the website and to the different tools used on the website (cf. Article 4 of this CDPP).
Consent is electronic, via an automatic window on the website. Our clients can choose between fully accepting data processing or parameterizing this processing in detail.
On the window in question, our clients will be informed that they can directly access this CDPP in order to read our company’s confidentiality and data protection policy. This means they can give free and informed consent.
On the window in question, our clients will also be informed of their right to oppose processing of their data as per article 8, let. G, of this CDPP.
Our clients can revoke their consent to data processing at any time. To do so, they need to click on a specific link at the bottom of our company’s website and follow the instructions. If they prefer, they can also send an email or a letter to our company indicating their wish to revoke consent, specifying whether this revocation is full or whether it only concerns certain processing of their data.
Contrary to the above, processing of client data by our company is authorised, even without client consent, if it is necessary for:
- Executing a contract to which the client is party, or execution of precontractual measures taken at this client’s request ;
- Respecting a legal obligation that requires data processing ;
- Safeguarding vital interests of the client concerned or another physical person ;
- Reasons of public interest, in accordance with law on data protection ;
- Meeting legitimate interests of our company or a third party, unless this is outweighed by the interests or freedoms and fundamental rights of the client concerned.
Article 4 – Type of client data processed by our compagny and aims of processing
A. General
Our company’s website has four tools, the use of which by our clients requires processing of their data, namely the “Create an account” form, “Contact” form, “Special request” form and the “Newsletter”.
Our company will use the data collected only in a manner compatible with the abovementioned tools and for the aims of these tools described in this article.
B. "Create an account" form
The account creation form allows clients to make orders or special requests depending on the type of account they have.
This tool collects the following personal information:
- Gender (sex) ;
- First name ;
- Last name ;
- Email ;
- Telephone ;
- Town ;
- Country ;
- ZIP/postcode ;
- PO box ;
- Company ;
- VAT number ;
- Field of activity ;
- Tax ID number.
C. Contact form
The contact form enables our clients to contact our company to get general information.
This tool collects the following personal information:
- Gender (sex) ;
- First name ;
- Last name ;
- Email ;
- Personal message from the client concerned.
D. Special request form
The special request form enables clients to request the creation of specific products in accordance with their needs.
This tool collects the following personal information:
- Gender (sex) ;
- First name ;
- Last name ;
- Email ;
- Telephone ;
- Town ;
- ZIP/postcode ;
- PO box ;
- VAT number ;
- Field of activity ;
- Personal message.
E. Newsletter
The newsletter is a tool used for our company to stay in touch with our clients.
This tool collects the following personal information:
- First name ;
- Last name ;
- Email.
Our clients are automatically signed up to the newsletter.
Our clients can unsubscribe from the newsletter at any time, either by clicking the unsubscribe button at the bottom of the website, or by contacting our company by email or using the “Contact form” above (cf. article 4, letter C of the CDPP).
F. Google Analytics
Our company uses Google Analytics and associated cookies to measure the number of users and their behaviour while using our website.
The main purpose of this tool is to better define website user profiles and to understand how they interact with our website.
This tool collects the following information about our clients in particular:
- IP address ;
- Configuration (computer, navigator, resolution, etc.) ;
- Access provider ;
- Page accessed and previous page ;
- Interaction with our website (time spent on a page, clicks, forms filled in, etc.).
Article 5 – Hosting and transmission of client data
With the exception of the newsletter, client data that is processed via our company’s website is hosted exclusively at the following address (“web host”):
KM Design Sàrl
Rue Centrale 63
2740 Moutier
Switzerland.
Personal data collected for the newsletter is also hosted by the web host but via the “Infomaniak” platform, which is a Swiss company specialised in web hosting, streaming of audio and video content, and on-demand video.
Data collected is only transmitted between our company’s staff and the web host concerned, via Infomaniak for the newsletter, in order to respond to our clients’ requests and orders.
Under no circumstances is the data collected transferred in any manner to third parties outside of our company and the web host.
Article 6 – Duration of storage of client data
Client data and messages from clients are stored as long as necessary to carry out and to ensure the services offered by our website under article 4 of this CDPP.
Data and messages from our clients concerning one or more orders are deleted once the orders for which the data is processed are delivered in full and any disputes or subsequent procedures relating to these orders (for example, guarantees for faults) are definitively resolved.
Simple requests for information from our clients are kept until our company has responded, but for a maximum of 12 months.
Article 7 – Security of client data
Our company uses appropriate technical measures and organisation to guarantee, as far as possible, a level of security adapted to the risk regarding data collected.
Data collected is stored in a secure environment. The people with access to this data must respect the confidentiality of this data.
Our company commits to taking measures necessary to ensure that people acting under our authority and who have access to data collected process this data only as per our instructions.
Processing of data collected following an order from an official government body or imposed by a legal requirement is reserved. In such cases, the clients concerned will only be informed if the law or the authority concerned explicitly authorises it.
To ensure the security of client data, our company uses an SSL (Secure Sockets Layer) cryptographic protocol. This is a commonly used protocol for ensuring the security of online communication.
Article 8 – Rights of our clients ragarding thier data
A. Access rights/right to information
Our clients are entitled to be informed by our company, as soon as possible, which data concerning them is processed and how.
B. Right to correction
Our clients are entitled to have our company correct incorrect data about them or complete incomplete data, as soon as possible.
C. Right to deletion (" right to oblivion")
Our clients are entitled to have our company delete data about them as soon as possible.
Our company must delete the data if:
- It is no longer needed for the aims set out in article 4 of this CDPP ;
- The client concerned revokes their consent as per article 3 of this CDPP, and there is no other legal basis for data processing ;
- The client concerned is opposed to the processing of their data, as per article 8, let. G, line 1 of this CDPP and there are no overriding reasons for the processing of this data ;
- The client concerned is opposed to the processing of their data, as per article 8, let. G, line 2 of this CDPP ;
- The data has been subject to wrongful processing ;
- Deletion is necessary to respect a legal obligation.
Cases in which data processing is necessary for the following reasons are exceptions to the above:
- Exercising the right to freedom of expression and information;
- Complying with a legal obligation that requires data processing;
- Public interest, as per the legal provisions on data protection;
- Establishing, exercising or defending legal claims.
D. Right to restrict data processing
Our clients are entitled to have our company restrict processing of their data when:
- The client concerned has contested the precision of the data, for a period permitting our company to check the precision of the data in question;
- In case of wrongful processing, the client concerned does not request deletion of their data but rather restriction of its processing;
- The data is no longer necessary for the aims set out in article 4 of the CDPP, but this data is still necessary for the client concerned for establishing, exercising or defending legal claims;
- The client concerned has opposed the processing of their data as per article 8, let. G, line 1 of the CDPP, for a period permitting our company to check whether the legitimate aims of our company take precedence over those of the client concerned
In case of restriction of data processing, the processing can only take place with the consent of the client concerned, or for establishing, exercising or defending the legal claims of another physical or legal person, or for significant reasons of public interest.
The client concerned will be informed in advance by our company before any lifting of restrictions on processing of their data.
E. Obligation by our company to provide notification in case of correction or deletion of data or of restriction of processing
Our company will inform all recipients concerned (in particular the host) of any correction or deletion of data or in case of restriction of processing, as per article 8, let. B, C and D of this CDPP.
F. Right to data portability
Our clients have the right to retrieve data that they have provided to our company, in a structured format that is commonly used and readable by machine.
Our clients have the right to transmit the data in question to a third party. If it is technically possible, our clients can ask our company to transmit this data directly to the third party.
G. Right to opposition
Our clients can, at any time, for reasons relating to their particular situation, oppose the processing of their data, unless this is outweighed by the interests or freedoms and fundamental rights of the client concerned or for legitimate interests pursued by our company or a third party (Article 3 par. 6, dashes 4 and 5).
Our clients may also oppose the processing of their data using Google Analytics at any time (cf. article 4, letter F of this CDPP).
Article 9 – Applicable law
Swiss legal provisions and, for clients concerned, the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) are also applicable.