Last updated: February 2023
- Who is responsible for your data?
- What types of personal data do we collect, and how?
- Why do we collect personal Data?
- With whom do we share your personal data?
- Will your personal data be transferred abroad?
- How do we protect your personal data?
- For how long do we keep your data?
- What privacy choices do you have when navigating this website?
- What rights do you have in relation to your personal data and how can you exercise your rights?
- Changes to this Data Privacy Notice
Who is responsible for your personal data?
The legal entity responsible for the use of your personal data (so called “Data Controller”) depends on your relationship with us.
If you are a user of this website (www.oerlikon.com), the Data Controller is OC Oerlikon Management AG, Pfäffikon, Churerstrasse 120, 8808 Pfäffikon, Switzerland.
If you have a business relationship with us (e.g. actual or prospective customer, supplier, partner, etc.), the Data Controller is the legal entity you have signed a contract with or are in contact with.
What types of personal data do we collect and how?
Oerlikon collects the below described personal data about you:
- Personal data that you provide to us: We collect personal data that you enter in forms or data fields on our websites or online resources, platforms. Such information includes contact information (such as your full name, email address, postal address, country where you work, and telephone number), professional credentials, information about the company that you represent, communication preferences, the products of interest to you and your company. Are included as well, paper forms filled out during events such as fairs and picture of you when participating in such fairs and marketing events, and any other personal data that you voluntarily provide to us in the text of your enquiries using the contact forms and posts on our blog or any other information voluntarily provided to us later on during our business relationship.
- Personal data from other sources: Furthermore, when you or the legal entity for whom you work, enter(s) into a business relationship with Oerlikon we collect information from official sources about you or your employer entity that is relevant to comply with applicable laws, notably trade control and export control regulations.
Why do we collect personal data?
When you get in contact with us, when you enter into a business relationship with us or just navigate our website, we collect, use, and process personal data about you. The collection, use, and processing of your personal data is done for the following purposes:
- To administer, operate, maintain the normal functioning and ensure the security of our websites and platforms;
- To answer your questions, requests, complaints, orders;
- To improve our websites and services and manage them in line with applicable laws;
- To initiative and maintain our business relationship with you, as recording your contact details in our business relationship management systems and ensuring the follow up of our negotiations and contracts with you;
- To manage our business relationship with you, or the legal entity you work for, in compliance with applicable laws and regulations. This includes notably performing any legally required due diligence, or verification;
- To enable you to use our social media resources. The social media resources currently available from the links on this website, are a blog and the referral functions to share website content with a friend or colleague via email or social media platforms. Please consider carefully what information about yourself you choose to share with others when you use social media resources as your personal data will be seen by a large number of people and potentially shared by social media users multiple times ;
- To send you information about our products, services, events or our newsletter, in the case you have so requested or agreed to it ;
- Grant you access to certain information or offerings;
- To communicate with you on other matters (to send you updates and security alerts).
On the basis of which legal ground do we collect your personal data?
We collect and use personal data about you on the basis of the following legal grounds stated in the EU General Data Protection Regulation 2016/679 (GDPR):
- Your consent (Article 6.1.a) of GDPR):
- This is the case for our direct marketing activities, your consent will be required to send you information about our products and services, events and/or subscribe to our newsletter. More generally, we will leverage on your prior consent where legally required. You can revoke your consent at any time. For example, for stop receiving our newsletter, invites, information on our products and services by email, you can simply click on the “Unsubscribe” link present at the end of all our marketing emails ;
- To take the necessary steps to enter into a contract with you or to fulfil our contractual obligations (Art. 6.1.b) GDPR):
- This is the case notably when we enter into a discussion or negotiation with you and that we need some information about you and the company you represent for such purpose;
- The necessity to pursue our legitimate interests (Art. 6.1.f) GDPR), especially:
- when we engage suppliers to obtain IT support for the storage, maintenance, functioning or security of our websites and applications;
- when we respond to your questions online;
- when we enter your contact details in our business relationship management systems to maintain our business relationship with you;
- when we use personal data in order to improve our websites, our services or our events and the way we interact with you;
- when we archive our contractual documents or communications with you, in order to perform our contractual or legal obligations or defend our rights and interests before a court or regulator.
- The necessity to comply with applicable laws and regulations (Art.6.1.c) GDPR)
- This is the case for example when we perform some due diligence or verification about you before entering into a business relationship with you.
With whom do we share your personal data?
- Oerlikon group companies: Given the Global footprint of Oerlikon activity, organization and IT infrastructure, your personal data may be stored and accessed overseas for the purposes mentioned above. OC Oerlikon Corporation AG, Pfäffikon, Switzerland provides IT support for the day to day technical administration and management of this website and of some applications managed centrally for the benefit of all Oerlikon group companies. Within our two divisions Surface Solutions and Polymer Processing Solutions, some services are also centralized (within the EU) as the management of some customer relationship management applications. When you request information about products offered by one of our subsidiaries, or when several Oerlikon entities work on the performance of a contract to provide you with the ordered final product, your personal data may be shared with the concerned Oerlikon entities in order to properly answer your query.
- Third party service providers: We employ third party service providers engaged by us to perform certain tasks and services on our behalf and under our instructions. We use external service providers to help us with the administration and management of this website, with the provision, maintenance, storage of IT applications to host our data centers, to deliver electronic communications, to assist us in preventing fraud and ensuring the security of our IT systems and compliance with all applicable laws notably data protection, export control, ITAR, and trade control laws and regulations. Any third-party provider has access only to the personal data needed to perform its specific services. Third parties that have access or process our personal data do have entered into data processing agreements with us and committed to only use the personal data for the agreed outsourcing purpose and in line with our instructions, to protect your personal data, and not to sell such data to other third parties.
- Courts, regulators and Law enforcement: Your personal data may be disclosed to a court or regulator when we have a litigation with you and when we are legally required to disclose such personal data to a public authority, court, regulator, competent law enforcement authorities. Any request from public authorities, courts, regulators will be carefully analyzed, on a case by case basis, in light of applicable data protection laws and international judicial assistance rules in criminal, administrative and civil matters.
We will not sell, share, or otherwise disclose your personal data to third parties except as indicated above.
Will your personal data be transferred abroad?
How do we protect your personal data?
Oerlikon has set up and maintain technical, physical and organizational measures to protect your personal data against the risks of accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access..
For how long do we keep your data?
What rights do you have in relation to your personal data and how can you exercise your rights?
You have the rights to:
- obtain information about personal data we hold about you and how we use it and obtain a copy of it.
- obtain the correction or the erasure of your personal data if it is incomplete, incorrect or outdated.
- request a restriction of use of your personal data and require Oerlikon to not further process your personal data where the data is outdated, incorrect or unlawfully used.
- object at any time, on grounds relating to your particular situation, to the processing of your personal data. Oerlikon will no longer process the personal data unless it has compelling legitimate grounds for the processing or if it is necessary for the establishment, exercise or defense of legal claims.
- withdraw your consent at any time, if your personal data have been collected on the basis of your prior consent. In case of consent withdrawal, your personal data will not be used anymore by us. Please note that you can object at any time to the use of your personal data for direct marketing purposes, by clicking on the “unsubscribe” link present at the end of all our direct marketing emails (i.e. invites to events, newsletter, emails making the promotion of our products/services);
- request a copy in a structured, commonly used and machine-readable format of your personal data collected on the basis of your prior consent or in order to conclude or perform a contract, and request that we send it to you or another company.
In order to exert the abovementioned rights, or to share any concern about our use of your personal data, you can contact our Global Data Protection Officer at firstname.lastname@example.org. Please indicate the Oerlikon legal entity you are in contact with, the purpose and scope of your request or concern, your contact details. If we have any doubt about your identity, we reserve the right to ask for a copy of an ID. You have the right to lodge a complaint with the data protection supervisory authority in the country where you are located or where the Data Controller is located, in circumstances where your personal data would not be used in compliance with applicable data protection law.
Changes to this data privacy notice