This policy describes how personal data should be collected, processed and stored in accordance with ARS ELECTRONICS data protection requirements and the law, regardless of its support (electronic, paper or any other).
This policy applies:
All ARS ELECTRONICS customers.
All ARS ELECTRONICS employees regardless of the type of contract.
All subcontractors, suppliers and other persons or organizations acting on behalf of ARS ELECTRONICS.
This policy ensures that ARS ELECTRONICS:
Complies with legislation on the protection of personal data, especially EU Regulation 2016/679, of 27th April - GRDP - General Regulation on Data Protection.
Protects the rights of employees, customers and other interested parties.
It is transparent about how it handles personal data · Protects itself from the risk of personal data breaches.
The principles applicable to the protection of personal data are:
Lawfulness, loyalty and transparency: it is necessary to identify the legal basis for each data processing and to inform the holders, in advance, in clear and accessible language about the purposes and the way we do it.
Purpose limitation: the specific purposes of the processing of personal data must be explicit, legitimate and determined when collecting personal data. The data collected for one purpose should not be used for any purpose other than the first.
Adequacy, relevance and minimization: only the personal data necessary and appropriate for the purposes to be achieved will be processed.
Accuracy and updating: the necessary measures must be taken to ensure that inaccurate data is corrected or deleted.
Conservation limitation: personal data will only be kept for as long as necessary for the purpose for which they are intended. A deadline for erasure or destruction will be defined for each set.
Security and confidentiality: personal data will be stored in order to guarantee its protection and its access will be conditioned in order to ensure that only authorized personnel can process it.
Privacy from conception and by default: before proceeding with any data processing, measures will be taken to ensure that privacy is a concern from the beginning and throughout the processing process.
Data subjects have the right to access, rectify, limit purposes, portability, erasure and opposition to automated decisions.
ARS ELECTRONICS may share data with public authorities without the knowledge of the holders in compliance with legal or judicial obligations.
1. What information do we collect?
We ask for personally identifiable information when:
Request information or a service or participate in other activities that may exist on our website;
Request a purchase of material or provision of services;
We prepare work contracts with employees;
It is always your choice to proceed when we ask you for personal information. However, if you do not want to provide the requested personal information, you may not be able to obtain certain information or proceed with what you want, which we only provide to identified holders.
2. How do we use the information collected?
We use personal information in the following ways:
To provide you with information about our products and services.
To send you newsletters, informational emails or surveys;
To help us create better products and services;
To allow you to download documents, gain access to services or participate in other activities that you select;
We only share the personal data of ARS ELECTRONICS employees with companies or entities with which we have contracts or agreements or legal sharing obligation. In these cases the holder has to express his consent. ARS ELECTRONICS promotes actions to ensure that third parties comply with the GRDP.
We do not share or transfer personal data outside the European Economic Area.
3. How do we protect your data?
To ensure the security of your personal information, we use several security measures. Your personal information is stored on secure networks, which can only be accessed by a limited number of people who have access privileges and are committed to respecting and maintaining the confidentiality of such information.
Notwithstanding these measures, when providing personal information on the Internet there is always a risk that it may be intercepted and used by third parties beyond our control, despite all our efforts to the contrary.
4. What do we mean by personal data? What principles do we apply?
4.1 Data Collection and Processing
“Personal data” means any information, of any nature and regardless of its support (including sound and image), and the way it is collected, relating to an identified or identifiable natural person. ARS ELECTRONICS is responsible for the processing of personal data collected.
4.2 General Principles Applicable to Data Processing
With regard to the general principles relating to the processing of personal data, ARS ELECTRONICS commits itself to ensure that the data of the holder processed by it are:
Subject to lawful, fair and transparent treatment in relation to the holder;
Collected for specific, explicit and legitimate purposes, not subsequently being treated in a manner incompatible with those purposes;
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are treated;
Accurate and updated whenever necessary;
Kept in a way that allows data subjects to be identified only for the period necessary for the purposes for which they are processed;
Treated in a way that guarantees your safety, including protection against its unauthorized or unlawful treatment and against its loss, destruction or accidental damage, taking appropriate technical or organizational measures.
4.3 Implemented Technical, Organizational and Security Measures
In order to guarantee the security of the data of the holder and the maximum confidentiality, ARS ELECTRONICS treats the information in accordance with the internal security and confidentiality policies and procedures, which are reviewed and updated periodically, in accordance with the terms and conditions legally provided for and as defined in its Quality Management System.
Depending on the nature, scope, context and purposes of data processing, as well as the risks arising from processing for the rights and freedoms of the data subject, ARS ELECTRONICS applies, both when defining the means of processing and when of the treatment itself, the technical and organizational measures necessary and adequate to protect the data of the holder and to comply with legal requirements. It also undertakes to ensure that, by default, only the data that is necessary for each specific purpose of treatment are processed and that this data is not made available without human intervention to an undetermined number of people.
5. Rights of Data Subjects
At any time, the holder can exercise his rights of access, rectification, purpose limitation, portability, erasure.
ARS ELECTRONICS does not make automated decisions or create profiles.