Privacy Notice for the Newsletter Service of Bureau Veritas Switzerland AG
 

PRIVACY NOTICE FOR THE NEWSLETTER SERVICE OF BUREAU VERITAS SWITZERLAND AG pursuant to Article 19 of Federal Act on Data Protection (“FADP”)

The Bureau Veritas newsletter is sent by e-mail to those who make explicit requests (the "Users"), by completing the form and authorizing Bureau Veritas to process their personal data.

1. Data Controller

The Data Controller is Bureau Veritas Switzerland AG, with registered office in Grossächerstrasse 25, CH-8104, Weiningen, Switzerland; VAT no. CHE107701676 (hereinafter "Bureau Veritas" or the "Data Controller"). 

2. Data collected

The Data Controller processes your contact data, such as your e-mail address, collected by filling in the newsletter subscription form on the Bureau Veritas website https://www.bureauveritas.ch/en (the "Data").

3. Purpose and legal basis of the processing

The Data provided by Users is processed for the sole purpose of sending the Data Controller's newsletter and to allow Users to benefit from this service.

Such processing finds its legal basis in the consent of the Users.

Users can withdraw their consent and cancel their subscription to the newsletter service at any time by clicking on the Unsubscribe link in the newsletters and then clicking on the Confirm button on the unsubscribe page. Alternatively, Users may send a specific notification to the Data Controller through the portal for the exercise of rights indicated in article 7 below, expressing the desire to unsubscribe from the newsletter service and to delete the data held by the Data Controller. The withdrawal of consent does not affect the processing that has already taken place.
Providing the Data is optional. Any refusal to provide the Data will make it impossible to use the newsletter service.

4. Personal data recipients

The recipients of the User Data will be the expressly designated employees of the Data Controller's marketing department, who operate under the authority of the Data Controller.

Finally, the Data may be disclosed to external subjects operating as autonomous controllers such as, for example, Authorities and supervisory and control bodies and in general to subjects, including private individuals, entitled to request the data (such as accounting consultants, legal consultants), Public Authorities that make an express request for administrative or institutional purposes, in accordance with the provisions of current national legislation.

5. Retention Period

The Data collected will be kept for a maximum period of 24 months upon subscription to the newsletter service. With one month's notice, we will ask you if you wish to continue receiving the newsletter: in case of refusal, the Data provided will be deleted; in case of consent, it will be kept and processed for a further period of 24 months.

6. Transfer of data to third countries

The Data Controller may disclose the Data to the European Union, accordingly to the European Commission Decision No 2000/518/EC of 26 July 2000 (as confirmed by the Report from the Commission to the European Parliament and the Council of 15 January 2024). The processing of the Data will be carried out at the Data Controller's offices and the Data will be stored in servers and/or archives in Switzerland, the European Union and in third countries. Data may be disclosed abroad only if the Swiss Federal Council has decided that the legislation of the State concerned or the international body guarantees an adequate level of protection, accordingly to art. 16 FADP. In the absence of a decision by the Federal Council, Data may be disclosed abroad only if an adequate level of data protection is guaranteed in accordance with the provisions of art. 16.1 FADP or by the exception of art. 17 FADP.

7. Rights of the data subjects

Users who subscribe to the Data Controller's newsletter service, as data subjects (i.e., subjects to whom the Data refers), are holders of rights conferred by the FADP. In particular, pursuant to articles 25, 28, 32 and 49 of FADP, data subjects have the right to request and obtain, at any time, access to their personal data, information on the processing carried out, the correction and/or updating of personal data. Additionally, they also have the right to object to the processing and to request data portability (i.e. to receive personal data in a structured, commonly used, machine-readable format). Finally, data subjects always have the right to revoke their consent at any time (this, in any case, will not affect the lawfulness of the processing carried out on the basis of the consent given before the revocation) and to lodge a complaint with a supervisory authority (in Switzerland: the Federal Data Protection and Information Commissioner).

The above-mentioned rights may be exercised at any time by simply sending a request to the Data Controller: