We respect your privacy and take it seriously. When you visit our web properties, you’re trusting us with your information. This is a big responsibility. We will always work hard to protect your information, respect your rights, and use your personal information in compliance with General Data Protection Regulation (GDPR).
Empirix Inc. (“Empirix”), with registered office in 600 Technology Park Drive, Suite 100, 01821 Billerica (MA) and which can be contacted at the email email@example.com, will process – in its capacity of data controller – personal data provided by the user (the “User”) of the website www.empirix.com (the “Site”) with regard to the use of the Site and the provision of the requested Empirix services available on the Site (the “Services”), including the User’s request of information or assistance and the User’s application to a job through the Site, unless a different privacy information notice was provided in the context of the same.
1. WHAT AND WHO THIS PRIVACY NOTICE COVERS?
Empirix is the data controller of the personal data collected from the User through the Site and the Services, that is processed in compliance with the terms of this privacy notice (the “Privacy Notice”) and the relevant provisions of law. Accordingly, this Privacy Notice applies to all Users.
2. WHAT KIND OF PERSONAL DATA DOES EMPIRIX COLLECT ABOUT THE USER?
Empirix collects the following categories of personal data:
- contact data voluntarily disclosed by the User and necessary to obtain Empirix Services as available on the Site;
- data provided in case of request of information or assistance on the part of the User
3. HOW DOES EMPIRIX USE THE USER’S PERSONAL DATA?
Empirix processes the personal data of the User for the following purposes:
a) the provision of the Services offered through the Site, including the reply to the User’s request of information or assistance;
b) the development and improvement of the Services offered through the Site;
c) the compliance with the applicable national/EU laws and/or respond to request from public and government authorities;
(the purposes from letters a) to c) are jointly referred to as “Contractual Purposes”)
d) exercising or defending legal claims in court proceedings or in an administrative or out-of-court procedure;
e) complete a potential merger, sale of assets or transfer of all or a material part of its business, by disclosing and transferring the User’s personal data to the third party or parties involved in the transaction as part of the transaction;
(the purpose as per letters d) and e) above are jointly referred to as “Legitimate Interest Purposes”)
f) with the User prior consent, the delivery of direct marketing communications concerning products and services of Empirix (e.g., sending of advertising materials, market researches). The communications, may be sent by both automated (e.g., SMS, MMS, fax, calling systems, email and web applications) and traditional (e.g., calls by human operators) means of contact;
g) with the User prior consent, the delivery of marketing communications customized on the User interests and needs by means of the channels of communication set out under letter h) above;
(the purposes of letters g) and h) above are jointly referred to as “Marketing Purposes”).
4. ON WHAT LEGAL BASIS DOES EMPIRIX PROCESS THE USER’S PERSONAL DATA?
The processing of the User’s personal data is necessary with regard to the Contractual Purposes as it is essential:
- for the provision of the requested Services with regard to the cases as per Section 4 letters a) and b);
- in order to comply with provisions as provided by the applicable laws as per Section 4 letter c).
Should the User not provide its personal data with regard to the Contractual Purposes, Empirix will not be able to provide the User with the Services.
5. HOW DOES EMPIRIX PROCESS THE USER’S PERSONAL DATA?
User’s personal data will be processed both electronically and/or manually, in any case in such a way as to guarantee the security, protection and confidentiality of the data, thanks to appropriate administrative, technical, personnel and physical measures against loss, theft and unauthorized use, disclosure or modification.
6. WHO CAN HAVE ACCESS TO THE USER’S PERSONAL DATA?
For the Contractual Purposes, the Client personal data may be transferred to the following categories of recipients located both within the EU and, within the limits as per Section 8 below, outside of the EU:
a) third parties service providers entrusted with processing activities that provide services or assistance and advice to Empirix, with special – but not exclusive – reference to technology, accounting, administrative, legal, insurance, IT matters;
b) companies of the Empirix Group; and
c) persons and authorities whose right to access personal data is recognized by law, regulations or provisions issued by legally empowered authorities.
For the Legitimate Interest Purposes, personal data may be transferred to the following categories of recipients located both within the EU and, within the limits as per Section 8 below, outside of the EU:
a) third parties service providers entrusted with processing activities,
b) companies of the Empirix Group,
c) potential purchaser of Empirix and the entities resulting from mergers or any other transformation involving Empirix,
d) competent authorities.
For the Marketing Purposes, personal data may be transferred to the following categories of recipients located both within the EU and, within the limits as per Section 8 below, outside of the EU:
a) third parties service providers entrusted with processing activities that provide services or assistance with regard to the delivery of marketing communications,
b) companies of the Empirix group.
The above mentioned recipients will process personal data as data controllers, data processors or persons in charge of processing, depending on the circumstances. A complete list of the data processor is available upon request through the modalities as per Section 10 below.
7. IS THE USER’S PERSONAL DATA TRANSFERRED ABROAD?
The User personal data may be transferred to countries within and outside the European Economic Area, in particular in the Unites States. For transfers from EU to countries not considered adequate by the European Commission, Empirix has put in place appropriate and suitable safeguards to protect the Users’ personal data. Accordingly the Users’ personal data are transferred in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the Privacy Regulation.
For further information with regard to the appropriate or suitable safeguards and the means by which to obtain a copy of them, the Candidate can contact Empirix with the modalities as per this privacy Notice.
8. WHICH IS THE RETENTION PERIOD APPLYING TO THE USER’S PERSONAL DATA?
Personal data of the User will be stored for the period necessary to fulfil the purposes for which the data was collected as outlined in this Privacy Notice. In any case the following retention periods will apply to the processing of the User’s personal data for the purposes indicated below:
a) data collected for Contractual Purposes and for Legitimate Interest Purposes is retained during the provision of the Services plus a period of 10 years after the termination of the Services, except when the detention of the data is necessary to respond or to file a legal actions, upon request of the competent authorities or in compliance with the applicable laws;
b) data collected for Marketing Purposes relating to the delivery of marketing communications as per Section 4 letter f) of this Privacy Notice is retained for the duration of the Contract and a subsequent period of 24 months;
c) data collected for Marketing Purposes relating to the profiling of User’s preferences for marketing purposes as per Section 4 letter g) of this Privacy Notice is retained for a period of 12 months from the time they are collected.
9. HOW TO UNSUBSCRIBE
At any time you may request to be removed from our mailing list (unsubscribe) or change your communication or profiling preferences via an e-mail to firstname.lastname@example.org or mail your request to the following address:
600 Technology Park Drive, Suite 100
Billerica, MA 01821
10. DATA OF USERS UNDER 18
The Site is not addressed to users under the age of 18 and, in any case, Empirix does not collect and process wittingly personal data referred to users under the age of 18. In case Empirix is aware of the collection and processing of such personal data, Empirix will delete it immediately.
11. WHAT ARE THE USER’S RIGHTS WITH REGARD TO PERSONAL DATA?
The User, at any given time, can exercise the following rights, by sending an email to the following address email@example.com:
a) to obtain from Empirix confirmation of the existence of personal data and to be informed of its content and source, verify its accuracy and request its integration, update or amendment;
b) request the erasure, anonymization or restriction of the processing of personal data processed in breach of the applicable laws;
c) object in whole or in part, on legitimate grounds, to the processing of the data;
d) to withdraw the consent to the processing of the data (if and to the extent such a consent is necessary);
e) request Empirix to limit the processing of the User’s personal data where:
- the User contests the accuracy of the personal data until Empirix have taken sufficient steps to correct or verify its accuracy;
- the processing is unlawful but you do not want us to erase the Users’ personal data;
- Empirix no longer needs the User’s personal data for the purposes of the processing, but the User requires them for the establishment, exercise or defense of legal claims; or
- The User has objected to processing justified on legitimate interests, pending verification as to whether Empirix has compelling legitimate grounds to continue processing.
f) object to the processing of the User’s personal data;
g) request the erasure of the User’s personal data without undue delay;
h) receive an electronic copy of the User’s personal data, if the User would like to port its personal data to itself or a different provider, when Empirix is relying upon the User’s consent or the fact that the processing is necessary for the provision of the Services and the personal data is processed by automatic means; and
i) lodge a complaint with the relevant data protection supervisory authority.
This privacy information notice might be subsequently updated or integrated, also as consequence of the adoption of local legislations implementing the Privacy Regulation. Changes will be notified in advance and in any case Users will be able to review the updated version of the privacy information notice on the website www.empirix.com.