Paradox Engineering SA (here shortened as “PE”) is the IoT competence center of MinebeaMitsumi Group.
The processing of any personal data disclosed to PE is managed in compliance with clause 19 of the Federal Data Protection Law (LDP) and clause 13 of the General Data Protection Regulation (GDPR), in accordance with honesty, legitimacy, and transparency principles, and all limitations aimed at data storage, minimization, and correctness in respect of personal integrity and confidentiality of any sensitive information.
Data processing is handled by Paradox Engineering SA.
For further information about personal data processing or to assert applicable rights, the user can contact PE at:
Paradox Engineering SA
Via Passeggiata 7, 6883 Novazzano, Switzerland
2. Definition of personal data and data processing
Personal data are pieces of information relating to an identified or identifiable natural person, directly or indirectly, referring to his/her physical identity, behaviors, relationships, etc. Personal data include, but are not limited to, a name, a surname, an address, contact details, an identification number, or an online identifier.
Data processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, consultation, erasure or destruction.
3. Data processing: objectives and types of data
- Browsing data: Through information systems and software procedures, this website collects a series of personal data that are implicitly transmitted whenever using Internet communication protocols. Data are not collected to be associated with identified subjects, but by their nature could be used to identify the user through elaboration or correlation with third-party data. Data may include: IP (Internet Protocol) addresses or domain names of computers used to browse the website; URI (Uniform Resource Identifier) addresses; the date and time of website access; any other parameter related to the user’s operating system or IT (Information Technology) environment. These data are only used to get anonymized statistics about the website and its correct operation, detect anomalies and abuses, and they are immediately erased after processing. Data may be used in the event of attacks against PE or third parties to ascertain accountability.
- Data voluntarily submitted via the contact form of the website: Data shared as mentioned are collected by PE at the time of the online contact form entry and processed with the sole objective of managing the request.
- Data voluntarily submitted via the Login area of the website: Data shared as mentioned are collected by PE at the time of the Login access with the objective of sharing confidential information and documents with the user.
- Data voluntarily submitted by the user: Data that the user may optionally, explicitly, and voluntarily send by e-mailing PE require the acquisition of the user’s e-mail address and are processed with the sole objective of managing his/her request.
- Data voluntarily submitted via the Human Capital Management (HCM) Platform: Data shared as mentioned are collected by PE at the time of the HCM access and the related online contact form entry. Applicants’ personal data are processed for recruitment purposes and are stored for a maximum of 36 months after they have been received.
PE can use services of third-party providers who have been formally appointed Data Processors to evaluate the Applicant: ie. video conference service, online platform that allows to measure the linguistic and professional skills of the candidates by means of adaptive tests, and online psychometric testing platform.
4. Legal conditions for data processing
Personal data processing is legitimized by one of the following legal conditions:
- Legal obligation: Data processing is mandatory to comply with a legal obligation.
- Legitimate or prevalent interest: Data processing is necessary to pursue the legitimate or prevalent interest of PE, provided it does not prevail on interests, rights, or fundamental freedoms of the user requiring personal data protection.
5. Possible data recipients
Referring to PE activities and the above-described objectives, the user’ personal data may be shared with:
- Duly appointed Data Processors, providing specific data processing or similar services to PE. The user may request the updated list of Data Processors at any time.
- Autonomous Data Processors who may be entitled to data processing by law or authority directive.
- Third-party subjects, duly authorized by PE, processing data to perform specific activities related to the delivery of their own services, provided they signed a confidentiality agreement with legal and contractual obligations (ie. PE employees and contractors).
6. Data storage: location
All personal data are electronically stored in servers located in Switzerland and Europe.
7. Data storage: period
The user’s personal data are processed upon the implementation and continuous update of technical and organizational security measures aimed at preventing data accidental loss, unauthorized access or use, alteration, or distribution.
Data storage is envisaged for the time necessary to fulfill the aforementioned purposes or to comply with possible legal or publication obligations.
In order to determine the appropriate period of personal data storage, PE considers the quantity, nature, and sensitivity of personal data, possible damages resulting from unauthorized use or disclosure, the objectives of data processing, and applicable legal requirements.
8. Links to external websites and third-party services
PE cannot be held responsible for data collection, use, disclosure, and protection by third-party companies such as Meta Platforms Inc., Apple Inc., Alphabet Inc., Microsoft Corp., or any other developer or provider of applications, social media or social networks, operating systems, or wireless devices, even related to personal data the user may share with other companies through PE social media accounts.
9. User rights
The user can ask at any time the confirmation as to whether or not his/her personal data are being processed. Each user has the right to:
- access his/her data and get information about the purposes of the processing, possible recipients or categories of recipients, the envisaged period of personal data storage (if possible), the existence and consequences of data processing based on profiling.
- obtain the rectification of inaccurate or incomplete personal data.
- request the erasure of personal data, provided they are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- request the limitation of data processing, if applicable and legally compliant.
- be granted the portability of his/her personal data to a different Data Controller, receiving data in a structured, commonly used, and machine-readable format.
- object to the processing of his/her personal data and to any decision uniquely based on personal data processing, including profiling.
10. Revision and policy update