1 Data protection declaration
The 3D TECHNOPACK Group Website (referred to hereinafter as “3D TECHNOPACK”) is governed by Swiss data privacy laws, in particular according to the Federal Act on Data Protection (FADP) and any applicable foreign data privacy laws such as the General Data Protection Declaration (GDPR) of the European Union (EU). The EU acknowledges that the Swiss data privacy laws guarantee an appropriate level of data protection.
Access to our Website is provided by means of transport encryption (SSL/TLS).
We are delighted that you have expressed an interest in our firm. Data protection is particularly important to us. The 3D TECHNOPACK Website may in principle be used without any indication of personal data. However, if an individual wishes to avail of the services offered by our firm via our Website, it may be necessary to process personal data. If the processing of personal data is necessary and no legal basis is provided for the said processing, we will generally request the approval of the data subject.
The processing of personal data such as the name, address, email address or telephone number of the data subject is carried out in accordance with the statutory data protection provisions. Our firm wishes to inform the public by means of this data protection declaration about the nature, scope and purpose of the personal data that we record, use and process. The data subjects will also be informed about their rights by means of this data protection declaration.
As the data controller, 3D TECHNOPACK has implemented various technical and organizational measures in order to guarantee complete protection of the personal data processed via this Website as far as possible. However, Internet based data transfers may present security flaws, which means that absolute protection cannot be guaranteed. Therefore, each data subject will have the right to transmit personal data to us by alternative means, for example by telephone.
The data protection declaration drawn up by 3D TECHNOPACK is based on the concepts used by European legislators and regulators when issuing the General Data Protection Declaration (GDPR). Our data protection declaration is intended to be clear and easy to understand both for the public and for our customers and business partners. In order to guarantee this, we would like to explain the concepts used at the outset.
We use the following concepts among others in this data protection declaration:
a) Personal data
Personal data is all information which relates to an identified or identifiable individual (referred to hereinafter as the “data subject”). An individual is considered to be identifiable if they can be identified directly or indirectly, in particular by means of association with identifying information such as a name, a reference number, location data, an on-line reference or one or more specific characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of this individual.
b) Data subject
A data subject is any identified or identifiable individual whose personal data is processed by the responsible party.
Processing is any procedure carried out with or without the help of automated processes or any such series of procedures relating to personal data such as collection, recording, organization, ordering, storing, adaptation, amendment, reading, retrieval, use, disclosure by means of transmission, circulation or any other form of provision, comparison, linking, limitation, deletion or destruction.
d) Limitation of processing
The limitation of processing is the marking of saved personal data with the aim of limiting its processing in the future.
Profiling is any kind of automated processing of personal data which consists of this personal data being used to evaluate specific personal aspects concerning an individual, and in particular to analyze or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behavior, residence or relocation of this individual.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be associated with a specific individual without additional information, insofar as this additional information is kept separately and is subject to technical and organizational measures which guarantee that the personal data cannot be associated with an identified or identifiable individual.
g) Data controller
The data controller is a natural or legal entity, authority, facility or other body which makes decisions concerning the processing of personal data either independently or in cooperation with other parties.
The processor is a natural or legal entity, authority, facility or other body which processes personal data on behalf of the data controller.
A recipient is a natural or legal entity, authority, facility or other body which has been provided with personal data which may or may not be a third party.
j) Third party
A third party is a natural or legal entity, authority, facility or other body apart from the data subject, the data controller, the processor and individuals authorized under the direct responsibility of the data controller or processor to process personal data.
Consent is any statement of intent provided on a voluntary basis by the data subject for the specific case involved in an informed, unambiguous manner in the form of a declaration or other clear, affirmative act whereby the data subject states that they agree to the processing of their personal data.
3 Name and address of the data controller
Requests presented by supervisory authorities or data subjects to the data controller are generally sent by email but may also be sent by post:
Head office in India
Subsidiary in France
4 Information that you provide to us
This is information about you that you provide to us by:
Completing forms on our Website (or other forms that we ask you to complete),
Presenting a business card (or similar),
Corresponding with us by telephone, post, email or any other means.
This information may include, for example, your name, address, email address and telephone number, information on your business relationship with us and information on your professional role, background and interests.
5 Other information
We may also obtain certain information from other sources. For example:
If we have a business relationship with the organization that you represent, your colleagues or other business contacts may provide us with information about you such as your contact data or details of your role in the business relationship.
We sometimes collect information from external providers or publicly accessible sources on the combating of money laundering, background controls and similar purposes in order to protect our business and comply with our statutory and regulatory obligations.
By using cookies and Web beacons, we are able to provide users of this Website user-friendly services which would not be possible without the cookie setting.
The data subject may prevent the setting of cookies by our Website at any time by means of the corresponding settings in their Internet browser and may permanently block cookie settings in this way. Cookies which have already been set may also be deleted at any time via an Internet browser or other software program. Web beacons may be blocked at any time in the Internet browser settings or with corresponding browser extensions. This is possible with all the common Internet browsers. If the data subject deactivates the cookie settings and blocks Web beacons, it is possible that not all the functions of our Website will be fully usable.
7 Recording of general data and information
The 3D TECHNOPACK Website records a series of general data and information each time it is accessed by an individual or automated system. This general data and information is stored in a log file on the server. The following information may be recorded: (1) browser type and versions used, (2) the operating system used by the accessing system, (3) the Website from which an accessing system arrives at our Website (so-called referred), (4) the sub-Websites which are controlled by an accessing system on our Website, (5) the data and time of Website access, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information which may avert danger in the event of attacks on our IT systems.
3D TECHNOPACK does not draw any conclusions concerning the data subject in the context of the use of this general data and information. This information is used instead to (1) present the content of our Website accurately, (2) optimize the content of our Website and associated advertising, (3) guarantee the long-term functional capability of our IT systems and Website technology and (4) provide the law enforcement agencies with the necessary information for criminal proceedings in the event of a cyber-attack. This anonymously recorded data and information is evaluated statistically by 3D TECHNOPACK in order to enhance data protection and security within our firm and to guarantee an optimum level of protection for the personal data that we process. The anonymous data in the server log files is stored separately from all the personal data provided by any data subject.
8 Registering on our Website
The data subject has the option of registering on the data controller’s Website by entering personal data in the tube catalogue for enquiries, sample orders or quotations. The personal data to be provided to the data controller is determined from the input mask used for the registration. The data processor used for that specific application is bubble.io and postmarkapp.com. The personal data entered by the data subject will be recorded and filed exclusively for internal use by the data controller and for the purposes of the latter. The data controller may allow for the transmission of personal data to one or more processors, for example a parcel service provider, who will also use the personal data exclusively for internal purposes, for which the data controller will be responsible.
By registering on the data controller’s Website, the IP address, date and time of registration entered by the Internet service provider (ISP) of the data subject will also be saved. This data is saved so as to ensure that this is the only way of preventing the abuse of our services and may be used, if necessary, to clarify any criminal acts which have been committed. In this respect, it is necessary to save this data for the protection of the data controller. This data may not in principle be transmitted to third parties unless there is a statutory obligation to do to or this transmission is carried out in the context of criminal proceedings.
The registration of the data subject including their voluntary provision of personal data enables the data controller to offer the individual content or services which can only be offered to registered users due to the nature of the matter at hand. Registered individuals have the option of amending the personal data provided at the time of registration at any time or deleting it completely from the data controller’s database.
The data controller will provide all data subjects at any time upon request with information as to which of their personal data has been saved. Furthermore, the data controller may delete personal data at the request or indication of the data subject provided that no statutory retention obligations exist to prevent this. All the data controller’s employees will remain available in this context as contact partners for the data subject.
Further information on the data protection of our data processors can be found here
Bubble GDPR Intro Guide – Bubble Blog
EU Data Protection | Postmark (postmarkapp.com)
9 Subscribing to our newsletter
Users of the 3D TECHNOPACK Website will be offered the possibility of subscribing to the different newsletters issued by our firm. The personal data to be provided to the data controller when signing up for the newsletter is determined from the input mask used in this context.
3D TECHNOPACK will keep its customers, business partners and representatives informed on a regular basis via the newsletter of any offers provided by the firm and any other operational details. Our firm’s newsletters can in principle only be received by the data subject if (1) the individual possesses a valid email address and (2) the individual has signed up to receive the newsletter. A confirmation email will be sent as part of the double opt-in procedure for legal reasons to the email address first entered by the data subject in order to receive the newsletter. This confirmation email is used to determine whether the owner of the email address has authorized receipt of the newsletter as a data subject.
When an individual signs up for a newsletter, we also save the IP address provided by the Internet service provider (ISP) for the computer system used at the time of registration by the data subject as well as the date and time of registration. It is necessary to register this data in order to trace the (potential) misuse of an individual’s email address at a later point and this registration therefore provides legal protection for the data controller.
The personal data recorded when subscribing to the newsletter will only be used for the purpose of sending our newsletter. Moreover, subscribers to the newsletter may be informed by email if this is necessary for the operation of the newsletter services or an associated registration as is the case if a newsletter offer is amended or the technical circumstances surrounding the case are altered. The personal data recorded within the framework of the newsletter services will not be passed on to third parties. The subscription to our newsletter may be cancelled at any time by the data subject. Consent to the storage of personal data provided by the data subject for the purpose of sending the newsletter may be revoked at any time. A corresponding link is provided in each newsletter which can be used to revoke this consent. There is also an option to unsubscribe from the newsletter at any time directly via the contact form on the data controller’s Website or to notify the data controller by alternative means.
All newsletters will be sent by 3D TECHNOPACK. This procedure is carried out via the “Wix” service provider whose data protection declaration can be downloaded here.
10 Newsletter tracking
The 3D TECHNOPACK newsletters contain so-called Web beacons. A Web beacon is a miniature graphic image which is embedded in emails which are sent in HTML format to make log file recording and analysis possible. This allows for the statistical evaluation of the success or failure of on-line marketing campaigns. Thanks to the embedded Web beacons, 3D TECHNOPACK is able to determine whether and when an email has been opened by a data subject and which links have been activated by the individual in the email.
The personal data recorded by means of the Web beacons contained in the newsletters is saved and evaluated by the data controller in order to optimize the sending of newsletters and adapt the content of future newsletters more effectively to the interests of the data subjects. This personal data is not passed on to third parties. The data subjects are authorized to revoke the associated declaration of consent granted by means of the double opt-in procedure at any time. The data controller will delete this personal data following revocation. 3D TECHNOPACK will automatically interpret the suspension of receipt of the newsletter as revocation.
11 Contact possibilities via the Website
In accordance with the legal requirements, the 3D TECHNOPACK Website contains information which allows rapid electronic contact to be established with our firm and direct communication to be made with us, which also comprises a general email address. If a data subject makes contact with the data controller by email or via a contact form, the personal data transmitted by the individual will be automatically saved. This personal data transmitted on a voluntary basis by a data subject to the data controller will be saved for processing purposes or in order to make contact with the individual. This personal data will not be passed on to third parties.
12 Use of Google Analytics
13 Use of social plug-ins
Our Website uses the functions of the LinkedIn network. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
A connection with the LinkedIn servers is created every time one of our pages containing LinkedIn functions is called up. LinkedIn is notified that you have visited one of our pages via its IP address. If you click on the “Recommend Button” on LinkedIn and are logged into your LinkedIn account, LinkedIn is able to correlate your visit to our Website with you and your user account. We should point out that, as a site provider, we are not aware of the content of the data transmitted or how it is used by LinkedIn.
Further information can be found in the LinkedIn data protection declaration available at: https://www.linkedin.com/legal/privacy-policy.
b) Google Maps (Website)
This Website uses the Google Maps product provided by Google Inc. By using this Website, you declare that you agree to the collection, processing and use of the data which is automatically collected by Google Inc, its representatives and third parties.
Google may publish summarized statistics concerning the user’s activities or may pass this information on to users and partners such as publishers, advertisers or associated Websites.
15 Routine deletion and blocking of personal data
The data controller only processes and stores personal data relating to the data subject for the length of time required for storage purposes or if this is provided for by European legislators and regulators or another legislative body in laws or regulations by which the data controller is bound.
In the absence of a storage purpose or upon expiry of a storage period provided for by European legislators and regulators or another legislative body, personal data is routinely blocked or deleted according to the statutory regulations.
14 Rights of data subjects
If you wish to avail of one of the following rights, please contact us as specified in section 3.
You can also present complaints concerning our processing of your personal data to the Federal Data Protection and Information Commissioner (FDPIC), www.edoeb.admin.ch).
a) Right to obtain confirmation
All data subjects have the right, granted by the Swiss legislative body or European legislators and regulators, to request confirmation from the data controller as to whether personal data concerning them is being processed. If the data subject wishes to make us of this right to confirmation, he/she may contact our data protection officer at any time.
b) Right to information
All data subjects concerned by the processing of personal data are granted the right by the Swiss legislative body or European legislators and regulators to obtain free information at any time from the data controller concerning their stored personal data together with a copy of this information. The European legislators and regulators will also provide the data subject with information on the following:
The processing purposes
The categories of personal data to be processed
The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular in the case of recipients in third countries or international organizations
If possible, the planned length of time during which the personal data will be stored or, if this is not possible, the criteria for determining this duration
The existence of a right to correct or delete personal data or to limit processing by the data protection officer or a right to object to this processing
The existence of a right to lodge a complaint with a supervisory authority
If the personal data was not recorded by the data subject: All available information concerning the source of the data
The existence of automated decision-making including profiling according to Article 22 para. 1 and 4 of the GDPR and (at least in these cases) significant information concerning the logic and scope of the desired effects of this processing for the data subject
The data subject also has the right to be informed whether personal data will be transmitted to a third country or an international organization. If this is the case, the data subject will also have the right to obtain information concerning suitable guarantees associated with this transmission.
If a data subject wishes to avail of this right to information, he/she may contact our data protection officer at any time.
c) Right of rectification
All data subjects concerned by the processing of personal data are granted the right by the Swiss legislative body or European legislators and regulators to request the immediate rectification of incorrect personal data that concerns them. The data subject also has the right to request the completion of incomplete personal data, taking the processing purposes into account, including by means of complementary declaration.
If a data subject wishes to avail of this right of rectification, he/she may contact our data protection officer at any time.
d) Right of deletion (right to be forgotten)
All data subjects concerned by the processing of personal data are granted the right by European legislators and regulators to request that the data controller deletes personal data that concerns them immediately if one of the following grounds applies and if processing is not necessary:
The personal data has been collected other otherwise processed for purposes which are no longer required.
The data subject revokes his/her consent on which processing according to Article 6 para. 1 a) of the GDPR or Article 9 para. 2 a) GDPR was based and no alternative legal basis exists for processing.
The data subject objects to processing according to Article 21 para. 1 of the GDPR and no overriding legitimate grounds exist for processing or the data subject objects to processing according to Article 21 para. 2 of the GDPR.
The personal data has been processed unlawfully.
The deletion of personal data is required for the fulfilment of a statutory obligation under EU law or the law of the member states by which the data controller is bound.
The personal data was collected in relation to information society services offered according to Article 8 para. 1 of the GDPR.
If one of the above-mentioned grounds applies and a data subject wishes to delete personal data stored by 3D TECHNOPACK, he/she may contact our data protection officer at any time.
If personal data has been made public by 3D TECHNOPACK and our firm is obliged to delete personal data accorder in its capacity as data controller according to Article 17 para. 1 of the GDPR, 3D TECHNOPACK will take appropriate steps, including those of a technical nature taking into account the technology available and implementation costs, in order to notify other data controllers who process the publicized personal information that the data subject has requested that these other data controllers delete all links to this personal data or copies or duplicates of this personal data insofar as processing is not required. Our data protection officer will take the necessary steps in individual cases.
e) Right to limit processing
All data subjects concerned by the processing of personal data are granted the right by European legislators and regulators to request that the data controller limits processing if one of the following circumstances applies:
The accuracy of the personal data is disputed by the data subject for a period of time which enables the data controller to verify said accuracy.
Processing is unlawful, the data subject declines the deletion of the personal data and instead requests that its use be limited.
The data controller no longer requires the personal data for processing purposes but the data subject requires the data in order to present, assert or defend legal claims.
The data subject has presented an objection against processing according to Article 21 para 1 of the GDPR and it is not yet clear as to whether the legitimate grounds presented by the data controller outweigh those of the data subject.
If one of the above-mentioned circumstances applies and a data subject wishes to request the limitation of personal data stored by 3D TECHNOPACK, he/she may contact our data protection officer at any time.
f) Right to data portability
All data subjects concerned by the processing of personal data are granted the right by European legislators and regulators to receive the personal data that concerns them, which has been provided by the data subject to the data controller, in a structured, current, machine-readable format. They also have the right to pass on this data to another data controller without restriction by the data controller to whom the personal data was provided insofar as processing is based on consent according to Article 6 para. 1 a) or Article 9 para. 2 a) of the GDPR or on a contract according to Article 6 para. 1 b) of the GDPR and processing was carried out by means of an automated procedure insofar as the processing is not required for the completion of a task which is in the public interest or in the exercise of official authority which has been transferred to the data controller.
When exercising his/her right to data portability according to article 20 para 1 of the GDPR, the data subject also has the right to arrange for personal data to be transmitted directly from one data controller to another if this is technically feasible and provided that this does not violate the rights and freedom of other individuals.
If the data subject wishes to avail of the right to data portability, he/she may contact our data protection officer at any time.
g) Right to object
All data subjects concerned by the processing of personal data are granted the right by European legislators and regulators to present objections at any time against the processing of personal data that concerns them on the basis of Article 6 paras. e) and f) of the GDPR on grounds which stem from their specific situation. This also applies to profiling underpinned by these provisions.
3D TECHNOPACK will no longer process personal data in the case of an objection unless we are able to prove that essential grounds for protection exist which outweigh the interests, rights and freedoms of the data subject or processing serves to present, assert or defend legal claims.
The data subject has the right to present an objection against the processing of personal data at any time if 3D TECHNOPACK processes said data for direct advertising purposes. This also applies to profiling insofar as it relates to such direct advertising. If the data subject objects to 3D TECHNOPACK processing data for the purposes of direct advertising, we will no longer process personal data for this purpose.
The data subject also has the right, on grounds stemming from their specific situation, to present an objection against the processing of their personal data by 3D TECHNOPACK for scientific or historical research purposes or for statistical purposes according to Article 89 para. 1 of the GDPR unless this processing is required in order to fulfil a task which is in the public interest.
If the data subject wishes to avail of the right to object, he/she may contact our data protection officer directly. The data subject may also exercise the right to object by means of an automated procedure, whereby technical specifications will be applied, in the context of the use of information society services, notwithstanding guideline 2002/58/EC.
h) Automated decisions in individual cases including profiling
All data subjects concerned by the processing of personal data are granted the right by European legislators and regulators not to be bound by an exclusive decision based on automated processing (including profiling) which produces a legal effect or otherwise significantly restricts them insofar as the decision (1) is not required for the conclusion or fulfilment of a contract between the data subject and the data controller or (2) is authorized on the basis of the legal provisions of the EU or the member states governing the data controller and these legal provisions contain appropriate measures to maintain rights and freedoms and the legitimate interests of the data subject or (3) has been reached with the specific consent of the data subject.
If the decision (1) is required for the conclusion or fulfilment of a contract between the data subject and the data controller or (2) if it is reached with the specific consent of the data subject, 3D TECHNOPACK will take appropriate steps to guarantee the rights and freedoms and legitimate interests of the data subject, including at least the right to initiate the intervention of an individual on behalf of the data controller, to present a personal opinion and to challenge the decision.
If the data subject wishes to assert rights relating to automated decisions, he/she may contact our data protection officer at any time.
i) Right to revoke consent according to data protection regulations
All data subjects concerned by the processing of personal data are granted the right by the Swiss legislative body or European legislators and regulators to revoke consent to the processing of personal data at any time.
If the data subject wishes to avail of the right to revoke consent, he/she may contact our data protection officer at any time.
15 Data protection in the context of applications and application procedures
The data controller collects and processes personal data provided by applicants for the purpose of completing the application procedure. Processing may also be carried out electronically. This applies in particular when an applicant transmits corresponding application documents to the data controller by electronic means, for example by email or via a Web form on the Website. If the data controller concludes an employment contract with an applicant, the data transmitted for the purpose of processing the employment relationship is saved according to the statutory requirements. If no employment contract is concluded with the applicant, the application documents will be automatically deleted two months after notification of the refusal decision provided that the legitimate interests of the data controller do not prevent their deletion.
16 Legal basis for processing
Article 6 a) of the GDPR provides our firm with the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is required in order to fulfil a contract to which the data subject is a party, as is the case with processing operations required for the delivery of goods or the provision of another service or return service, processing is carried out on the basis of Article 6 b) of the GDPR. The same applies for processing operations required for the implementation of pre-contractual measures, for example in the case of requests for our products or services. If our firm is bound by a legal obligation whereby the processing of personal data is required, for example for the fulfilment of tax obligations, processing is based on Article 6 c) of the GDPR. In a few rare cases, the processing of personal data may become necessary in order to protect the essential interests of the data subject or another individual. This could be the case, for example, if a visitor to our firm were injured and his/her name, age, health insurance details or other essential information had to be passed on to a doctor, hospital or other third party. In this case processing would be based on Article 6 d) of the GDPR. Processing operations could ultimately be based on Article 6 f) of the GDPR. This legal basis applies to processing operations which are not covered by any of the legal provisions outlined above if processing is required to protect the legitimate interests of our firm or a third party insofar as the interests do not outweigh the basic rights and basic freedoms of the individual concerned. We are authorized to carry out processing operations of this kind because they have been specifically referred to in European legislation. This legislation states that a legitimate interest can be assumed to exist when the data subject is a customer of the data controller (recital 47 section 2 of the GDPR).
17 Legitimate interest in processing which is tracked by the data controller or a third party
If the processing of personal data is based on Article 6 f) of the GDPR, our legitimate interest is the accomplishment of our business activity for the benefit of the well-being of all our employees and shareholders.
18 Length of time during which personal data is stored
The length of time during which personal data is stored corresponds to the applicable statutory retention period. Upon expiry of the deadline, the corresponding data will be routinely deleted provided that it is no longer required for the fulfilment or initiation of the contract.
19 Statutory or contractual provisions governing the provision of personal data; requirement for the conclusion of a contract; obligation of the data subject to provide personal data; possible consequences of failure to provide information
We should point out that the provision of personal data is required by law to a certain extent (e.g. tax regulations) or may stem from contractual regulations (e.g. information on contract partners). In some cases, it may be necessary when a contract is concluded for a data subject to provide us with personal data which we subsequently have to process. The data subject may, for example, be obliged to provide us with personal data when they have concluded a contract with our firm. Failure to provide personal information would result in the contract not being concluded with the individual concerned. The individual concerned must contact one of our employees before providing personal data. Our employee will explain to the individual concerned, based on the case in point, whether the provision of personal data is legally or contractually required or is necessary for the conclusion of the contract, whether there is an obligation to provide personal data and the potential consequences of failure to provide personal data.
20 Existence of automated decision-making
As a responsible firm, we refrain from automatic decision-making and profiling.
21 Privacy policies of other websites
22 Adaptation of the data protection declaration
We may adapt our data protection declaration at any time by publishing it on this Website.
3D TECHNOPACK, June 2022