Privacy Policy
Eviosys Packaging Switzerland operates the website eviosys.com, on its own behalf and on behalf of its affiliated companies. Eviosys Packaging Switzerland GmbH is responsible for collecting, processing and using your personal data in compliance with the applicable data protection laws.
Your trust is important to us, which is why we take the protection of data seriously and ensure appropriate security. We observe the statutory provisions of the Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (OFADP), the Telecommunications Act (TCA) and other applicable data protection provisions of Swiss and international law, in particular where applicable EU law.
In this privacy policy, we inform about what personal data we collect from you and for what purposes we use it.
The contact details of our data protection officer are: Laurent Watteaux, privacy@eviosys.com.
Data processing in connection with our contacts at customers and suppliers
What data do we collect in connection with our contacts at customers and suppliers?
We currently collect and process the following information:
- Contact persons at customers: first name, last name, contact details;
- Contact persons at suppliers: first name, last name, contact details.
Most of the personal information we process is provided to us directly by you and/or your company (except if indicated otherwise below) for one of the following reasons:
- Contact at customers: data required for the purposes of managing customer orders and records (e.g., deliveries, invoicing, customer service, management of claims, processing of accounts);
- Contact at suppliers: data required for the purposes or managing orders (deliveries, payment of invoices, etc.);
Your data will not be used for automated decision-making.
The recipients of the data are: internal finance, logistics, shared services centre and sales departments. Other group entities may also have access to the data.
We may also disclose your data if required by law.
Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information is contractual obligation.
Data processing in connection with job applicants
What data do we collect in connection with job applicants?
We currently collect and process the following information: first name, last name, age, citizenship (and/or whether the applicant possesses a work permit or resides in the EEA), picture (if this data was provided), contact details, credentials (education and professional experiences, personal data (hobbies and interests), publicly available data found on the internet through digital assessment (social media presence).
Most of the personal information we process is provided to us directly by you (except if indicated otherwise below) for one of the following reasons: data obtained from you and/or from recruiting agencies to assess and evaluate candidacies.
Your data will not be used for automated decision-making.
The recipients of the data are: HR and the potential hiring managers, service providers that assist us with the recruitment process, Success Factors which manages our applicant’s candidacies.
We may also disclose your data if required by law.
Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information is pre-contractual obligation and our legitimate interests (to fulfil available positions) (we may also rely on your consent for certain specific data such as your picture, in which case you may withdraw your consent at any time).
Data processing in connection with our website
What data do we collect when you visit our website?
When you visit our website, our servers temporarily store each access in a log file. The following technical data is collected without your intervention and stored by us until automated deletion, as in principle with every connection to a web server:
- the IP address of the requesting computer,
- the operating system of your computer,
- the browser you are using (type, version and language),
- name of the IP address range,
- the date and time of the server request,
- the web page from which access was made (referrer URL), possibly with the search terms used, and
- the status code (for example, error message, debug information).
The collection and processing of these data are carried out for the purpose of enabling the use of our website (establishing a connection), ensuring system security and stability over the long term and optimising our internet presence as well as for internal statistical purposes. It is within our legitimate interest to process such data to offer you a well-functioning website.
The IP address will also be used together with the other data in the event of attacks on the network infrastructure or other unauthorised or abusive use of the website to identify offenders in connection with civil or criminal proceedings. The processing of this data is in our legitimate interest to track your visit to our website and to improve the website accordingly.
What data do we collect when you use our contact form?
You can use our email address or the contact form on the website to get in touch with us. For this we need the following information:
- first name and last name,
- e-mail address, and
- your message.
We only use these data as well as any additional information voluntarily provided by you (e.g. telephone number, company name) in order to answer your contact enquiry in the best possible and personalised way or as far as necessary for the establishment, execution or termination of a contract or for the execution of pre-contractual measures with you. The processing of this data is in our legitimate interest.
What data do we collect when you subscribe to our newsletter?
You can subscribe to our newsletter in order to be informed about news and current offers. For this we need the following information:
- e-mail address
We will send you our newsletter based on your consent. In order for you to subscribe to our newsletter, we use a “double-opt-in” in order to ensure you are the owner of the email address entered. We only use this data for the delivery of our newsletter if you have agreed to receive it.
To send you our newsletter in a professional manner, we use the services of Sarbacane (Mailify), Parc d’activités des 4 vents, 3 avenue Antoine Pinay, 59510 Hem, France. The infrastructure used by Sarbacane in processing personal data is located in the EU. For more information, please refer to the privacy policy of Sarbacane. We also use the services of The Rocket Science Group LLC d/b/a Mailchimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. For further information please refer to the privacy policy of Mailchimp and see section 9 “Is the same protection provided when data is transferred to the USA?” below.
You can unsubscribe from our newsletter at any time via a link in each respective e-mail. You can also send us a message to privacy@eviosys.com so that we can delete you from our mailing list.
What are cookies? Do we need cookies?
Cookies help in many ways to make your visit to our website easier, more enjoyable and more meaningful. Cookies are information files that your web browser automatically saves on your computer’s hard drive when you visit our website. In particular, we use the following cookies:
- technically necessary cookies,
- performance cookies, and
- functional cookies.
Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears when you receive a new cookie.
Disabling cookies may prevent you from using all features of our website.
Do we use tracking tools?
-
- What are tracking tools?
We use the web analysis service of Google Analytics for the purpose of designing and continuously optimising our website to meet your needs. In this context, pseudonymised user profiles are created and small text files stored on your computer (“cookies”) are used. The information generated by the cookies about your use of our website is transferred to the servers of the provider of these services, stored there and processed for us. In addition to the data listed in section 1, we may receive the following information:
- navigation path of a visitor to the website,
- time spent on the website or a subpage,
- the subpage on which the website is left,
- the country, region or city from which access is made,
- the device (type, version, colour depth, resolution, width and height of the browser window), and
- if you are a recurring or new visitor.
The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the internet for purposes of market research and need-based design of this website. In addition, this information may be transferred to third parties if this is required by law or if third parties process this data on our behalf.
- What is Google Analytics?
The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. Before the data collected on this website within the European Union or in a state that is part of the European Economic Area is transmitted to the provider, the IP address is shortened by activating IP anonymisation (“anonymizeIP”). The anonymous IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. In such cases, we provide contractual warranties to ensure that Google Inc. maintains an adequate level of data protection. According to Google Inc., under no circumstances will the IP address be associated with other data relating to you.
Further information about the web analysis service used can be found on the Google Analytics website. Instructions on how to prevent your data from being processed by the web analysis service can be found at http://tools.google.com/dlpage/gaoptout?hl=en.
How long will my data be kept?
We only store personal data for as long as is necessary for the above described uses and further processing in the context of our legitimate interest. Contract data is stored by us for a longer period of time, as this is prescribed by statutory obligations. Obligations to store data may arise out of accounting law, civil law and tax law. According to these laws, business communication, concluded contracts and accounting vouchers must be stored for up to 10 years. If we no longer need this data to carry out the services for you, the data will be blocked. This means that the data may then only be used for accounting and tax purposes.
We keep job applicants’ information no longer than necessary for the purposes of managing your candidacy, and for a maximum period of six months after our last contact.
Will my data be disclosed to other third parties?
Your personal data will not be sold, distributed, transferred to third parties for payment or used commercially in any other way. We only disclose your personal data to other third parties if you have expressly consented, if there is a legal obligation to do so or if this is necessary to enforce our rights, in particular, to enforce claims arising from the contractual relationship. In addition, we disclose your data to third parties insofar as this is necessary for the use of the website and the execution of contracts (also outside the website).
- Where is our web host?
Our website is hosted on servers in the European Economic Area. The data is stored in a sealed, certified data centre on secure computers. The data is stored in encrypted form as far as possible. We regularly review our security policies and procedures to ensure the security of our systems. However, the transmission of data via the Internet does not guarantee 100% security of the data transmitted to our website.
- Links and social plug-ins
We have embedded links on our website to the websites of some of our partners and to other relevant websites. If you access such links from our website it may be that data is disclosed to the owner of the website that you are accessing.
In addition, we also use social plug-ins, such as LinkedIn. We offer you the possibility to directly share content of our website by clicking on the respective button on the website. We cannot influence the processing of data by these social media platforms. Therefore, we recommend that you check their respective privacy policies before accessing them.
- What happens when using Google Maps on our website
We use the product of Google Maps Inc. By using our website and accessing services provided by Google Maps you agree to the collection, processing and use of automated data by Google Inc., its agents and third parties.
The Terms and Conditions of Google Maps can be found at https://www.google.com/intl/e/help/terms_maps.html.
- What happens when watching a YouTube video?
We embed YouTube videos on our website. YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA is the operator of such plugins. When you watch a YouTube video on our website, a connection to YouTube servers is established. This will tell YouTube which video you have been watching. If you have a YouTube account and are logged in, YouTube may personally associate your browsing behaviour with you. You can prevent this by logging out of your YouTube account beforehand. For more detailed information about how YouTube may process your data and your setting options, please, check the privacy policy of YouTube.
The processing of your data in connection with YouTube is based on your consent.
Do we transfer personal data abroad?
We are entitled to transfer your personal data to third parties (contracted service providers) abroad for the purpose of the data processing described in this privacy policy. These are bound to protect data to the same extent as we are. If the level of data protection in a country does not correspond to that in Switzerland or the EU, we will contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times.
Is the same protection provided when data is transferred to the USA?
Some of the third-party service providers mentioned in this Privacy Policy are based in the USA.
For users residing or domiciled in Switzerland, we would like to point out that in the USA there are surveillance measures by US authorities which generally allow them to gain access to all personal data that has been transferred from Switzerland to the USA. This is done without differentiation, limitation or exception based on the objective pursued and without any objective criterion that would allow limiting the access to the data and subsequent use thereof by US authorities to very specific, strictly limited purposes that could justify the interference associated both with access to and use of such data. In addition, we would like to point out that in the USA there are no legal remedies available for the persons concerned from Switzerland that would allow them to gain access to the data concerning them and to obtain its correction or deletion, or that there is no effective legal protection against general access rights of US authorities. We explicitly draw your attention to this legal and factual situation in order to enable an informed decision to consent to the use of your data.
For users residing in an EU member state, we would like to point out to that, from the point of view of the European Union, the USA does not have an adequate level of data protection, partly due to the issues mentioned in this section. Insofar as we have explained in this privacy statement that recipients of data (such as Google) are based in the USA, we will ensure that your data is protected at an appropriate level by our service providers through contractual arrangements with these companies (Standard Contractual Clauses in particular).
Anything else you need to know?
You have a right of access, rectification, deletion and limitation of the processing as well as of data transferability
You have a right to request information about the personal data that we store about you. In addition, you have a right to correct incorrect data and a right to request deletion of your personal data, insofar as there is no legal obligation to retain such data and no legal basis for further processing the existing data.
You also have a right to request the data that you have provided to us (right to data portability). Upon request, we will transfer your data to a third party of your choice. You have a right to receive the data in a common file format.
You can contact us for the aforementioned purposes via the e-mail address privacy@eviosys.com. In order to process your requests, we may request proof of your identity.
In many countries, you also have the right to file a complaint with the relevant data protection authority if you have concerns about how we process your data.
These rights depend on the applicable data protection legislation and may be either more limited or more comprehensive.
Is your data safe with us?
We use suitable technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share your computer, tablet or smartphone with others.
We also care about data protection internally. Our employees and the service providers are contractually obliged to ensure confidentiality of personal data and compliance with applicable data protection laws.
Can you complain about us?
You have the right to complain to a data protection supervisory authority at any time.
Which law do we apply? And where does the law apply?
This privacy policy and the contracts concluded on the basis of or in connection with this policy are subject to Swiss law, unless the law of another country is mandatory. The place of jurisdiction shall be the registered office of Eviosys Packaging Switzerland GmbH, unless another place of jurisdiction is mandatory.
Can this policy be amended?
Should individual parts of this privacy policy be invalid, this shall not affect the validity of the rest of the privacy policy. The invalid part of this privacy policy shall be replaced in such a way that it comes as close as possible to the economically intended purpose of the invalid part.
Due to the further development of our website and offers or changes to the statutory requirements, it may become necessary to amend this privacy policy. The most current privacy policy is published on our website.
Questions about data protection? Please, contact us!
This page was last modified on 3 February 2022. If you have any questions or comments about our legal notices or data protection, please contact us at privacy@eviosys.com.