Aura Films Sagl (“Company” or “We”) attaches great importance to the privacy of the users of its website and undertakes to respect it within the terms of applicable laws and regulations (Swiss Data Protection Law (“DPL”) and the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Terms used in the present policy follow the wording of the European Council and of the General Data Protection Regulation of the European Union (GDPR).
The Data Controller is Aura Film Sagl, with registered office in Via Biogno 19, 6981 Biogno. E-mail: firstname.lastname@example.org
WHAT DATA WE PROCESS
The personal data that may be processed include the following types of data:
- Personal contact data. This information will only be collected if you wish to contact us and includes any information you provide to the Company to enable us to reply to you, such as your name, mailing address, e-mail address, social network details or telephone number. Depending on the nature of your request, we may also need your professional qualifications, the content of your request or report and any other additional information that the Company may also acquire from third parties during the course of our business.
- User Account Information. If you have registered to access the restricted area of the Company’s Website, we collect your login information (your user name, password and personal information).
- Information obtained from your computer/mobile device. Any information regarding the computer system, or other technological device used to access any of our pages on the Site, or such as the IP (Internet Protocol) address used to connect your computer or device to the Internet, the type of operating system, and the type and version of the search engine. If you access a website or business app through a mobile device, such as a smartphone, the information we collect may also include, if permitted, your phone ID, geo-localisation and other similar data about your mobile device.
WHY WE PROCESS YOUR PERSONAL DATA AND HOW WE USE IT
- Personal contact information. We use your personal information for purposes of communication with you, service to you, including responding to your requests. This usually requires the use of certain personal contact information and information regarding the reason for the user’s request (e.g. problem, production question/complaint, general questions, etc.).
- User account information. It is used to manage connections to any reserved areas of the Site.
- Information coming from computers/mobile devices and related to the use of the Sites / communication tools. In accordance with applicable laws, the Company collects such information exclusively for statistical purposes and anonymously, in order to monitor the operation of the Site and improve its performance.
This type of data is not collected to be associated with other user information or to identify users; however, this information, by its very nature, may allow the Company to identify users through processing and association with data held by third parties. Navigation data are normally deleted as a result of their anonymous processing, but may be saved and used by the Company to detect and identify the perpetrators of any computer fraud committed against the Site or using the Site itself.
The navigation data described above are saved only temporarily, as otherwise indicated in this statement.
For legal purposes. The Company processes the user’s personal data (even without his/her prior consent) in the case of/per:
- Legal and regulatory obligations (legal basis: Article 6.1.c of the GDPR);
- Request from the competent authorities in criminal matters (legal basis: Article 6.1.c of the GDPR);
- Protecting the rights of the user in judicial proceedings (legal basis: Articles 6.1.c and 9.2.f of the GDPR);
- The protection of another legitimate interest of the company or a third party (legal basis: Article 6.1.c of the GDPR);
- The performance of a contract concluded with the user. This also applies to the processing procedures necessary for the implementation of pre-contractual measures (legal basis: Article 6(1)(b) of the GDPR);
All user data are processed by automated and electronic means to ensure maximum security and confidentiality.
NECESSARY AND OPTIONAL PROCESSING OPERATIONS
Any form to be filled-in on this Site, only requires the provision of such personal data strictly necessary for the management of communications and requests related to our activity through the Site itself. These data are marked with an asterisk [*]. In the event that the user does not wish to provide them, we will not be able to manage their communication/request.
On the contrary, the forms may also give the possibility to provide personal data not strictly necessary for the management of user requests: the provision of this type of data is optional and has no consequences.
CONNECTION TO OTHER INTERNET SITES
HOW WE STORE DATA AND FOR HOW LONG
Pursuant to Article 5.1.c GDPR, the information systems and computer programs used by the Company are configured to minimize the use of personal data.
HOW WE ENSURE SECURITY AND QUALITY OF PERSONAL DATA
The Company is committed to protecting the security of your personal data and complies with the security provisions of the applicable legislation, in order to prevent any loss of data, unlawful or unlawful use of data, or any unauthorized access to data, with particular reference – but not exclusively – to Articles 25-32 GDPR.
The Company uses multiple technologies and advanced security procedures to help protect your personal data; for example, personal data is stored on secure servers located on sites with secure and controlled access. You can help the Company to update and maintain your personal information by notifying us of any change of address, qualification, etc..
WHO CAN ACCESS THE DATA
People belonging to the following categories are authorized to process your data:
- technical and administrative staff;
- IT technicians;
- managers and other employees who have to process the data as part of their duties.
TRANSFER OF PERSONAL DATA TO THIRD PARTIES
The data may also be communicated, in countries outside Switzerland or the EU (“third countries”), to other companies with which the Company operates and collaborates for the same purposes and/or for administrative-accounting purposes, pursuant to Article 6.1.f. and Recital 48 of the GDPR.
In addition, the data may be communicated, even in third countries, to:
- institutions, authorities and public bodies for institutional purposes;
- professionals, independent consultants – alone or in partnership – and other third parties and service providers who provide the Data Controller with commercial, professional or technical services necessary for the operation of the Site (e.g. provision of IT and Cloud Computing services), in order to achieve the above objectives and to support the Data Controller in providing the services requested;
- third parties in the event of mergers, acquisitions, disposals of companies or business units, audits or other extraordinary operations;
The aforementioned recipients will only receive the Data necessary for their respective functions and must process it exclusively for the purposes indicated above and in compliance with the applicable privacy regulations.
The Data may also be communicated to other legitimate recipients pursuant to applicable law.
With the exception of the foregoing, the Data will not be disclosed to third parties, whether natural or legal persons, who do not carry out any commercial, professional or technical activity for the Data Controller and will not be disclosed.
The subjects who receive the Data will treat them, where applicable, as Owners, Managers or Persons in Charge of the treatment for the purposes indicated above and in strict compliance with the applicable privacy regulations.
In the event of the transfer of Data outside Switzerland or the EU, even in countries that may not guarantee the same level of protection under Swiss or European legislation, the Data Controller informs that the transfer will in any case be carried out in accordance with the procedures authorised by the GDPR, for example :
- depending on the user’s consent,
- the adoption of Standard Clauses approved by the European Commission, by selecting third parties participating in international programmes for the free movement of Data (e.g. EU-USA Privacy Shield) or
- operating in countries considered safe by Switzerland and/or the European Commission.
At any time, as long as the required conditions are met, the user can exercise the rights he has, in particular those referred to in Articles 15 to 22 of the GDPR, that is:
- the right to receive confirmation of the existence of personal data concerning him;
- the right to control the content, origin, truthfulness, place (even with respect to third countries);
- the right to request a copy;
- the right to request rectification;
- the right to reject the use for direct marketing purposes (in general or only for certain means of communication or actions);
- the right to reject the use for direct contact purposes;
- the right to request data cancellation;
- the right to limit data processing;
- the right to request data transfer.
Can consent be revoked at any time (however, this does not affect the legitimacy of the processing prior to revocation of consent) and/or can you always report your observations on specific uses of data in relation to particular personal situations that you consider incorrect or unjustified or submit a complaint to the Guarantor Authority for Data Protection?
The user may at any time contact the Data Controller (email@example.com) for any complaints relating to the processing of his personal data by the Company, to exercise his rights and to obtain an updated list of the people who have access to his data.
The user will also have the right to lodge a complaint with the Data Protection Authority, or the Federal Data Protection and Transparency Commissioner in Switzerland.
The last update was made on July 31, 2019.
We therefore encourage you to visit this page regularly to ensure that you are aware of any changes.
Aura Film Sagl, Via Biogno 19, 6981 Biogno – firstname.lastname@example.org