PRIVACY POLICY

I – GENERAL INFORMATION

  1. General information
    • This section contains all information concerning the website of SVA Group SA, which can be reached at the URL: https://svadvisory.com/.
    • This policy also has value under Art. 13 of the EU Reg. 2016/679 (GDPR – General Data Protection Regulation) on the protection of individuals concerning the processing of personal data and the free movement of such data. Therefore, the purpose of this policy is to inform Users of the site (who qualify as data subjects under the GDPR) about the processing operations carried out by this website, the types of data processed, the methods of their processing, and the retention times by SVA Group SA.
    • This website is intended only for Users over the age of 18. By connecting to https://svadvisory.com/ and, if applicable, voluntarily providing personal data, the User declares that he/she is over the age of 18.
    • Although SVA Group SA has its headquarters in Switzerland, this disclosure is made as part of the company’s adaptation to the GDPR. The adaption has already been completed through the adoption of all updated documentation and procedures, the performance of congruous risk analysis, and the implementation of technical and organizational measures appropriate according to the level of risk. This fulfillment has become necessary because the processing of personal data by it – not only through this site – may involve the processing of data of EU residents. At the same time, this notice is also provided according to the Federal Data Protection Act of 1992 (DPA 1992).

II – PARTIES INVOLVED IN DATA PROCESSING

  1. Data controller and data protection officer (so-called DPO).
    • The data controller is the natural or legal person, public authority, service, or other body which, individually or jointly with others, determines the purposes and means of processing personal data. According to Article 25 GDPR, the controller is also required to identify and take appropriate technical and organizational measures to ensure a level of security of the personal data it processes that is appropriate to the risk generated by the processing operations performed as well as related to other relevant circumstances. A similar definition is formulated in Article 3 DPA 1992 regarding the Holder of a data collection, defined as the person who decides on the purpose and content of the data collection.
    • Concerning this site, the data controller is the company SVA Group SA, with its registered office in Chiasso (CH), 6830, Corso San Gottardo 8/A.

To the owner, interested parties may refer for any clarification or to exercise the rights that are recognized to them by Art. 15 – 22 EU Reg. 2016/679 at the following addresses:

SVA Group SA, headquartered in Chiasso (CH), 6830, Corso San Gottardo 8/A

e-mail: info@svadvisory.com

Phone: +41 91 6950090

  1. Responsible for data handling
    • The responsible for data handling is the individual or legal entity, public authority, service, or other entity that processes personal data on behalf of the data controller. The data controller, in the performance of personal data processing activities related to the management of this website, makes use of services rendered by companies that, in the provision of the same, process data on behalf of the data controller; these companies have been appointed, when necessary, under Article 28 GDPR, external data controllers.
  2. Place of data handling
    • Personal data are recorded and stored in electronic databases owned by the company owner as well as, where applicable, by external data processors; processing related to the management of this website is carried out at the headquarters of the company owner as well as at the offices of companies that provide services essential to the operation of the website itself (such as the hosting service provider).

III – DATA HANDLED

  1. Types of data handled
    • This website collects information through log files exclusively in an anonymous form for the sole purpose of compiling statistics regarding the use of the site, as well as verifying its proper functioning. This information will be processed according to the legitimate interests of the owner.
    • The following personal data of Users may also be collected and subsequently processed by the owner and data processors:
  • first and last name and/or e-mail address of the User (only if voluntarily provided by the User, such as by sending an e-mail to the owner)
  • additional personal data of the User (only if voluntarily provided by the User, such as by sending an e-mail to the holder)
  • IP (Internet Protocol) address of the User
  • technical cookies.
    • If the User voluntarily sends his/her Curriculum Vitae to the owner with a view to the possible establishment of a working relationship or requests for collaboration, the relevant data will be examined. In case of saving for future working collaborations, summary information will be provided to the User following the regulations in force.
  1. Purpose of handling and data retention period
    • Personal data referred to in Article 5.2. are collected and handled for the following purposes:
      • delivery of services provided by the website
      • response to contact requests transmitted by Users by sending an e-mail
      • delivery of newsletters about the Company’s activities to Users who request the subscription to the mailing service by manifestation of the appropriate consent
      • sending business proposals to Users who express consent to the sending
      • fulfillment of obligations imposed by applicable regulations (accounting, fiscal, etc.).
    • The personal data referred to in Art. 5.2. will be kept for the period strictly required to achieve the purposes indicated above unless it is required to keep them due to legal obligations. The data may also be retained for as long as necessary – by the owner or any responsible parties – to ascertain, exercise, or defend a right of theirs in a court of law, within the statute of limitations of any related actions exercisable against them.
    • In the case of handling personal data based on the legal basis of the User’s consent, the owner may keep the personal data until it is revoked.
  2. Legal basis for data handling
    • The legal bases for personal data handling indicated in Article 5.2. are as follows:
      • for the purposes set out in Articles 6.1.1 and 6.1.2, the legal basis for processing is the provision of a service at the request of interested parties, according to Art. 6 para. 1 letter b) GDPR (contractual basis)
      • for the purposes referred to in Articles 6.1.3 and 6.1.4, the legal basis for the processing is the free, specific, informed, and unambiguous consent of the interested party under Art. 6 para. 1, letter a) GDPR (consent)
      • for the purpose referred to in Art. 6.1.5, the legal basis for the processing is the fulfillment of a legal obligation to which the controller is subject under Art. 6 para. 1, letter c) GDPR (legal obligation).
  1. Social Network Plugin
    • This website does not incorporate plugins and/or buttons for social networks; in fact, it only contains links to the pages of the Owner and its main contributors on the various social networks. By clicking on such links, the User exits the Owner’s website and, consequently, from the scope of applicability of this policy. For the personal data handling carried out by these social networks, on which the Owner has no responsibility, please refer to the relevant information under Article 13 GDPR rendered by each site.

IV USER RIGHTS

  1. User rights
    • Article 13 para. 2 GDPR lists the User’s rights.

The owner informs the User about the rights recognized to the same by Articles 13, para. 2, letters b) and d), 15, 16, 17, 18, 19, and 21 GDPR and precisely the rights of: access to data (art. 15 GDPR and art. 10 LPD 1992); rectification (art. 16 GDPR), cancellation (art. 17 GDPR), restriction of data processing (art .18 GDPR); data portability (art. 20 GDPR); objection to processing (art. 21 GDPR); revocation at any time of one’s consent that may have been given (art. 13 par. II letter c) GDPR).

Requests can be addressed to the data controller, without formalities or by using the template provided by the Data Protection Authority, by sending an email to: info@svadvisory.com

  • If the processing is based, as indicated in Art. 6.3, on the User’s consent, the User has the right to revoke it at any time without affecting the lawfulness of the processing carried out before said revocation.
  • At the same time, if the User believes that the personal data handling by this site violated the current legislation, he/she has the right to file a complaint with the competent Control Authority.

V – NATURE OF SUBMISSION

  1. Nature of submission of User data
    • The provision of personal data referred to in Art. 5.2. – as well as the consent to the processing of data, when required – is mandatory for the fulfillment of the purposes indicated in the Art. 6: any refusal to provide such data (or to express consent to their processing, when required) makes it impossible for the owner to provide the relevant services, to follow up on the User’s request (to subscribe to the newsletter or to receive commercial communications) or to fulfill the legal obligations placed on it by the current legislation.

VI – DATA TRANSFER TO NON-EU COUNTRIES

  1. Transfer of the data of the interested party to countries outside the EU
    • No data will ever be transferred to third countries that do not comply with the conditions outlined in Articles 45 et seq. – in particular, Article 46 – of EU Reg. 2016/679.

VII – SECURITY

  1. Misure di sicurezza implementate dalla titolare
    • This website handles Users’ data in a lawful manner that complies with the GDPR and DPA 1992. Appropriate security measures are also taken to ensure the security of data and related processing operations, taking into account the mapped risk profiles and the need to prevent data breaches in the form of unauthorized access, unauthorized disclosure, modification, or destruction of data.
    • Any authorized data subjects employed by the owner who are involved in the management of the site or the processing operations of the data collected through it may have access to the data handled; in addition, any external data processors who are called upon to outsource services to the owner necessary for the operation of the site may have access to the data.

VIII – COOKIE

  1. Different types of cookies
    • The https://svadvisory.com/ website uses cookies directed at making navigation simpler and more intuitive for the User.
    • Cookies are small strings of text used to store certain information that may relate to the User, their preferences, or the device used to access the site; this information is collected to provide the User with a personalized browsing experience by storing the User’s previous choices and adapting the operation of the site accordingly.
    • Cookies may record personal information about the User: the User, if he/she so wishes, may delete all (or some) cookies by following the instructions in Art. 17.
  2. Technical cookies
    • Technical cookies allow the User to navigate the site, and they facilitate access to it, as well as the enjoyment of its contents. They, therefore, are necessary for the transmission of communications over electronic networks or for the owner to provide the requested service.
    • The settings to disable, manage or delete cookies vary depending on the browser used by the User. It should be noted that, in some cases, disabling or deleting cookies may slow down or prevent access to certain parts of the site.
    • Regarding the retention period of cookies, two types can be distinguished: temporary ones, which are automatically deleted at the end of the browsing session and have the function of allowing the identification of the User, making it so that the User does not have to log in again each time a page is visited; permanent ones, which are stored in the browser for a preset duration or until deleted by the User.
    • The site may also install session cookies in the browser. These allow the User to access (and consequently stay) in the restricted area of the site as an authenticated User until the logout is operated by the same.
  3. Third-party cookies
    • Based on the origin, cookies can be distinguished between those directly sent to the browser used by the User from the site being visited and those prepared by third parties.
    • Most third-party cookies are tracking cookies used to track Users’ online behavior and use the information collected for the provision of such third parties’ own services: the operation of these cookies is governed by the rules prepared by the third parties who have prepared them, available on their sites, to which please refer.
  4. Profiling cookies
    • Profiling cookies are those aimed at creating a profile of the User in order to then send him/her advertising messages in line with the preferences previously expressed.
    • With reference to this type of cookies, if any, the User must give explicit consent to their use.
  5. Configuration of the browser used by the User
    • The User can manage cookies through the settings of the browser he/she uses.
    • To know in detail how to configure cookies, the User can refer to the specific page of the main browsers.
    • To receive more information and get support on the point, the User can visit the specific page of the main browsers:

IX. AMENDMENTS TO THE PRESENT DOCUMENT

  1. Changes to the site’s privacy policy
    • This privacy policy, published at https://svadvisory.com/privacy-policy/, may be – as needed – freely modified by the owner; therefore, Users are encouraged to constantly monitor this document.
    • This privacy policy was last updated on 08.07.2022 to comply with the GDPR and the Federal Data Protection Act of 1992.