Version 1.00.18 of 12 April 2018
Silvercraft Helicopters Ltd
We are very pleased with the interest shown for our company. Data protection is of particular importance for the management of Silvercraft Helicopters Ltd. This applies to information gathered during interviews, telephone conversations, missives or via the internet. In particular, it is possible to consult the Internet pages of Silvercraft Helicopters Ltd without any personal details. However, if an interested person wishes to use the special services of our company, through the website, the processing of personal data may be required. If the processing of personal data is requested and there is no legal basis for such processing, we generally request the consent of the data subject.
The processing of personal data such as the name, address, e-mail address or telephone number of an interested person always takes place in accordance also with the European Data Protection Regulation (GDPR) and in accordance with the Swiss Federal Data Protection Act applicable to Silvercraft Helicopters Ltd. Through this information on the protection of personal data, our company wants to inform the public about the nature, scope and purpose of personal information that we collect, use and process. Furthermore, interested persons will find information about their rights.
As data controller, Silvercraft Helicopters Ltd has implemented numerous technical and organizational measures, in order to guarantee the maximum possible protection for personal data processed through this site. However, internet-based data transmissions may present security flaws, so absolute protection can not be guaranteed. For this reason, every interested person is free to provide us with personal data in alternative ways, for example by telephone.
Employees who have access to confidential data or information are subject to the obligation of confidentiality. These are persons subject to secrecy on the basis of their professional status (eg. medical professional secrecy according to the Swiss Federal Law and Swiss Civil Code), or of persons who have signed a confidentiality agreement on confidential data and information. The obligation of confidentiality also applies to external collaborators, third parties involved and visitors of Silvercraft Helicopters Ltd, who must sign a declaration of confidentiality before visiting Silvercraft Helicopters Ltd.
Silvercraft Helicopters Ltd keeps all personal data electronically on its servers located in Switzerland. Silvercraft Helicopters Ltd transmits data abroad only if this is necessary for the provision of a service and if the data protection regulations of the country of arrival correspond to those of Switzerland. In the event that the data protection provisions are not equivalent, Silvercraft Helicopters Ltd concludes a “data processing agreement” with the supplier in question.
The provisions of this data protection and data protection law do not apply to the transmission of personal data within Silvercraft Helicopters Ltd; the latter does not need any consent for the transmission. The above Information are also pursuant to art. 13 of the Regulation (EU) n. 679/2016 (“GDPR”).
Silvercraft Helicopters Ltd (hereinafter “Silvercraft Helicopters”) protects the confidentiality of personal data and guarantees to them the necessary protection from any event that could put them at risk of violation. Below we provide the user (“Concerned”) with the information required by Swiss law(s) concerning the processing of their personal data; the information are also in according with what is required by the European Union Regulation no. 679/2016 (“GDPR”), and in particular to the art. 13. We regularly apply the most restrictive request edited by Swiss or European Law.
Who we are and what data we process
(in accordance with Swiss Federal Law & article 13, paragraph 1 letter a, article 15, letter b GDPR)
Silvercraft Helicopters Ltd, with registered office in Via Industria n. 6 – 6710 Biasca (CH), in the person of its legal representative, operates as Data Controller and can be contacted at privacy @ silvercraft . ch and collects and / or receives information concerning the interested party, such as:
first name, surname,
province and municipality of residence,
landline and / or mobile phone, fax,
IBAN and bank / postal data (except credit card number)
Data of telematic traffic
Log, IP address of origin.
Silvercraft Helicopters does not require the Data Subject to provide data c.d. “Particulars”, that is ( according to the provisions of the GDPR Article 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical convictions, or union membership, as well as genetic data, data bio-metrics designed to uniquely identify a natural person, data relating to a person’s health or sexual life or sexual orientation. In the event that the service requested from Silvercraft Helicopters requires the processing of such data, the interested party will receive prior notice and will be required to give appropriate consent.
Children are not able to buy products and services from us. However, on instruction from a parent or guardian, a child can also be named as a beneficiary. In these cases, we collect limited personal information to identify the child (such as their name, age, gender).
The Data Controller also acts as the Data Protection Officer (DPO). For any information and request can be contacted as follows: E-mail: privacy @ silvercraft . ch Telephone: +41.91.8739040
For any information or request the interested party you can contact the address generically privacy @ silvercraft . ch or phone +41.91.8739040
Where we collect your information
We may collect your personal information directly from you, from a variety of sources, including:
- An application form for a product or service
- Phone conversations with us
- Emails or letters you send to us
- Meetings with one of our business development or relationship managers
- Our online services such as websites, social media and mobile device applications (‘Apps’). We may also collect personal information about you from places such as business directories and other commercially or publicly available sources e.g. to check or improve the information we hold (like your address) or to give better contact information if we are unable to contact you directly.
- If you have an adviser, the information we collect and use will most likely have been provided by them on your behalf.
Purposes for which we need the data of the interested party
(in accordance with Swiss Federal Law & Article 13, paragraph 1 of the GDPR)
The data are used by the Data Controller to follow up the registration request and the contract for the supply of the selected Service and / or the purchased Product, manage and execute the contact requests sent by the Interested Party, provide assistance, comply with legal and regulatory obligations. which the holder is kept in function of the activity exercised. In no case shall Silvercraft Helicopters resell the personal data of the Data Subject to third parties or use them for undeclared purposes. In particular the data of the interested party will be processed for:
a) registration and contact requests and / or information material
The processing of personal data of the interested party takes place to carry out the preliminary activities and consequent to the registration request, to the management of requests for information and to contact and / or sending information material, as well as for the fulfillment of any other obligation arising. The legal basis of these treatments is the fulfillment of the services inherent to the request for registration, information and contact and / or sending of informative material and compliance with legal obligations.
b) management of the contractual relationship
The processing of personal data of the interested party takes place to carry out preliminary activities and consequent to the purchase of a Service and / or a Product, the management of the related order, the provision of the Service itself and / or production and / or the shipment of the purchased Product, the related invoicing and management of the payment, the handling of complaints and / or reports to the assistance service and the provision of the assistance itself, the prevention of fraud and the fulfillment of any other obligation arising from the contract. The legal basis of these treatments is the fulfillment of the services inherent in the contractual relationship and compliance with legal obligations.
c) promotional activities on Services / Products similar to those purchased by the Interested Party (in accordance also with Recital 47 GDPR)
The Data Controller, even without explicit consent, may use the contact details provided by the Interested Party, for the purpose of direct sale of its Services / Products, limited to the case in which the Services / Products similar to those of the sale are concerned, unless the interested party explicitly objects.
d) the commercial promotion activities on Services / Products different from those purchased by the interested party
The personal data of the interested party may also be processed for commercial promotion purposes, for surveys and market research with regard to Services / Products that the Data Controller offers only if the Data Subject has authorized the processing and does not object to this.
This treatment can be automated, in the following ways: – e-mail; – sms; – telephone contact and can be done if the interested party has not revoked his consent for the use of the data. The legal basis of such processing is the consent given by the Interested party prior to the processing itself, which can be revoked by the interested party freely and at any time (see Section III).
e) computer security
The Owner, (specifically in line with the provisions of Recital 49 of the GDPR), treats, also through its suppliers (third parties and / or recipients), the personal data of the interested party relating to traffic to a strictly necessary and proportionate extent to ensure the security of networks and information, ie the ability of a network or an information system to resist, at a given level of security, unforeseen events or illicit or malicious acts that compromise availability, authenticity, integrity and confidentiality of personal data stored or transmitted. The Data Controller will promptly inform the Interested parties, if there is a particular risk of violation of their data without prejudice also to the obligations arising from the provisions of art. 33 of the GDPR concerning notifications of violation of personal data. The legal basis of such processing is compliance with legal obligations and the legitimate interest of the Data Controller to carry out processing related to the protection of the company assets and security of the Silvercraft Helicopters’ offices and systems.
The personal data of the interested party may also be processed for profiling purposes (such as analysis of the transmitted data and of the selected Services / Products, to propose advertising messages and / or commercial proposals in line with the choices expressed by the users themselves) only in the event that the interested party has provided an explicit and informed consent. The legal basis of such processing is the consent given by the interested party prior to the processing itself, which can be revoked by the interested party freely and at any time (see Section III).
g) fraud prevention (in accordance with Swiss Federal Law & recital 47 and Article 22 of the GDPR)
The personal data of the interested party, with the exclusion of those particular or judicial will be processed to allow controls for the purpose of monitoring and preventing fraudulent payments, by software systems that carry out a verification in order automated and preliminary to the negotiation of Services / Products
Failure to pass these checks (negative result) will make it impossible to carry out the transaction; in any case, the interested party may express his opinion, obtain an explanation or contest the decision motivating his reasons for the Customer Assistance service or contact privacy @ silvercraft . ch.
Personal data collected for the sole purpose of anti-fraud, unlike the data necessary for the correct execution of the requested service, will be immediately canceled at the end of the control phases.
h) the protection of minors
The Services / Products offered by the Data Controller are reserved to subjects legally able, on the basis of the national reference legislation, to conclude contractual obligations. In order to prevent unlawful access to its services, the Data Controller implements prevention measures to protect its legitimate interest, such as the control of the tax code and / or other checks (when necessary for specific Services / Products), such as control on the correctness of the identification data of the identity documents issued by the competent authorities.
Communication to third parties and categories of recipients
(in accordance with Swiss Federal Law & Article 13, 1st paragraph GDPR)
The personal data will be communicated mainly to third parties and / or recipients whose activity is necessary for the performance of the activities related to the relationship established and to meet certain legal obligations, such as:
– Company of Silvercraft Helicopters group, if any. (“Silvercraft Helicopters Group”) for
administrative or accounting obligations and related to the contractual performance in case we have to create specific companies.
Third-party suppliers for/related to:
Provision of services (assistance, maintenance, delivery / delivery of products, provision of additional services, network providers and electronic communication services) related to the requested service
Credit and digital payment institutions, banking / postal institutions
Management of collections, payments, refunds related to the contractual performance
External professionals / consultants and consulting firms
Fulfillment of legal obligations, exercise of rights, protection of contractual rights, recovery of credit
Financial administration, public bodies, judicial authorities, supervisory authorities and control
Compliance with legal obligations, defense of rights; lists and registers held by public authorities or similar bodies on the basis of specific legislation, in relation to the contractual performance
Formally delegated subjects or having a recognized legal title
Legal representatives, curators, tutors, etc.
In these cases, the Data Controller imposes on the Third Party’s own suppliers and the Data Processors the respect of security measures equal to those adopted towards the Interested Party, restricting the perimeter of action of the Manager to the treatments connected to the requested service. The Data Controller does not transfer personal data in countries where Swiss Federal Law on Privacy and/or GDPR are not applied, unless specific contrary indications for which the interested party is informed in advance and if necessary consent will be requested. The legal basis of these treatments is the fulfillment of the services inherent to the relationship established, compliance with legal obligations and the legitimate interest of Silvercraft Helicopters to carry out the necessary treatments for such purposes.
Failure to communicate the data requested to the interested party.
The collection and processing of personal data is necessary to follow up the requested services as well as the provision of the Service and / or the supply of the requested Product. If the Data Subject does not provide the personal data expressly provided for as necessary in the order form or the registration form, the Data Controller will not be able to process the processing of the requested services and / or the contract and the Services / Products connected to it, or to the obligations that depend on them.
In the event that the interested party does not give his consent to the processing of personal data for commercial promotion activities on Services / Products different from those purchased, said processing will not take place for the same purposes, without this having effects on the provision of the services requested, or for those for which he has already given his consent, if requested.
In the event that the interested party has given consent and should subsequently withdraw or oppose the treatment for commercial promotion activities, his data will no longer be processed for such activities, without this having consequences or detrimental effects for the interested party and for the requested services.
Data processing of the data subject
(in accordance with Swiss Federal Law & Article 32 GDPR)
The Data Controller provides for the use of adequate security measures to preserve the confidentiality, integrity and availability of the personal data of the interested party and imposes similar security measures on third parties and on the Managers.
Place of data processing of the interested party
The personal data of the interested party are stored in paper, computer and electronic archives located in the country where the registered office is Silvercraft Helicopters Ltd
However, if some of your information has to be processed by us or the third parties we work with outside of Switzerland and/or E.U. ,we have to obtain prior your agreement and take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by Switzerland and/or E.U. data privacy laws e.g. we will put in place legal agreements with our third party suppliers and do regular checks to ensure they meet these obligations.
How we protect your information
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
Your information is protected by controls designed to minimize loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this.
Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.
Retention of data of the interested party
(in accordance with Swiss Federal Law & Article13, paragraph 2, letter to GDPR)
Unless he expressly expresses his will to remove them, the personal data of the interested party will be kept until they are necessary with respect to the legitimate purposes for which they were collected. In particular, they will be kept for the entire duration of their registration and in any case no longer than a maximum period of 12 (twelve) months of inactivity, or if, within this period, no Services and / or purchased Products are associated the registry itself. In the case of data provided to the Owner for the purposes of commercial promotion for services other than those already acquired by the Data Subject, for which he initially consented, these will be retained for 24 months, subject to revocation of the consent given. In the case of data provided to the Owner for the purposes of profiling, these will be retained for 12 months, unless revocation of consent given. It should also be added that, in the event that a user sends to Silvercraft Helicopters personal data not requested or not required for the execution of the requested service or for the provision of a service closely connected to it, Silvercraft Helicopters can not be considered these data, and will delete them as soon as possible. Regardless of the determination of the interested party to their removal, the personal data will in any case be kept according to the terms established by current legislation and / or national regulations, for the sole purpose of guaranteeing the specific requirements of some Services (by way of example) but not exhaustive, Certified Electronic Mail, Digital Signature, Substitutive Storage). Furthermore, personal data will in any case be kept for the fulfillment of the obligations (eg fiscal and accounting) that remain even after the termination of the contract; for these purposes the Data Controller will retain only the data necessary for the relative prosecution. Except in cases where the rights deriving from the contract and / or registration, in which case the personal data of the interested party, exclusively those necessary for such purposes, will be processed for the time necessary to their pursuit.
Rights of the interested party
(in accordance with Swiss Federal Law & Article 15 – 20 GDPR)
The interested party has the right to obtain from the data controller the following:
a) confirmation of whether or not personal data processing is being processed and, in this case, to obtain access to personal data and the following information:
1. the purposes of the processing;
2. the categories of personal data in question;
1. the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular for recipients of third countries or international organizations;
3. when possible, the retention period of the personal data provided or, if this is not possible, the criteria used to determine this period;
4. the existence of the right of the data subject to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
5. the right to lodge a complaint with a supervisory authority;
6. if the data are not collected from the data subject, all information available on their origin;
7. the existence of an automated decision-making process, including profiling, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
8. the appropriate guarantees provided by the third country (non Swiss & non-EU) or an international organization to protect any data transferred
b) the right to obtain a copy of the personal data being processed, provided that this right does not affect the rights and freedoms of others; In case of further copies requested by the interested party, the data controller may charge a reasonable fee contribution based on administrative costs
c) the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay
d) the right to obtain from the data controller the cancellation of personal data concerning him without undue delay, for example, if the reasons provided for by the GDPR in art. 17, among which in the case in which they are no longer necessary for the purposes of the processing or if this is assumed to be illegal, and the conditions provided for by law still exist; and in any case if the treatment is not justified by another equally legitimate reason
e) the right to obtain from the data controller the limitation of processing, in particular as indicated in the cases provided for by art. 18 of the GDPR, for example where you have challenged its accuracy, for the period necessary for the Data Controller to verify its accuracy. The interested party must be informed, in reasonable time, also of when the suspension period has been completed or the cause of the limitation of the treatment has ceased, and therefore the limitation itself revoked
f) the right to obtain communication from the holder of the recipients to whom the requests for any corrections or cancellations or limitations of the processing have been transmitted, unless this proves impossible or involves a disproportionate effort
g) the right to receive personal data concerning him in a structured, commonly used and automatically readable format, and the right to transmit such data to another data controller without impediments by the data controller who provided them, as in the cases provided for by art. 20 of the GDPR, and the right to obtain direct transmission of personal data from one controller to another, if technically feasible.
For any further information and in any case to send a request, contact the Data Controller at the address privacy @ silvercraft . ch. In order to ensure that the rights mentioned above are exercised by the Data Subject and not by unauthorized third parties, the Data Controller may request the same to provide any additional information necessary for the purpose.
Opposition to the processing of personal data
(in accordance with Swiss Federal Law & Article 21 GDPR)
For reasons relating to the particular situation of the interested party, the same may oppose at any time the processing of their personal data if it is based on legitimate interest or if it takes place for business promotion, sending the request to the Owner at privacy @ silvercraft . ch. The interested party has the right to cancel his / her personal data if there is no legitimate overriding reason for the Data Controller than the one giving rise to the request, and in any case in case the Data Subject opposes the processing for commercial promotion activities.
Authority responsible for the acceptance of a complaint
(in accordance with Swiss Federal Law & Article 15 GDPR)
Without prejudice to any other action in administrative or judicial proceedings, the interested party may lodge a complaint with the competent supervisory authority in the territory where he carries out his duties and exercises his powers or competent in Swiss or in the Member State where the GDPR violation took place.
Each update of this Information will be promptly communicated and by means of reasonable means and will also be communicated if the Data Controller processes the data of the Data Subject for further purposes than those referred to in this Notice before proceeding and following the manifestation of the relative consent of the ‘Interested if necessary.
Communication to third parties and categories of recipients
As part of the provision of services acquired outside Swiss or a member country of the EU,
personal data, for purposes strictly related to the provision of the service, will be communicated to third parties (registration authorities and related accredited subjects) based in countries where Swiss Federal Law in Privacy and/or GDPR are not applied, and in any case for which an adequacy provision on the level of data protection by Swiss or the European Commission is in force.
The legal basis of these treatments is the fulfillment of the services inherent to the relationship established, compliance with legal obligations and regulations and the legitimate interest of Silvercraft Helicopters to carry out the necessary treatments for these purposes.