IBSA Institut Biochimique SA has always paid the utmost attention to the confidentiality, protection and security of the information in its possession, even more if it relates to the personal data of its customers and the parties they come into contact with.
The purpose of this Policy is to describe the procedures used for the processing of the personal data of the users and visitors of this website, which can be reached at the following address www.ibsagroup.com.
Regulatory framework – This communication is provided in accordance with the Federal Act on Data Protection (FADP) and with the Regulation EU 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Data Controller – IBSA Institut Biochimique SA - Via Pian Scairolo 49, 6912 Pazzallo, Switzerland, (below also the “Controller”).
Redirect to external websites – From the website other third-party websites can be accessed using links provided for this purpose. The Controller does not accept any responsibility or liability in relation to the handling of personal data by third-party websites and regarding the management of authentication credentials provided by third parties.
Purposes – This website performs the function of providing information about the activities carried out by the Controller.
The website may contain sections where the user may be required to provide their personal data, such as the "Contacts" section. In these sections, specific privacy Information notices will be available with the specified purposes and, where applicable, the collect collection points.
Legal basis of data processing - The above mentioned privacy Information notice contains the legal basis for the processing of personal data.
Consent to the processing of the data – If necessary, pursuant to art. 6, par. 7 of the FADP and to art. 6.1 lett. a) of Regulation (EU) 2016/679, the visitor is asked to freely express his or her consent to authorize the collection of data, their subsequent use and storage.
Browsing data or metadata – The information technology systems and software procedures used for this website acquire some traces or metadata (considered personal data), during their normal operation, whose transmission is implicit in the use of Internet communication protocols. The acquisition of this information (which is also called “passive” for this reason) can take place even if you are not registered for the services and without you playing an active role.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
- check the correct operation of the services offered.
These data may be used to determine responsibility in the event of hypothetical computer crimes against the website or on request from the public authorities.
Social media - The personal data of the visitor's profile on IBSA's social pages and all related data are used to follow up on requests or messages, if necessary.
Only for professional contact the above mentioned personal data may become part of our data base, in order to be re-contacted, stay updated on our news in terms of products/services and on our participation to the fairs and events.
Processing methods – The processing of personal data is carried out using electronic procedures and media.
Storage of personal data – The Personal data are kept for the time strictly necessary to achieve the purposes for which the data were collected and processed and in any case in compliance with your rights and in compliance with the provisions of the law.
The data collected in specific sections of the site are stored according to the timing indicated in the Information notice in the reference section.
Optional provision of data – The provision of personal data requested from the data subject is optional, unless otherwise specified. However, failure to provide the data may result in the inability to obtain what is requested or to perform the activity indicated.
Place where the data is processed – The processing associated with the web services of this website takes place at Tinext SA, Viale Serfontana 7, 6834 – Morbio Inferiore – Switzerland.
Scope of circulation of the personal data – Unless otherwise stated in the specific Information notices, the personal data acquired through this website are only accessed by persons acting on behalf of the Controller, specifically designated as data processors or persons in charge and responsible for managing the requested service.
Dissemination of the personal data acquired by the site – The personal data acquired by the site are not disclosed to unspecified recipients.
Data flows abroad – The aforementioned personal data, solely for the purposes described in the "Purpose" paragraph, may be communicated and / or transferred to third parties operating in other countries – either in the EU countries or outside EU - with the implementation of appropriate safety measures to ensure data protection and data transfer security.
Data Processors – The updated list of the data processors and the group’s affiliates is available by sending a request to firstname.lastname@example.org.
Data Protection Officer – The Controller uses a Data Protection Officer (also know as DPO). The DPO can be contacted via the following communication channel: email@example.com.
Personal data protection rights – In relation to the processing of personal data, the data subject can obtain, at any time, confirmation of the existence or otherwise of that data held by the Controller and information about its content and origin. The data subject can also request the supplementation or correction of the data or, in the cases provided for by law, the portability, restriction of processing, and erasure of the data processed, in addition to objecting to the processing of the personal data, on legitimate grounds. The data subject can also obtain the updated list of the Data Processors on request. The data subject also has the right to lodge a complaint with the Personal Data Protection Authority if they consider that their rights have not been respected or that they have not received a response to their requests in accordance with the law.
How to exercise your rights – You can exercise your rights by contacting firstname.lastname@example.org.
Amendments to the policy – The entry into force of new sector regulations, as well as the ongoing review and updating of user services, may result in the need for changes in how your personal data is processed. This policy may therefore change over time, so we recommend you check this page periodically. To this end, the policy document states the date it was last updated.
Drafting Date: 23/05/2018
Last Update: 19/09/2023