Data protection

Data Protection

BWB-Holding AG and its subsidiaries (‘BWB’, hereinafter also ‘we’) are pleased to have you as visitor to our website. We process and use personal data collected during your visit on our website confidentially and in strict accordance with applicable data protection laws. Protecting the personal data of website users is a top priority for us.

The BWB website is governed by Swiss data protection law, including particularly the Federal Data Protection Act (DSG) and any applicable foreign data protection laws such as the General Data Protection Regulation (GDPR) of the European Union (EU). The EU recognises Swiss data protection law as affording adequate data protection.

We may revise our Privacy Policy at any time through amendments published on this website.
Access to our website is via the Secure Sockets Layer (SSL) security technology of DigiCert Inc., 2801 North Thanksgiving Way, Suite 500, Lehi, Utah 84043, USA.

Processing of personal data

‘Personal data’ refers to any information relating to a specific or identifiable person. A ‘data subject’ is a person whose personal data is processed. Editing includes any handling of personal data irrespective of the means or processes employed, including but not limited to the storing, publishing, obtaining, deleting, saving, modifying, destroying and using of personal data.

We process personal data in accordance with Swiss data protection law. We also process personal data on the following legal bases to the extent the GDPR is applicable:

  • Art. 6 (1) a GDPR when processing personal data with the consent of the data subject.
  • Art. 6 (1) b GDPR when the processing of personal data is necessary in performance of a contract with the data subject or in order to take steps at the request of the data subject prior to entering into a contract.
  • Art. 6 (1) c DSGVO when the processing of personal data is necessary for compliance with a legal obligation to which we are subject under applicable EU law or with the applicable laws of a country in which the GDPR fully or partially applies.
  • Art. 6 (1) d GDPR when processing of personal data is necessary in order to protect the vital interests of the data subject or another natural person.
  • Art. 6 (1) f GDPR when the processing of personal data is necessary in order to protect the legitimate interests pursued by us or by third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Legitimate interests include in particular our business interest in being able to make our website available, data security, the assertion of our own legal claims and compliance with Swiss laws.

We process personal data for as long as necessary to fulfil the respective purpose or purposes. We restrict processing appropriately when subject to longer-term retention requirements under laws or other obligations to which we are subject.

We process personal data for as long as necessary to fulfil the respective purpose or purposes. We restrict processing appropriately when subject to longer-term retention requirements under laws or other obligations to which we are subject.

Third-party services

Hostpoint AG / Logaholic BV

Our website is hosted by Hostpoint AG in 8640 Rapperswil-Jona, Switzerland. Hostpoint AG generates standard web server log files each time this website is accessed which contain the following information:

  • IP address
  • Date and time (with time zone)
  • Browser request, including request origin (referrer)
  • Operating system used, including user interface and version
  • Browser used, including language and version
  • Data transmission volume, length of stay and clicking behaviour

These log files are used to identify technical problems, ensure security and statistically evaluate usage of our website. We use the standard tool Logaholic Web Analytics provided by Logaholic BV, 1114 AK Amsterdam, Netherlands, for statistical evaluation of usage of our website without referencing personal data.

Google Maps

We utilise the Google Maps API (Application Programming Interface) for embedding maps. This service, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, utilises cookies, among other elements, and data may also be transmitted to Google LLC in the United States. We use this service on the assumption that no personal tracking of your use of our website takes place within this framework. Google Ireland Limited undertakes to ensure adequate data protection under the US-European and US-Swiss Privacy Shields.
For further information, see the Google Privacy Policy below. We utilise Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Among other elements, Google Analytics employs ‘cookies’, which are text files stored on your computer to enable analysis of your website usage. The information generated by the cookie about your use of this website is generally sent to a Google server in the US and stored there. Your IP address however is first truncated by Google in European Union member states and in states party to the Agreement on the European Economic Area. Only in exceptional cases is the complete IP address sent to a Google server in the US and truncated there. Google uses this information as commissioned by the operator of this website to evaluate your use of the website as basis for compiling reports on website activity. The IP address provided by Google through Google Analytics is not collated with other Google data. You may prevent cookies from being stored by configuring your browser accordingly. You can also disable the collection of data generated by cookies and of data relating to your usage of the website (including your IP address) by Google and disable the processing of this data by Google by downloading and installing a browser plug-in made available via the following link: tools.google.com/dlpage/gaoptout

For further information see https://www.google.de/intl/de/policies/ ( the General Information on Google Analytics and Data Protection) or click here www.google.com/privacy/privacy-policy.html.

MailChimp / E-Mail-Newsletter

You can register to receive a free newsletter. To send out the newsletter we employ a ‘double opt-in’ procedure, which means we will only send you the newsletter by e-mail if you have first expressly confirmed your wish that we activate the newsletter service. Upon registration we send a notification e-mail to the e-mail address you have provided asking you to confirm your wish to subscribe to our newsletter by clicking a link in the e-mail.

You may at any time object to the use of your data for marketing purposes by notifying us accordingly by e-mail, with non-retrospective effect. You may also simply send a corresponding text message to newsletter@bwb-group.com, or a message using the contact data listed below. An ‘unsubscribe’ link is also provided in every newsletter.
Your data are processed with your consent for the purpose of sending out the newsletter. Your data is deleted if you do not confirm subscription to the newsletter and if you unsubscribe from the newsletter. No usage for other purposes takes place.

The newsletters are distributed by MailChimp, an American newsletter distribution platform operated by the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The e-mail addresses of our newsletter recipients and their other data, as specified in these advisories, are stored on MailChimp servers in the US. MailChimp uses this data to send out newsletters and evaluate this service on our behalf. According to MailChimp information, MailChimp may also use this data to optimize or improve its own services, for example technical optimization of shipping processes, newsletter design or business purposes relating to identifying the country locations of recipients. MailChimp does not however use the data of our newsletter recipients for correspondence with them, and does not disclose such data to third parties. .

The MailChimp Privacy Policy may be found here: https://mailchimp.com/legal/privacy
The newsletters contain what is called a ‘web beacon’, which is a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. The technical data thereby retrieved include information about your browser and system, your IP address and time of opening, among other data. This information is used for technical service improvements based on the technical data or target audiences and their reading habits, based on the locations when opening the newsletter (determinable via IP address) or based on access times.

Statistics are also gathered on whether and when newsletters are opened and what links are clicked on. It is technically possible to reference this data to individual newsletter recipients, but neither we nor MailChimp are interested in observing individual user behaviour. Rather, these evaluations help us gauge the reading habits of our users so we can adapt our content to meet their preferences or send out differentiated content based on the interests of our users.

Rights of data subjects

Visitors to our website and other persons whose personal data we process may demand to be informed, free of charge, of what personal data of theirs we are processing if any, may demand information regarding how we process and/or restrict processing of their personal data and about their data portability rights, may demand erasure of their personal data (“right to be forgotten”) and restriction thereof from processing, may revoke previously granted consent and may lodge objection to the processing of their personal data as provided for under the GDPR.

Persons whose personal data we process have the right to appeal to their competent data protection supervisory authority. In Switzerland, the data protection supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC).

Contact addresses and responsibility

Most inquiries from supervisory authorities and data subjects we receive are sent by e-mail but sending inquiries by post is an option.

The party responsible for overseeing data protection at BWB-Holding AG and its Swiss subsidiaries is the Data Protection Commissioner for Switzerland:

BWB-Holding AG
Marc Pfenninger
Dallenwilerstrasse 20
CH-6370 Stans-Oberdorf

E-mail: datenschutz@bwb-group.com

The responsible Data Protection Representative in the EU, acting as representative vis-a-vis supervisory authorities and data subjects per Art. 27 GDPR and responsible for overseeing data protection at Nehlsen-BWB Flugzeug-Galvanik Dresden GmbH & Co. KG is the Data Protection Commissioner for Germany:

Nehlsen-BWB Flugzeug-Galvanik Dresden GmbH & Co. KG
Simone Irrgang
Grenzstrasse 2
D-01109 Dresden

E-mail: datenschutz@flugzeuggalvanik.de

Competent supervisory authority: Free State of Saxony/Data Protection Commissioner for Saxonyhttps://www.saechsdsb.de

The party responsible for overseeing data protection at BWB Surface Technology SRL is the Data Protection Commissioner for Romania:

BWB Surface Technology S.R.L.
Adriana Iancovici
Str. Hermann Oberth 30
RO-507075 Ghimbav / Braşov / Judetul Braşov

E-mail: privacy@bwb-group.com


Supervisory authority : Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal https://www.dataprotection.ro

The party responsible for overseeing data protection at BWB-Alucol BV is the Data Protection Commissioner for the Netherlands:

BWB-Alucol B.V.
Frank Veelenturf
Soerendonck 3
NL-6086 BW Neer

E-Mail: privacy@alucol.nl

 

Last updated: 1 January 2019