1. Name and address of the Data Controller
The Data Controller within the meaning of the GDPR is
Ivoclar Vivadent Schweiz AG
Boulevard Lilienthal 8
8152 Glattpark (Opfikon)
Switzerland
Phone: +423 235 30 65
E-mail: sales.ch@ivoclar.com
2. Data Protection Officer
The Data Protection Officer of the Data Controller can be reached at:
Ivoclar Vivadent Schweiz AG
Att. Data Protection Officer
Boulevard Lilienthal 8
8152 Glattpark (Opfikon)
Switzerland
Phone: +423 235 30 65
E-Mail: dataprotection.zurich@ivoclar.com
3. Introduction
The protection of your personal data and of your private life are very important to us as Data Controller in terms of data privacy. You need to know what information about you is processed through you are joining our VivaPen survey and how your personal related information is used. This privacy policy gives you this information.
Therefore, we obviously comply with the provisions of the EU General Data Protection Regulation (GDPR) and all other locally applicable data protection regulations. It is important to us to inform you about what personal data is collected and processed and what options you have. This privacy policy gives you answers to the most important questions.
Your data will be stored, processed and used in accordance with this privacy policy and the relevant statutory data protection regulations.
4. Your Rights:
If your personal data is processed, you are a data subject within the meaning of the GDPR. You have the following rights against us as the Data Controller:
(1) You have a right to obtain confirmation as to whether and which personal data we process in relation to you.
(2) You have a right to rectification and erasure of this personal data.
(3) You have a right to restriction of processing of your personal data.
(4) You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you. This does not apply if a legal provision obliges or entitles us to collect, process or use this data.
(5) Furthermore, you may withdraw any consent you have previously given to the collection, processing and use of your personal data at any time with effect for the future. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of such consent until the withdrawal.
(6) You also have a right to data portability.
(7) To exercise your rights or for information and/or explanations of your rights, please contact our data protection officer by e-mail or by post (for contact details, see under “Data Protection Officer"). We will be happy to provide you with access to your personal data in our database upon request. The information is free of charge.
(8) In addition, you have the right to lodge a complaint to a data protection supervisory authority about our processing of your personal data.
5. What data is collected and stored
(1) Data or categories of data:
(a) When joining our VivaPen survey, the following data are collected from you and collected by our Data Processor tedico GmbH. Mandatory details required for processing are marked separately when entering, further information is voluntary:
· First Name
· Surname
· Company name
· Email address for correspondence
· ZIP Code and country
· Phone number
· How often VivaPen was in use
· IP address
· Language preference
(2) Data subject groups:
· Customers joining the VivaPen survey.
6. For what purpose are your data collected and stored and how are they used?
We process your personal data to enable you participating our VivaPen Challenge and to collect data about the usage of VivaPen in comparison with conventional bottles of adhesives.
7. Recipients of the data or categories of recipients:
We disclose your personal data to the extent described below:
· Marketing team members of Ivoclar Vivadent AG and affiliated companies (https://www.ivoclar.com/en_li/tools/group-companies) and their employees,
· Data processors and other service providers and contractual partners, to the extent necessary for the fulfilment of our contractual obligations, and
· Public bodies under overriding legal obligations
that are either subject to this Privacy Policy or implement measures that provide at least as much protection as those described in this Privacy Policy and where such disclosure is necessary.
Service provider and contractual partner:
We engage other companies and individuals to perform tasks for us. These third-party service providers and contractors have access to personal data needed to perform their tasks. However, they may not use them for other purposes. Furthermore, they shall process the data in accordance with this privacy policy and the relevant data protection laws.
Protection of the Data Controller:
We disclose personal data about you when we are required to do so by law or to protect our rights.
Data transfer to countries outside the European Economic Area:
When transferring personal data to public authorities in countries outside the European Economic Area (EEA), we always ensure that the transfer of data is in accordance with this privacy policy and applicable data protection laws.
8. Legal basis for data processing by the Data Controller
Insofar as we obtain the consent of the data subject for processing operations involving personal data, this consent shall serve as the legal basis.
Insofar as the processing of personal data is necessary for the fulfilment of a contractual obligation to which our company is subject, this legal obligation serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, this legitimate interest shall serve as the legal basis for the processing.
9. Data erasure and duration of retention
We store your personal information to fulfill our contractual obligations. We will retain your information for as long as is necessary to fulfil the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes for ten years. The personal information will be erased or blocked as soon as the purpose of the retention ceases to apply. In addition, retention may take place if this has been provided for or prescribed by the legislator in decrees, laws or other regulations to which the data controller is subject. Data will also be blocked or erased if a retention period prescribed by the aforementioned standards expires.
We and our Data Processor will delete your personal related data after we finished this project.
10. Data Security
We use up-to-date technical and organisational security measures to protect the data under our control against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. E.G.:
· We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information of you. These security measures include asking you to provide proof of your identity before we disclose any personal information to you.
Our security measures are continuously improved in line with technological developments.
11. Amendment of this privacy policy
We may amend this privacy policy at any time by publishing the amended version. The respective changes will be announced here so that you can find out about them at any time.
Revised: February 2024