PRIVACY
Dedalus’ Commitment to the Protection of Personal Information.
DEDALUS GROUP GLOBAL DATA PROTECTION POLICY
Dedalus’ Commitment to the Protection of Personal Data
INTRODUCTION
The Dedalus Group Global Data Protection Policy (the “Policy”) articulates the data protection principles followed by the Dedalus Group (“Dedalus”), its business units, and its employees around the world with regards to personal data processing.
These principles are aligned to the highest standards in international trade and commerce and human resource management. Dedalus’s commitment to these high standards reflects the value we place on earning and maintaining the trust of our employees, clients, business partners, and other stakeholders whose data is shared with us.
Dedalus will process personal data in accordance with this Policy and the applicable data protectionlaws.
In the regular course of business, Dedalus collects personal data from its customers, suppliers, employees, website users, job applicants, contractors, shareholders, partners, , other third parties and exceptionally, for products used directly by end users, may collect data from end users.
Dedalus recognises that personal data must be treated with caution. We are committed to conducting our business in accordance with all relevant data protection laws of the countries in which we operate and in line with the highest standards of ethical conduct.
If you have questions or comments about this policy, please contact us at [email protected]
SCOPE AND APPLICABILITY
This Policy applies to all Dedalus affiliates and entities. It defines the conduct expected of each Dedalus employee, officer, and director when processing data of Dedalus’ customers, suppliers, employees, website users, job applicants, contractors, shareholders, partners, end users of the services, and other third parties.
Personal data may be collected from individuals through a variety of means, including, for example, through websites, other ordering channels, and service or employment processes.
This Policy aims to facilitate data protection by design and by default principles in the engineering and implementation of systems and processes by Dedalus. Therefore, among other things, it is intended to govern customer and employee data protection policies, and to influence system implementation standards, rulebooks, business processes, applications, web, product, and service developments, and technology roadmaps.
This Policy is designed to ensure that personal data will be protected regardless of geography or technology, when used within the Dedalus Group, and applies to Dedalus’ processing of personal data.
This Policy is organised around five underlying commitments:
- Collecting and processing personal data fairly and lawfully
- Respecting individual rights and choices
- Managing personal data responsibly and securely
- Implementing the data protection by design and by default paradigms
- Cooperation with Supervisory Authorities
This Policy defines Dedalus’ uniform and baseline standards which apply in the absence of more stringent rules which may be mandated by local laws.
To the extent legally required or permitted by national laws, this Policy applies worldwide to all directors, officers, executives, employees, and contracted representatives of all Dedalus companies. As well, specific practices shall be tailored to meet the legal, regulatory, and cultural requirements of the countries and regions in which Dedalus operates. Furthermore, in all cases where the negotiated terms in any Dedalus service agreement call for a level of protection for the data processed by or entrusted to Dedalus which exceeds minimal legal requirements, then those negotiated terms shall prevail.
Internal implementation rules, guidelines and training are provided with all necessary supporting documentation to act according to this Policy.
KEY COMMITMENTS
Dedalus is committed to complying with applicable data protection laws. Dedalus is audited regularly internally and by third parties, maintains certifications, and provides industry-standard contractual protections and appropriate technical and organizational measures to strengthen the compliance with applicable data protection laws.
Dedalus will process personal data only as permitted or required by applicable laws and in accordance with the following data protection principles.
COLLECTING AND PROCESSING DATA FAIRLY AND LAWFULLY
Dedalus informs clearly, honestly, and transparently about the nature of the data it collects and what it intends to do with it. The use of data by Dedalus for a different purpose than initially communicated is not authorised, unless adequate information is provided to the concerned individuals, and where applicable, consent for the intended use is given to Dedalus. In general, Dedalus is authorised to use data for secondary purposes when implementing internal controls and audits and complying with its statutory and regulatory obligations.
Dedalus processes data only to the extent that an appropriate legal basis exists, such as a valid and informed consent, Dedalus’ legitimate business interests, and/or the necessity to enter or perform contracts and complying with statutory or regulatory commitments.
Any consent given by individuals to the collection and use of their data must be given freely and in response to a clear information by Dedalus about the intended use of the data. Such consent can be withdrawn anytime by the individual without undue complications.
When processing data on behalf of a client or another third party, Dedalus will comply with the guidelines and instructions of the data controller in addition with this Policy.
Dedalus will take reasonable steps to, and where Dedalus is a processor provide customers with a means to, ensure that data is accurate and updated, keep personal data only for as long as necessary for the purposes for which it is collected and used, and to delete or render it anonymous after such retention requirements have been met.
RESPECTING INDIVIDUALS’ RIGHTS AND CHOICES
Dedalus recognises the rights of individuals to:
- Request access to the data collected on them by Dedalus and the reason for Dedalus having such data
- Obtain a copy of the personal data held on them
- Request the rectification or deletion of inaccurate or incomplete data
- Withdraw consent given to Dedalus for the collection of their data at any time.
Dedalus will respond to requests made by individuals exercising their rights within a reasonable period after the individual’s request or within any specific period that may be required by applicable local laws.
Dedalus will handle and investigate complaints made by individuals about any breach of these rules or data protection laws and will respond to such complaints in a timely manner.
We respect customers’ rights to object to the use of their data or to opt out of receiving direct marketing communications. When using personal data for marketing purposes, Dedalus will inform individuals in a clear and plain language about the use of their data for such purposes. Dedalus respects the right of its existing and prospective customers to:
- only receive marketing communications from Dedalus if an explicit and specific prior consent has been provided, when required by applicable laws, or if Dedalus can demonstrate that it is authorised to send such communications for its legitimate business purposes
- no longer receive any marketing communications if a specific preference setting, an opt-out or an objection to use such data for marketing purposes has been received by Dedalus.
We use sensitive personal data only if it is necessary. Dedalus recognises that some categories of personal data are particularly sensitive and require a higher level of protection. Sensitive data includes information regarding a person’s health, biometric and genetic data, religion, and political opinions, racial or ethnic origin, criminal records and any other information protected specifically by the relevant applicable data protection laws.
Dedalus implements adequate procedures and safeguards to restrict access to sensitive data only by appropriate persons and prevent its unauthorised access, use and dissemination.
MANAGING DATA RESPONSIBLY AND SECURELY
Dedalus is accountable for fulfilling the requirements sets out in this Policy and under applicable law. Dedalus takes the necessary measures to observe the requirements of this Policy and applicable law and have the necessary internal mechanisms in place to demonstrate such observance. Dedalus employs data protection practices designed to support its compliance with this Policy and applicable law and provides internal controls to verify compliance with data protection laws and related
Dedalus policies and procedures.
Dedalus strives to protect data with appropriate technical and organizational measures to ensure their confidentiality, integrity, and availability and to prevent the risk of unauthorised or unlawful access, alteration, destruction, or disclosure.
As far as Dedalus has been managing the data and the security breach was directly involving Dedalus systems and services Dedalus will inform individuals of a security breach affecting their data that could pose a high risk to their rights and freedoms in accordance with applicable laws.
Dedalus requires from its suppliers or subcontractors that they fully comply with Dedalus data protection policies and any applicable data protection legislation and maintain adequate technical and organisational security measures to protect data.
Dedalus limits data access to its employees or suppliers who need to perform specific tasks in relation with such data. Dedalus makes available training and programs to educate and raise awareness among employees for their individual and collective legal, regulatory, and contractual responsibilities regarding data processing.
In accordance with applicable law, Dedalus provides reasonable assistance to its customers, where Dedalus is a processor, to ensure the security of their processing and will inform the customers of a security breach as required under such laws.
When data is transferred, we ensure that we have taken steps to protect them before transfer. Dedalus transfers personal data across national boundaries only when this is justified for business purposes and safeguards exist to ensure that data will continue to be adequately protected in the jurisdiction of destination.
If the processing is likely to result in a high risk to individuals, Dedalus conducts an impact assessment to identify risks that the processing may cause to the rights of individuals and eliminate or reduce such risks.
Dedalus has set a global data protection office which is responsible to implement this Policy, to promulgate additional data protection related policies, and to provide strategically coordinated data protection related compliance and other services and resources to the Dedalus business units.
IMPLEMENTING THE DATA PROTECTION BY DESIGN AND BY DEFAULT PARADIGMS
Dedalus, from the moment in which data processing activity is designed, implements appropriate technical and organisational measures to effectively implement the principles of data protection, and integrates the necessary safeguards into the processing to meet the regulatory requirements and protect the rights of individuals, considering the technology state of the art, the cost of implementation and the nature, scope, context and purposes of processing, and the risks for rights and freedoms of individuals posed by the data processing.
Dedalus also guarantees that, by default, only data that is necessary for each specific purpose of the processing are processed. This obligation applies to the amount of data collected, the extent of processing, the retention period, and the accessibility to the data.
To adhere to these principles, Dedalus business units must, whenever designing or carrying out new projects, services, systems, or products that entail data processing, ensure they meet the requirements of data protection by design and by default. For this purpose, Dedalus also requires specific pertinent safeguards and functions from suppliers, software developers and other third parties during the design phase of such projects. Wherever a new project, service, system, or activity implies
data processing, the business unit engaging in this activity must verify the technical documentation, safeguards, functions, and measures adopted to ensure data minimisation and minimisation of the potential risks for the individuals.
COOPERATION WITH SUPERVISORY AUTHORITIES
Dedalus will cooperate with any competent national or regional supervisory authority responsible for supervising applicable data protection law that has good cause to question any processing of personal data by Dedalus and will comply with such competent supervisory authority’s decisions on any issue related to this Policy.
VIOLATIONS
Non-compliance with this Policy may be regarded as a serious breach of the trust Dedalus must be able to place in its staff. Non-compliance by an employee may therefore result in a sanction, such as suspension or other disciplinary measures or measures under labour law. Non-compliance by staff members that are not employees may result in termination of the relevant contract. Staff will not be penalized for raising issues relating to compliance with this Policy.
CHANGES TO THIS POLICY
This Policy supersedes all previous Dedalus data protection policies to the extent they address the same issues and are not consistent with this Policy or impose less restrictive requirements.
Dedalus reserves the right to modify this Policy. Any material changes will be notified on Dedalus’s website.
CONTACT DETAILS OF DATA PROTECTION OFFICER
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address:
for Dedalus S.p.A [email protected]
for companies based in UK [email protected].
for companies based in France [email protected]
for companies based in Germany/Austria [email protected]
for companies based in Italy [email protected]
Current version: [Dedalus – privacy policy – v. 1]
Last updated: [September 2021]
__________________________________________
DEDALUS GROUP GLOBAL DATA PROTECTION POLICY – AMPHI SYSTEMS
Dedalus’ Commitment to the Protection of Personal Data
INTRODUCTION
The Dedalus Group Global Data Protection Policy (the “Policy”) articulates the data protection principles followed by the Dedalus Group (“Dedalus”), its business units, and its employees around the world with regards to personal data processing.
These principles are aligned to the highest standards in international trade and commerce and human resource management. Dedalus’s commitment to these high standards reflects the value we place on earning and maintaining the trust of our employees, clients, business partners, and other stakeholders whose data is shared with us.
Dedalus will process personal data in accordance with this Policy and the applicable data protectionlaws.
In the regular course of business, Dedalus collects personal data from its customers, suppliers, employees, website users, job applicants, contractors, shareholders, partners, , other third parties and exceptionally, for products used directly by end users, may collect data from end users.
Dedalus recognises that personal data must be treated with caution. We are committed to conducting our business in accordance with all relevant data protection laws of the countries in which we operate and in line with the highest standards of ethical conduct.
If you have questions or comments about this policy, please contact us at [email protected]
SCOPE AND APPLICABILITY
This Policy applies to all Dedalus affiliates and entities. It defines the conduct expected of each Dedalus employee, officer, and director when processing data of Dedalus’ customers, suppliers, employees, website users, job applicants, contractors, shareholders, partners, end users of the services, and other third parties.
Personal data may be collected from individuals through a variety of means, including, for example, through websites, other ordering channels, and service or employment processes.
This Policy aims to facilitate data protection by design and by default principles in the engineering and implementation of systems and processes by Dedalus. Therefore, among other things, it is intended to govern customer and employee data protection policies, and to influence system implementation standards, rulebooks, business processes, applications, web, product, and service developments, and technology roadmaps.
This Policy is designed to ensure that personal data will be protected regardless of geography or technology, when used within the Dedalus Group, and applies to Dedalus’ processing of personal data.
This Policy is organised around five underlying commitments:
- Collecting and processing personal data fairly and lawfully
- Respecting individual rights and choices
- Managing personal data responsibly and securely
- Implementing the data protection by design and by default paradigms
- Cooperation with Supervisory Authorities
This Policy defines Dedalus’ uniform and baseline standards which apply in the absence of more stringent rules which may be mandated by local laws.
To the extent legally required or permitted by national laws, this Policy applies worldwide to all directors, officers, executives, employees, and contracted representatives of all Dedalus companies. As well, specific practices shall be tailored to meet the legal, regulatory, and cultural requirements of the countries and regions in which Dedalus operates. Furthermore, in all cases where the negotiated terms in any Dedalus service agreement call for a level of protection for the data processed by or entrusted to Dedalus which exceeds minimal legal requirements, then those negotiated terms shall prevail.
Internal implementation rules, guidelines and training are provided with all necessary supporting documentation to act according to this Policy.
KEY COMMITMENTS
Dedalus is committed to complying with applicable data protection laws. Dedalus is audited regularly internally and by third parties, maintains certifications, and provides industry-standard contractual protections and appropriate technical and organizational measures to strengthen the compliance with applicable data protection laws.
Dedalus will process personal data only as permitted or required by applicable laws and in accordance with the following data protection principles.
COLLECTING AND PROCESSING DATA FAIRLY AND LAWFULLY
Dedalus informs clearly, honestly, and transparently about the nature of the data it collects and what it intends to do with it. The use of data by Dedalus for a different purpose than initially communicated is not authorised, unless adequate information is provided to the concerned individuals, and where applicable, consent for the intended use is given to Dedalus. In general, Dedalus is authorised to use data for secondary purposes when implementing internal controls and audits and complying with its statutory and regulatory obligations.
Dedalus processes data only to the extent that an appropriate legal basis exists, such as a valid and informed consent, Dedalus’ legitimate business interests, and/or the necessity to enter or perform contracts and complying with statutory or regulatory commitments.
Any consent given by individuals to the collection and use of their data must be given freely and in response to a clear information by Dedalus about the intended use of the data. Such consent can be withdrawn anytime by the individual without undue complications.
When processing data on behalf of a client or another third party, Dedalus will comply with the guidelines and instructions of the data controller in addition with this Policy.
Dedalus will take reasonable steps to, and where Dedalus is a processor provide customers with a means to, ensure that data is accurate and updated, keep personal data only for as long as necessary for the purposes for which it is collected and used, and to delete or render it anonymous after such retention requirements have been met.
RESPECTING INDIVIDUALS’ RIGHTS AND CHOICES
Dedalus recognises the rights of individuals to:
- Request access to the data collected on them by Dedalus and the reason for Dedalus having such data
- Obtain a copy of the personal data held on them
- Request the rectification or deletion of inaccurate or incomplete data
- Withdraw consent given to Dedalus for the collection of their data at any time.
Dedalus will respond to requests made by individuals exercising their rights within a reasonable period after the individual’s request or within any specific period that may be required by applicable local laws.
Dedalus will handle and investigate complaints made by individuals about any breach of these rules or data protection laws and will respond to such complaints in a timely manner.
We respect customers’ rights to object to the use of their data or to opt out of receiving direct marketing communications. When using personal data for marketing purposes, Dedalus will inform individuals in a clear and plain language about the use of their data for such purposes. Dedalus respects the right of its existing and prospective customers to:
- only receive marketing communications from Dedalus if an explicit and specific prior consent has been provided, when required by applicable laws, or if Dedalus can demonstrate that it is authorised to send such communications for its legitimate business purposes
- no longer receive any marketing communications if a specific preference setting, an opt-out or an objection to use such data for marketing purposes has been received by Dedalus.
We use sensitive personal data only if it is necessary. Dedalus recognises that some categories of personal data are particularly sensitive and require a higher level of protection. Sensitive data includes information regarding a person’s health, biometric and genetic data, religion, and political opinions, racial or ethnic origin, criminal records and any other information protected specifically by the relevant applicable data protection laws.
Dedalus implements adequate procedures and safeguards to restrict access to sensitive data only by appropriate persons and prevent its unauthorised access, use and dissemination.
MANAGING DATA RESPONSIBLY AND SECURELY
Dedalus is accountable for fulfilling the requirements sets out in this Policy and under applicable law. Dedalus takes the necessary measures to observe the requirements of this Policy and applicable law and have the necessary internal mechanisms in place to demonstrate such observance. Dedalus employs data protection practices designed to support its compliance with this Policy and applicable law and provides internal controls to verify compliance with data protection laws and related
Dedalus policies and procedures.
Dedalus strives to protect data with appropriate technical and organizational measures to ensure their confidentiality, integrity, and availability and to prevent the risk of unauthorised or unlawful access, alteration, destruction, or disclosure.
As far as Dedalus has been managing the data and the security breach was directly involving Dedalus systems and services Dedalus will inform individuals of a security breach affecting their data that could pose a high risk to their rights and freedoms in accordance with applicable laws.
Dedalus requires from its suppliers or subcontractors that they fully comply with Dedalus data protection policies and any applicable data protection legislation and maintain adequate technical and organisational security measures to protect data.
Dedalus limits data access to its employees or suppliers who need to perform specific tasks in relation with such data. Dedalus makes available training and programs to educate and raise awareness among employees for their individual and collective legal, regulatory, and contractual responsibilities regarding data processing.
In accordance with applicable law, Dedalus provides reasonable assistance to its customers, where Dedalus is a processor, to ensure the security of their processing and will inform the customers of a security breach as required under such laws.
When data is transferred, we ensure that we have taken steps to protect them before transfer. Dedalus transfers personal data across national boundaries only when this is justified for business purposes and safeguards exist to ensure that data will continue to be adequately protected in the jurisdiction of destination.
If the processing is likely to result in a high risk to individuals, Dedalus conducts an impact assessment to identify risks that the processing may cause to the rights of individuals and eliminate or reduce such risks.
Dedalus has set a global data protection office which is responsible to implement this Policy, to promulgate additional data protection related policies, and to provide strategically coordinated data protection related compliance and other services and resources to the Dedalus business units.
IMPLEMENTING THE DATA PROTECTION BY DESIGN AND BY DEFAULT PARADIGMS
Dedalus, from the moment in which data processing activity is designed, implements appropriate technical and organisational measures to effectively implement the principles of data protection, and integrates the necessary safeguards into the processing to meet the regulatory requirements and protect the rights of individuals, considering the technology state of the art, the cost of implementation and the nature, scope, context and purposes of processing, and the risks for rights and freedoms of individuals posed by the data processing.
Dedalus also guarantees that, by default, only data that is necessary for each specific purpose of the processing are processed. This obligation applies to the amount of data collected, the extent of processing, the retention period, and the accessibility to the data.
To adhere to these principles, Dedalus business units must, whenever designing or carrying out new projects, services, systems, or products that entail data processing, ensure they meet the requirements of data protection by design and by default. For this purpose, Dedalus also requires specific pertinent safeguards and functions from suppliers, software developers and other third parties during the design phase of such projects. Wherever a new project, service, system, or activity implies
data processing, the business unit engaging in this activity must verify the technical documentation, safeguards, functions, and measures adopted to ensure data minimisation and minimisation of the potential risks for the individuals.
COOPERATION WITH SUPERVISORY AUTHORITIES
Dedalus will cooperate with any competent national or regional supervisory authority responsible for supervising applicable data protection law that has good cause to question any processing of personal data by Dedalus and will comply with such competent supervisory authority’s decisions on any issue related to this Policy.
VIOLATIONS
Non-compliance with this Policy may be regarded as a serious breach of the trust Dedalus must be able to place in its staff. Non-compliance by an employee may therefore result in a sanction, such as suspension or other disciplinary measures or measures under labour law. Non-compliance by staff members that are not employees may result in termination of the relevant contract. Staff will not be penalized for raising issues relating to compliance with this Policy.
CHANGES TO THIS POLICY
This Policy supersedes all previous Dedalus data protection policies to the extent they address the same issues and are not consistent with this Policy or impose less restrictive requirements.
Dedalus reserves the right to modify this Policy. Any material changes will be notified on Dedalus’s website.
CONTACT DETAILS OF DATA PROTECTION OFFICER
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address:
for Dedalus S.p.A [email protected]
for companies based in UK [email protected].
for companies based in France [email protected]
for companies based in Germany/Austria [email protected]
for companies based in Italy [email protected]
Current version: [Dedalus – privacy policy – v. 1]
Last updated: [September 2021]
PRIVACY POLICY AND INFORMATION NOTICE FOR WEBSITE USERS – Dedalus Healthcare Denmark
Dedalus Group attaches a great deal of importance to and intends to pay particular attention to
protecting your personal data and respecting your privacy.
The aim of this privacy policy and information notice for website users (hereinafter referred to as the “notice”) is therefore to inform you of how your personal data is processed when you visit the website www.dedalus.com (hereinafter referred to as the “site”).
In this regard, please note that Dedalus Healthcare Denmark acts as the controller for your personal data (hereinafter referred to as “we”, “us” and “our”).
1. What personal data do we collect?
When you browse our site, we may collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, contact details, image ).
- Professional data (e.g., position held, identity of your employer, ).
- technical data (e.g., IP address, type of browser used, etc.); and
- any personal data contained in any correspondence you send to us.
Provision of your personal data is voluntary, but we will be unable to provide you with the services and information you request without it. For example, if you contact us through the site, you will need to provide us with your email address so that we can respond to you.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties, you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. | The processing is carried out to provide you with the service you requested us. |
Improving and securing our services and our site. | The processing is carried out pursuant to our legitimate interest, which involves optimizing and securing our tools and solutions to best accommodate our site visitors, clients, and prospects and to keep our online presence secure. |
Complying with legal and regulatory obligations applicable to us. | The processing is necessary to comply with the legal obligations that we are subject to. |
Managing any potential or actual disputes with you or third parties. | The processing is carried out pursuant to our legitimate interest, which involves defending our interests, including through legal action. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and non automated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research, customer satisfaction surveys, information about webinars and events) (marketing) | The processing is carried out only in case you provide specific consent. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events) (data transfer to third parties for their marketing purposes) | The processing is carried out only in case you provide specific consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this information notice (e.g., we use IT service providers to host your personal data on our behalf; in the case of unpaid invoices, we may use the services of service providers specialized in debt collection; etc.).
- to other entities of the Dedalus Group (e.g., in the context of our accounting / fiscal obligations, we may have to share a certain amount of information, including personal data concerning you, for consolidation purposes at Dedalus Group level).
- where applicable, to investors / buyers and their advisors (e.g., in the context of mergers and acquisitions).
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this information notice.
4. Do we transfer data outside the European Economic Area?
In connection with the processing operations described in this policy, we transfer your personal data outside the European Economic Area (“EEA”), including to countries that are not recognized by the European Commission as providing an adequate level of data protection.
In this context, we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or, alternatively;
- the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
- the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. |
We will store your personal data for a maximum of 3 years from our last contact with you. |
Improving our services and our site. | We will store your data for a maximum of one year, although in most cases your data will be aggregated shortly after collection into non-identifiable statistics. |
Complying with legal and regulatory obligations applicable to us. | We store your personal data for as long as we are subject to the relevant legal or regulatory obligations. | Managing any potential or actual disputes with you or third parties. | Your personal data will be stored until all potential remedies have been exhausted. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and nonautomated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research,customer satisfaction surveys, information about webinars and events) (marketing) |
We will process your personal data until your consent is withdrawn. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events); (data transfer to third parties for their marketing purposes) |
We will process your personal data until your consent is withdrawn. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. Do we use cookies
We use cookies on our site.
To find out more about the cookies we use and the purposes that we use them for, please refer to our cookie policy, which can be found in the privacy section of the website page.
7. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
- You also have the right to request that processing of your personal data be restricted or to object to the
- You have the right to portability of your personal
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant Supervisory Authority: For Sweden: Integritetsskyddsmyndigheten | IMY
For Denmark: Datatilsynet
8. How can you contact us?
If you have any questions or requests regarding our processing operations with your
personal data under this policy, including exercising your rights, as outlined above, you may
contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail
at the following address: [email protected]
Current version: Dedalus – Privacy policy for website visitors – v. [2]
Last updated: [July 2022]
__________________________________________
PRIVACY POLICY AND INFORMATION NOTICE FOR WEBSITE USERS – Dedalus Sweden AB – SVERIGE
Dedalus Group attaches a great deal of importance to and intends to pay particular attention to
protecting your personal data and respecting your privacy.
The aim of this privacy policy and information notice for website users (hereinafter referred to as the “notice”) is therefore to inform you of how your personal data is processed when you visit the website www.dedalus.com (hereinafter referred to as the “site”).
In this regard, please note that Dedalus Sweden AB acts as the controller for your personal data (hereinafter referred to as “we”, “us” and “our”).
1. What personal data do we collect?
When you browse our site, we may collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, contact details, image ).
- Professional data (e.g., position held, identity of your employer, ).
- technical data (e.g., IP address, type of browser used, etc.); and
- any personal data contained in any correspondence you send to us.
Provision of your personal data is voluntary, but we will be unable to provide you with the services and information you request without it. For example, if you contact us through the site, you will need to provide us with your email address so that we can respond to you.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties, you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. WHY AND HOW LONG DO WE PROCESS YOUR PERSONAL DATA FOR?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question. For each purpose, the table below indicates
also the storage period that will be applied to your personal data. We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question:
PURPOSE | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. | 1. Collection;; 2. Recording/Storage; 3. Organization Structuring; 4. Use; 5. Visualization/Consultation/Access; 6. Erasure. |
a) dentification data (e.g., surname, first name, email address, username, password, Region, type of device). b) technical data (e.g., IP address, type of browser used, etc.); |
LEGAL BASIS |
The processing is carried out to provide you with the service you requested us. |
RETENTION PERIOD |
We will store your personal data for a maximum of 3 years from our last contact with you. |
PURPOSE | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Improving our services and our site. | 1. Collection; 2. Recording/Storage; 3. Organization Structuring; 4. Use; 5. Visualization/Consultation/Access; 6. Disclosure (by transmission, dissemination or making otherwise available); 7. Erasure. |
a) dentification data (e.g., surname, first name, email address, username, password, Region, type of device). b) technical data (e.g., IP address, type of browser used, etc.); |
LEGAL BASIS |
Improving our services and our site. The processing is carried out pursuant to our legitimate interest, which involves optimizing our tools and solutions to best accommodate our site visitors, clients, and prospects. |
RETENTION PERIOD |
We will store your data for a maximum of one year, although in most cases your data will be aggregated shortly after collection into non-identifiable statistics. |
PURPOSE | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Managing any potential or actual disputes with you or third parties. |
1. Collection; 2. Recording/Storage; 3. Organization Structuring; 4. Use; 5. Visualization/Consultation/Access; 6. Disclosure (by transmission, dissemination or making otherwise available); 7. Erasure. |
a) dentification data (e.g., surname, first name, email address, username, password, Region). b) professional data (e.g., position held, field of activity, employer). c) technical data (e.g., IP address, type of browser used, etc.); and d) any personal data contained in any correspondence you send to us. |
LEGAL BASIS |
The processing is carried out pursuant to our legitimate interest, which involves defending our interests, including through legal action |
RETENTION PERIOD |
Your data will be stored in the phases preceding litigation, as well for the duration of the dispute and until all potential remedies have been exhausted. In any case, no longer than 10 years(Sw: Preskriptionslag (1981:130)). |
PURPOSE | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and non-automated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research, customer satisfaction surveys, information about webinars and events) (marketing) |
1. Collection; 2. Recording/Storage; 3. Organization Structuring; 4. Use; 5. Visualization/Consultation/Access; 6. Disclosure (by transmission, dissemination or making otherwise available); 7. Erasure. |
Contact details (name, surname, email address, phone number) |
LEGAL BASIS |
The processing is carried out only in case you provide specific consent |
RETENTION PERIOD |
We will process your personal data until your consent is withdrawn. However, if you object to our commercial marketing activities, we will immediately delete your personal data for this purpose (except for only the data that is strictly necessary to keep track of your objection and thus not send you any further commercial communication). |
PURPOSE | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Sharing your personal data to the other Dedalus group companies established in your country/region, to allow them to send you, using automated means (e.g., email, SMS, MMS, etc.) marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events) (sharing for marketing purposes) |
1. Collection; 2. Recording/Storage; 3. Organization Structuring; 4. Use; 5. Visualization/Consultation/Access; 6. Disclosure (by transmission, dissemination or making otherwise available); 7. Erasure. |
Contact details (name, surname, email address, phone number) |
LEGAL BASIS |
The processing is carried out only in case you provide specific consent |
RETENTION PERIOD |
We will process your personal data until your consent is withdrawn. However, if you object to our commercial marketing activities, we will immediately delete your personal data for this purpose (except for only the data that is strictly necessary to keep track of your objection and thus not send you any further commercial communication). |
In any case, please note that we will not process your personal data for any other purpose that is
incompatible with the above-mentioned purposes.
We have also defined an archiving policy. This ensures that your personal data is not stored in the
active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize
your personal data so that you can no longer be identified.
3. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they
assist us in carrying out the purposes set out in this policy (e.g., we use IT service
providers to host your personal data on our behalf). - the other entities of the Dedalus Group.
- to competent courts, public authorities, government agencies and law enforcement
agencies (including where we are required to comply with legal or regulatory
requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly
need-to-know basis and only to the extent required to fulfill the purposes identified in this
policy.
4. DO WE TRANSFER DATA OUTSIDE THE EUROPEAN ECONOMIC AREA?
Should your personal data be transferred outside the European Economic Area (“EEA”), we ensure
that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following
mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country
that your personal data is transferred to; or, alternatively; - the conclusion of standard contractual clauses reproducing the models adopted by the
European Commission; or, alternatively; - the existence of an exemption related to one of the specific situations exhaustively provided
for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have
given your consent to such transfer having been informed of the absence of safeguards,
where the transfer is necessary for the performance of a contract concluded between you
and us, where the transfer is necessary for the conclusion or performance of a contract
concluded in your interest between us and a third party, or where the transfer is necessary
for the establishment, exercise or defense of our legal claims, etc.).
You can obtain copies of these documents, including the countries where personal data are
transferred, by emailing our Group Data Protection Officer (“DPO”), whose contact details are set
out in Section 7 (How can you contact us?) below.
5. DO WE USE COOKIES?
We use cookies on our site.
To find out more about the cookies we use and the purposes that we use them for, please
refer to our cookie policy, which can be found in the privacy section of the website page.
6. WHAT RIGHTS DO YOU HAVE?
In accordance with the applicable data protection legal framework, particularly the GDPR,
you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
erased. - You also have the right to request that processing of your personal data be restricted
or to object to the same. - You have the right to portability of your personal data.
- Where processing of your personal data is based on your consent, please note that
you may withdraw your consent at any time, without affecting the lawfulness of
processing based on your consent carried out prior to your withdrawal of the same.
However, please note that some of the above rights are subject to specific conditions
dictated by the applicable data protection legal framework. So, if your specific situation does
not meet these conditions, we will unfortunately be unable to comply with your request.
To exercise your rights, please contact our Group DPO using the contact details provided in
Section 7 (How can you contact us?). To process your request as efficiently as possible, we
may ask you for certain additional information to confirm your identity and/or assist in locating
the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the Swedish data protection
supervisory authority (Swedish Authority for Privacy Protection | IMY).
7. HOW CAN YOU CONTACT US?
If you have any questions or requests regarding our processing operations with your
personal data under this policy, including exercising your rights, as outlined above, you may
contact us on the following address:[email protected]
We also have appointed a Group data protection officer (“DPO”), which you can contact by
e-mail at the following address: [email protected]
Current version: Dedalus – Privacy policy for website visitors – v. [1]
Last updated: [January 2023]
__________________________________________
PRIVACY POLICY AND INFORMATION NOTICE FOR WEBSITE USERS – Dedalus Healthcare BV – BELGIUM
Dedalus Group attaches a great deal of importance to and intends to pay particular attention to
protecting your personal data and respecting your privacy.
The aim of this privacy policy and information notice for website users (hereinafter referred to as the “notice”) is therefore to inform you of how your personal data is processed when you visit the website www.dedalus.com (hereinafter referred to as the “site”).
In this context, we would like to remind you that Dedalus Healthcare BV acts as the data controller of your personal data (hereinafter referred to as “we”, “us” and “our”).
1. What personal data do we collect?
When you browse our site, we may collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, email address, username, password, Region, type of device, etc ).
- Professional data (e.g., position held, identity of your employer, ).
- technical data (e.g., IP address, type of browser used, etc.); and
- any personal data contained in any correspondence you send to us.
Provision of your personal data is voluntary, but we will be unable to provide you with the services and information you request without it. For example, if you contact us through the site, you will need to provide us with your email address so that we can respond to you.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties, you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. | The processing is carried out to provide you with the service you requested us. |
Improving and securing our services and our site. | The processing is carried out pursuant to our legitimate interest, which involves optimizing and securing our tools and solutions to best accommodate our site visitors, clients, and prospects and to keep our online presence secure. |
Complying with legal and regulatory obligations applicable to us. | The processing is necessary to comply with the legal obligations that we are subject to. |
Managing any potential or actual disputes with you or third parties. | The processing is carried out pursuant to our legitimate interest, which involves defending our interests, including through legal action. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and non automated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research, customer satisfaction surveys, information about webinars and events) (marketing) | The processing is carried out only in case you provide specific consent. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events) (data transfer to third parties for their marketing purposes) | The processing is carried out only in case you provide specific consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this information notice (e.g., we use IT service providers to host your personal data on our behalf; in the case of unpaid invoices, we may use the services of service providers specialized in debt collection; etc.).
- to other entities of the Dedalus Group.
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this information notice.
4. Do we transfer data outside the European Economic Area?
In connection with the processing operations described in this policy, we transfer your personal data outside the European Economic Area (“EEA”), including to countries that are not recognized by the European Commission as providing an adequate level of data protection.
In this context, we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or, alternatively;
- the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
- the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. |
We will store your personal data for a maximum of 3 years from our last contact with you. |
Improving our services and our site. | We will store your data for a maximum of one year, although in most cases your data will be aggregated shortly after collection into non-identifiable statistics. |
Complying with legal and regulatory obligations applicable to us. | We store your personal data for as long as we are subject to the relevant legal or regulatory obligations. | Managing any potential or actual disputes with you or third parties. | Your personal data will be stored until all potential remedies have been exhausted. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and nonautomated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research,customer satisfaction surveys, information about webinars and events) (marketing) |
We will process your personal data until your consent is withdrawn. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events); (data transfer to third parties for their marketing purposes) |
We will process your personal data until your consent is withdrawn. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. Do we use cookies
We use cookies on our site.
To find out more about the cookies we use and the purposes that we use them for, please refer to our cookie policy, which can be found in the privacy section of the website page.
7. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
- You also have the right to request that processing of your personal data be restricted or to object to the
- You have the right to portability of your personal
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant Supervisory Authority:
For Belgium: Homepage | Autorité de protection des données
Gegevensbeschermingsautoriteit (dataprotectionauthority.be)
8. How can you contact us?
If you have any questions or requests regarding our processing operations with your
personal data under this policy, including exercising your rights, as outlined above, you may
contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail
at the following address: For Dedalus Healthcare BV: [email protected]
Current version: Dedalus – Privacy policy for website visitors – v. [2]
Last updated: [July 2022]
__________________________________________
PRIVACY POLICY AND INFORMATION NOTICE FOR WEBSITE USERS – iSOFT Nederland B.V.
Dedalus Group attaches a great deal of importance to and intends to pay particular attention to
protecting your personal data and respecting your privacy.
The aim of this privacy policy and information notice for website users (hereinafter referred to as the “notice”) is therefore to inform you of how your personal data is processed when you visit the website www.dedalus.com (hereinafter referred to as the “site”).
In this regard, please note that iSOFT Nederland B.V. acts as the controller for your personal data (hereinafter referred to as “we”, “us” and “our”).
1. What personal data do we collect?
When you browse our site, we may collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, email address, username, password, Region, type of device, etc ).
- Professional data (e.g., position held, identity of your employer, ).
- technical data (e.g., IP address, type of browser used, etc.); and
- any personal data contained in any correspondence you send to us.
Provision of your personal data is voluntary, but we will be unable to provide you with the services and information you request without it. For example, if you contact us through the site, you will need to provide us with your email address so that we can respond to you.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties, you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. | The processing is carried out to provide you with the service you requested us. |
Improving and securing our services and our site. | The processing is carried out pursuant to our legitimate interest, which involves optimizing and securing our tools and solutions to best accommodate our site visitors, clients, and prospects and to keep our online presence secure. |
Complying with legal and regulatory obligations applicable to us. | The processing is necessary to comply with the legal obligations that we are subject to. |
Managing any potential or actual disputes with you or third parties. | The processing is carried out pursuant to our legitimate interest, which involves defending our interests, including through legal action. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and non automated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research, customer satisfaction surveys, information about webinars and events) (marketing) | The processing is carried out only in case you provide specific consent. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events) (data transfer to third parties for their marketing purposes) | The processing is carried out only in case you provide specific consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this information notice (e.g., we use IT service providers to host your personal data on our behalf; in the case of unpaid invoices, we may use the services of service providers specialized in debt collection; etc.).
- to other entities of the Dedalus Group.
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this information notice.
4. Do we transfer data outside the European Economic Area?
In connection with the processing operations described in this policy, we transfer your personal data outside the European Economic Area (“EEA”), including to countries that are not recognized by the European Commission as providing an adequate level of data protection.
In this context, we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or, alternatively;
- the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
- the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. |
We will store your personal data for a maximum of 3 years from our last contact with you. |
Improving our services and our site. | We will store your data for a maximum of one year, although in most cases your data will be aggregated shortly after collection into non-identifiable statistics. |
Complying with legal and regulatory obligations applicable to us. | We store your personal data for as long as we are subject to the relevant legal or regulatory obligations. | Managing any potential or actual disputes with you or third parties. | Your personal data will be stored until all potential remedies have been exhausted. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and nonautomated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research,customer satisfaction surveys, information about webinars and events) (marketing) |
We will process your personal data until your consent is withdrawn. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events); (data transfer to third parties for their marketing purposes) |
We will process your personal data until your consent is withdrawn. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. Do we use cookies
We use cookies on our site.
To find out more about the cookies we use and the purposes that we use them for, please refer to our cookie policy, which can be found in the privacy section of the website page.
7. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
- You also have the right to request that processing of your personal data be restricted or to object to the
- You have the right to portability of your personal
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant Supervisory Authority:
For Sweden: Integritetsskyddsmyndigheten | IMY
ForDenmark: Datatilsynet
For Belgium: Homepage | Autorité de protection des
données
Gegevensbeschermingsautoriteit (dataprotectionauthority.be)
For the Netherlands: Autoriteit Persoonsgegevens |
8. How can you contact us?
If you have any questions or requests regarding our processing operations with your
personal data under this policy, including exercising your rights, as outlined above, you may
contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail
at the following address: [email protected]
Current version: Dedalus – Privacy policy for website visitors – v. [2]
Last updated: [July 2022]
__________________________________________
PRIVACY POLICY AND INFORMATION NOTICE FOR WEBSITE USERS – Dedalus Amphi Systems – DENMARK
Dedalus Group attaches a great deal of importance to and intends to pay particular attention to
protecting your personal data and respecting your privacy.
The aim of this privacy policy and information notice for website users (hereinafter referred to as the “notice”) is therefore to inform you of how your personal data is processed when you visit the website www.dedalus.com (hereinafter referred to as the “site”).
In this regard, please note that Dedalus Amphi Systems AS acts as the controller for your personal data (hereinafter referred to as “we”, “us” and “our”).
1. What personal data do we collect?
When you browse our site, we may collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, contact details, image ).
- Professional data (e.g., position held, identity of your employer, ).
- technical data (e.g., IP address, type of browser used, etc.); and
- any personal data contained in any correspondence you send to us.
Provision of your personal data is voluntary, but we will be unable to provide you with the services and information you request without it. For example, if you contact us through the site, you will need to provide us with your email address so that we can respond to you.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties, you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. | The processing is carried out to provide you with the service you requested us. |
Improving and securing our services and our site. | The processing is carried out pursuant to our legitimate interest, which involves optimizing and securing our tools and solutions to best accommodate our site visitors, clients, and prospects and to keep our online presence secure. |
Complying with legal and regulatory obligations applicable to us. | The processing is necessary to comply with the legal obligations that we are subject to. |
Managing any potential or actual disputes with you or third parties. | The processing is carried out pursuant to our legitimate interest, which involves defending our interests, including through legal action. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and non automated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research, customer satisfaction surveys, information about webinars and events) (marketing) | The processing is carried out only in case you provide specific consent. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events) (data transfer to third parties for their marketing purposes) | The processing is carried out only in case you provide specific consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this information notice (e.g., we use IT service providers to host your personal data on our behalf; in the case of unpaid invoices, we may use the services of service providers specialized in debt collection; etc.).
- to other entities of the Dedalus Group (e.g., in the context of our accounting / fiscal obligations, we may have to share a certain amount of information, including personal data concerning you, for consolidation purposes at Dedalus Group level).
- where applicable, to investors / buyers and their advisors (e.g., in the context of mergers and acquisitions).
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this information notice.
4. Do we transfer data outside the European Economic Area?
In connection with the processing operations described in this policy, we transfer your personal data outside the European Economic Area (“EEA”), including to countries that are not recognized by the European Commission as providing an adequate level of data protection.
In this context, we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or, alternatively;
- the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
- the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Responding to requests and questions you may submit through the site, and more broadly, managing our relationship with visitors to the site. |
We will store your personal data for a maximum of 3 years from our last contact with you. |
Improving our services and our site. | We will store your data for a maximum of one year, although in most cases your data will be aggregated shortly after collection into non-identifiable statistics. |
Complying with legal and regulatory obligations applicable to us. | We store your personal data for as long as we are subject to the relevant legal or regulatory obligations. | Managing any potential or actual disputes with you or third parties. | Your personal data will be stored until all potential remedies have been exhausted. |
Sending, using both automated (e.g., email, SMS, MMS, etc.) and nonautomated (e.g., phone, ordinary mail, etc.) means, marketing messages and promotional content messages relating to our activities, products and services and those of the other Dedalus group companies (including market research,customer satisfaction surveys, information about webinars and events) (marketing) |
We will process your personal data until your consent is withdrawn. |
Transferring/Sharing your personal data to the other Dedalus group companies, operating in the bio medical sector, by automated means (e.g., email, SMS, MMS, etc.), marketing messages and promotional content messages relating to their activities, products and services (including market research, customer satisfaction surveys, information about webinars and events); (data transfer to third parties for their marketing purposes) |
We will process your personal data until your consent is withdrawn. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. Do we use cookies
We use cookies on our site.
To find out more about the cookies we use and the purposes that we use them for, please refer to our cookie policy, which can be found in the privacy section of the website page.
7. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
- You also have the right to request that processing of your personal data be restricted or to object to the
- You have the right to portability of your personal
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant Supervisory Authority: For Sweden: Integritetsskyddsmyndigheten | IMY
For Denmark: Datatilsynet
8. How can you contact us?
If you have any questions or requests regarding our processing operations with your
personal data under this policy, including exercising your rights, as outlined above, you may
contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail
at the following address: [email protected]
Current version: Dedalus – Privacy policy for website visitors – v. [2]
Last updated: [July 2022]
The Dedalus Group attaches a great deal of importance to and intends to pay particular attention to protecting your personal data and respecting your privacy.
The aim of this information notice is therefore to inform you of how your personal data is processed when you act on behalf of a client or prospect of the Dedalus Group (e.g., employee, intern, company representative, etc.).
In this respect, please note that the controller of your personal data is the Dedalus Group entity that has among its clients or prospects the entity on behalf of which you are acting (hereinafter referred to as “we”, “our” and “us”). Please refer to Section 7 (“How can you contact us?”) below to access the contact details of the relevant controller.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, contact details, image ).
- Professional data (e.g., position held, identity of your employer, ).
In most cases, provision of your personal data is mandatory; we will be unable to manage our working relationship with the entity on behalf of which you are acting properly without it. For example, if you refuse to provide us with your contact details so we can send you an agreement to sign, we will be unable to enter into an agreement with the entity on behalf of which you are acting.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, in the event that you provide us with personal data belonging to third parties (e.g. if you provide us with the data of a signatory so we can prepare the agreement to be signed), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Client and prospect relationship management, including, but not limited to: (i) preparation and performance of agreements; (ii) order management and follow-up; (iii) invoicing; (iv) accounting of client accounts; (v) management of requests, complaints, and after-sales service; etc. |
The processing is necessary for the performance of a contract or to take steps at your request to enter a contract. |
Carrying out commercial marketing operations and sending marketing communications. | The processing is based on your consent. |
Carrying out commercial marketing operations and sending marketing communications to promote products or services offered by the Controller, similar to those ones already purchased by the data subject (soft spam). | The processing is based on our legitimate interest in developing our client base. |
Analysis of data for business intelligence purposes in order to improve our understanding of internal business processes, evaluate the effectiveness and efficiency of our management system and assess initiatives. | Our legitimate interest to analyze our organization and improve internal processes. |
Carrying out satisfaction surveys of commercial statistics with clients / prospects and managing opinions on our products and services. | The processing is based on your consent. |
Where applicable, studying, organizing, and executing transactions relating to our activities, particularly in the context of mergers and acquisitions, spin-offs, etc. | Our legitimate interest in finding and managing investors / buyers / other stakeholders who may be interested in our business. |
Compliance framework with the applicable legal. | Need to comply with a legal obligation that we are subject to. |
Managing and following up unpaid bills, as well as potential disputes with you or third parties. | The processing is necessary to manage the contract and to pursue our legitimate interest to collect the sums due and to defend our interests, including through legal action and, where applicable, if certain categories of data (conviction, offense, security measure) are processed, the need to establish, exercise or defend our legal claims. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this information notice (e.g., we use IT service providers to host your personal data on our behalf; in the case of unpaid invoices, we may use the services of service providers specialized in debt collection; etc.).
- to other entities of the Dedalus Group (e.g., in the context of our accounting / fiscal obligations, we may have to share a certain amount of information, including personal data concerning you, for consolidation purposes at Dedalus Group level).
- where applicable, to investors / buyers and their advisors (e.g., in the context of mergers and acquisitions).
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this information notice.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
In connection with the processing operations described in this policy, we transfer your personal data outside the European Economic Area (“EEA”), including to countries that are not recognized by the European Commission as providing an adequate level of data protection.
In this context, we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or, alternatively;
- the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
- the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims).
You can obtain copies of these documents by emailing our Data Protection Officer (“DPO”), whose contact details are set out in Section 7 (How can you contact us?) below
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Client and prospect relationship management, including, but not limited to: (i) preparation and performance of agreements; (ii) order management and follow-up; (iii) invoicing; (iv) accounting of client accounts; (v) management of requests, complaints, and after-sales service; etc. | If you are acting on behalf of one of our clients, we will retain your personal data for up to 10 years after the end of our contractual relationship with the client concerned. Within the Netherlands, we will retain your personal data for 3 years after the end of our contractual relationship, unless we need the data for litigation purposes. Data related to invoicing, will be retained for 7 years for tax purposes. Within Belgium, Data related to administrative and bookkeeping activities, will be retained for 7 years for tax purposes. Within Denmark, we will retain your data for 5 years after the end of our contractual relationship. If you are acting on behalf of one of our prospects, we will retain your personal data until the withdrawal of the consent. |
Carrying out commercial marketing operations. | If you are acting on behalf of one of our clients, we will retain your personal data for up to 2 years after the end of our contractual relationship with the client concerned. If you are acting on behalf of one of our prospects, we will retain your personal data until the withdrawal of the consent. However, if you object to our commercial marketing activities, we will immediately delete your personal data for this purpose (except for only the data that is strictly necessary to keep track of your objection and thus not send you any further commercial communication). |
Analysis of data for business intelligence purposes in order to improve our understanding of internal business processes, evaluate the effectiveness and efficiency of our management system and assess initiatives. | For the duration necessary to carry out the business intelligence analysis. |
Carrying out satisfaction surveys of commercial statistics with clients / prospects and managing opinions on our products and services. | Your data will not be stored for longer than is necessary for completing said surveys and/or until the withdrawal of the consent. |
Where applicable, studying, organizing, and executing transactions relating to our activities, particularly in the context of mergers and acquisitions, spin-offs, etc. | Your data will only be stored for as long as is necessary to assess the appropriateness of the proposed transactions and, if necessary, to carry them out. |
Compliance with the applicable legal framework. | Your data will be stored for the duration of the limitation period of the obligations that we are subject to. |
Managing and following up unpaid bills, as well as potential disputes with you or third parties. | Your data will be stored for the duration of the recovery / dispute and until all potential remedies have been exhausted. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
- You also have the right to request that processing of your personal data be restricted or to object to the
- You have the right to portability of your personal
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant Supervisory Authority: For Sweden: Integritetsskyddsmyndigheten | IMY
For Denmark: Datatilsynet
For Belgium: Homepage | Autorité de protection des
données
Gegevensbeschermingsautoriteit (dataprotectionauthority.be)
For the Netherlands:Autoriteit Persoonsgegevens |
7. HOW CAN YOU CONTACT US?
Your personal data will be processed by the Dedalus Group Company with which you have entered
into the contractual/pre-contractual relationship, which will act as the Data Controller. The Data
Controller can be contacted at the address of its registered office, as indicated on the respective
website and in the contractual documentation.
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the
following address:
For all Dedalus’ entities: [email protected]
Current version: Dedalus – client privacy policy – v. [2]
Last updated: [July 2022]
The Dedalus Group attaches a great deal of importance to and intends to pay particular attention to
protecting your personal data and respecting your privacy.
The aim of this privacy information notice is therefore to inform you of how your personal data is
processed when you act on behalf of a supplier or business partner of the Dedalus Group (e.g.,
employee, intern, company representative, etc.).
In this respect, please note that the controller of your personal data is the Dedalus Group entity that
has among its suppliers or prospects the entity on behalf of which you are acting (hereinafter referred
to as “we”, “our” and “us”). Please refer to Section 7 (“How can you contact us?”) below to access
the contact details of the relevant controller.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, contact details, image ).
- Professional data (e.g., position held, identity of your employer, ).
- economic and financial information (income, financial situation, tax situation, etc)
In most cases, provision of your personal data is mandatory; we will be unable to manage our working relationship with the entity on behalf of which you are acting properly without it. For example, if you refuse to provide us with your contact details so we can send you an agreement to sign, we will be unable to enter into an agreement with the entity on behalf of which you are acting.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, in the event that you provide us with personal data belonging to third parties (e.g. if you provide us with the data of a signatory so we can prepare the agreement to be signed), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Relationship management with suppliers, service providers and business partners (e.g., agents, etc.), including, but not limited to: (i) preparation and performance of agreements; (ii) management and follow-up of orders placed by us; (iii) payment of invoices; etc. |
The processing is necessary for the performance of a contract or to take steps at your request to enter a contract or at the request of the supplier, service provider or business partner on behalf of which you are acting. |
Where applicable, studying, organizing, and executing transactions relating to our activities, particularly in the context of mergers and acquisitions, spin-offs, etc. | Our legitimate interest in finding investors / buyers / stakeholders who may be interested in our business. |
Analysis of data for business intelligence purposes in order to improve our understanding of internal business processes, evaluate the effectiveness and efficiency of our management system and assess initiatives |
The processing is based on our legitimate interest in developing our client base. |
Analysis of data for business intelligence purposes in order to improve our understanding of internal business processes, evaluate the effectiveness and efficiency of our management system and assess initiatives. | Our legitimate interest to analyze our organization and improve internal processes. |
Compliance with the applicable legal framework. | Need to comply with a legal obligation that we are subject to. |
Managing and following up potential disputes with you or third parties. | The processing is necessary to manage the contract and to pursue our legitimate interest to collect the sums due and to defend our interests, including through legal action and, where applicable, if certain categories of data (conviction, offense, security measure) are processed, the need to establish, exercise or defend our legal claims. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
3. Who do we share your personal data with?
In
the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this policy (e.g., we use IT service providers to host your personal data on our behalf; ).
- to other entities of the Dedalus Group (e.g., in the context of our accounting / fiscal obligations, we may have to share a certain amount of information, including personal data concerning you, for consolidation purposes at Dedalus Group level, g. some services may be contracted by the holding in favor of all group entities).
- where applicable, to investors / buyers and their advisors (e.g., in the context of mergers and acquisitions).
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this policy.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
In
connection with the processing operations described in this policy, we transfer your personal data outside the European Economic Area (“EEA”), including to countries that are not recognized by the European Commission as providing an adequate level of data protection.
In this context, we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or, alternatively;
- the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
- the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims, ).
You can obtain copies of these documents by emailing our Data Protection Officer (“DPO”), whose contact details are set out in Section 7 (How can you contact us?) below.
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Relationship management with suppliers, service providers and business partners (e.g., agents, etc.), including, but not limited to: (i) preparation and performance of agreements; (ii) management and follow-up of orders placed by us; (iii) payment of invoices; etc. |
According to local legislation, and no longer than 10 years after the end of our contractual relationship with the supplier, service provider or business partner on behalf of which you are acting.
Within the Netherlands, we will retain your personal data for 3 years after the end of our contractual relationship or 7 years for information necessary for tax purposes. Within Denmark, we will retain your personal data for 3 years after the end of our contractual relationship |
Where applicable, studying, organizing, and executing transactions relating to our activities, particularly in the context of mergers and acquisitions, spin-offs, etc. | Your data will only be stored for as long as is necessary to assess the appropriateness of the proposed transactions and, if necessary, to carry them out. |
Analysis of data for business intelligence purposes in order to improve our understanding of internal business processes, evaluate the effectiveness and efficiency of our management system and assess initiatives. | For the duration necessary to carry out the business intelligence analysis. |
Compliance framework with the applicable legal. | Your data will be stored for the duration of the limitation period of the obligations that we are subject to. |
Managing and following up potential disputes with you or third parties. | Your data will be stored for the duration of the dispute and until all potential remedies have been exhausted. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or
- You also have the right to request that processing of your personal data be restricted or to object to the
- You have the right to portability of your personal
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant Supervisory Authority: For Sweden: Integritetsskyddsmyndigheten | IMY
For Denmark: Datatilsynet
For Belgium: Homepage | Autorité de protection desdonnées Gegevensbeschermingsautoriteit (dataprotectionauthority.be)
For the Netherlands: Autoriteit Persoonsgegevens |
7. HOW CAN YOU CONTACT US?
Your personal data will be processed by the Dedalus Group Company with which you have entered into the contractual/pre-contractual relationship, which will act as the Data Controller. The Data
Controller can be contacted at the address of its registered office, as indicated on the respective website and in the contractual documentation.
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address:
For all Dedalus’ entities: [email protected]
Current version: Dedalus – Privacy policy for suppliers / business partners – v. [2]
Last updated: [July 2022]
Information notice for job applicants – Dedalus Healthcare Denmark
Dedalus Healthcare Denmark (“Dedalus”) attaches a great deal of importance to and intends to pay particular attention to protecting your personal data and respecting your privacy.
The aim of this privacy policy (the “Policy”) is therefore to inform you of how your personal data is processed when you submit your application for a position within Dedalus (paid employment, internship, etc.).
In this regard, please note that Dedalus is deemed to act as the controller of your personal data(hereinafter referred to as “we”, “us” and “our”). Please refer to Section 7 (“How can you contact us?”) below to access the contact details.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, date of birth, etc).
- Professional and educational data (e.g., image, resume, identity of your current employer (if applicable).
- Evaluation data regarding your professional skills, including the results of practical tests performed during the recruitment process
- Personal data (i.e., data relating to your personal life, as it appears on your resume or that you voluntarily convey in your exchanges with us, such as your hobbies or your marital status).
- Economic data (e.g., your current salary and salary expectations, etc.).
- Sensitive data (e.g., information regarding disability) and other special categories of data (e.g., racial, or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership) if applicable pursuant to local legislation
The provision of your personal data is voluntary, but in most cases, we will be unable to process your application properly without it. For example, if you refuse to provide us with reasonably required information regarding your educational and professional background, we will be unable to determine whether your profile meets the needs of the position and will have to reject your application.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties (e.g., contact details for people with whom we can verify your references), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
The personal data may be collected directly from you or can be provided by third parties (such as, previous employers to verify your references) and/or publicly accessible sources.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | The legal basis of the processing is the performance of the necessary steps to enter a potential employment contract with you. If special categories of data (such as, data relating to your health, your membership of a trade union and/or your political opinions, racial and/or ethnical origins, philosophical and/or religious beliefs, etc.) is processed in this context, the legal basis for such processing is the necessity to comply with relevant laws. |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | Our legitimate interest is to simplify and improve our recruitment processes. |
Site access and security management, including video surveillance if you are interviewing on our premises. | Our legitimate interest is to protect people, premises, and property. |
Compliance with the applicable legal framework | Need to comply with a legal obligation that we are subject to. |
Management and follow-up of potential disputes | Our legitimate interest is to defend our interests, including through legal action. |
Processing your request to receive our job alerts | Your optional consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this policy (e.g., we use IT service providers to host your personal data on our behalf).
- to other entities of the Dedalus
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this policy.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
- Should your personal data be transferred to other countries inside or outside the European Economic Area (“EEA”), we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
- This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or alternatively;
the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims, ).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | Until the recruitment process in question is completed and your application has been rejected/accepted . |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | If you do not request that we destroy your file, your data will be automatically destroyed after the time provided by the applicable legislation and in any case no more than one year after we last have contact with you. |
Compliance with the applicable legal framework. | For the duration of the limitation period of the obligations that we are subject to. |
Management and follow-up of potential disputes | For the duration of the dispute and until all potential remedies have been exhausted |
Processing your request to receive our job alerts | Until your consent is withdrawn |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or erased
- You also have the right to request that processing of your personal data be restricted or to object to the same
- You have the right to portability of your personal data
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
same
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will unfortunately be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant data protection supervisory authority: https://www.datatilsynet.dk/
7. How can you contact us?
If you have any questions or requests regarding our processing operations with your personal data under this policy, including exercising your rights, as outlined above, you may contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address: [email protected]
Current version: [Dedalus – applicant privacy policy – v. 1 ]
Last updated: [July 2022]
__________________________________________
Information notice for job applicants – Dedalus Sweden AB – SVERIGE
Dedalus Sweden AB (“Dedalus”) attaches a great deal of importance to and intends to pay particular attention to protecting your personal data and respecting your privacy.
The aim of this privacy policy (the “Policy”) is therefore to inform you of how your personal data is processed when you submit your application for a position within Dedalus (paid employment, internship, etc.).
In this regard, please note that Dedalus is deemed to act as the controller of your personal data(hereinafter referred to as “we”, “us” and “our”). Please refer to Section 7 (“How can you contact us?”) below to access the contact details.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, date of birth, etc).
- Professional and educational data (e.g., image, resume, identity of your current employer (if applicable).
- Evaluation data regarding your professional skills, including the results of practical tests performed during the recruitment process
- Personal data (i.e., data relating to your personal life, as it appears on your resume or that you voluntarily convey in your exchanges with us, such as your hobbies or your marital status).
- Economic data (e.g., your current salary and salary expectations, etc.).
- Health-related data (e.g., information regarding disability) and other special categories of data (e.g., racial, or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership) if applicable pursuant to local legislation.
The provision of your personal data is voluntary, but in most cases, we will be unable to process your application properly without it. For example, if you refuse to provide us with reasonably required information regarding your educational and professional background, we will be unable to determine whether your profile meets the needs of the position and will have to reject your application.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties (e.g., contact details for people with whom we can verify your references), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
The personal data may be collected directly from you or can be provided by third parties (such as, previous employers to verify your references) and/or publicly accessible sources.
2. WHY AND HOW LONG DO WE PROCESS YOUR PERSONAL DATA FOR?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question. For each purpose, the table below indicates also the storage period that will be applied to your personal data. We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question:
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | 1) Contact details 2) Education (certificate and diploma); 3) Professional title; 4) Economic data; 5) Health data (belonging to protected categories); 6) Images; |
LEGAL BASIS | ||
The legal basis of the processing is the performance of the necessary steps to enter a potential employment contract with you. If special categories of data (such as, data relating to your health) is processed in this context, the legal basis for such processing is the necessity to comply with relevant laws (Discrimination Act (Sw: Diskrimineringslagen (2008:567)). | ||
RETENTION PERIOD | ||
2 years after the collection of the CV | ||
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Evaluation of candidates, selected through Linkedin platforms, to identify suitable candidates for available positions within NCE | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | 1) Contact details 2) Education (certificate and diploma); 3) Professional title; 4) Images; |
LEGAL BASIS | ||
The legal basis of the processing is the performance of the necessary steps to enter a potential employment contract with you. | ||
RETENTION PERIOD | ||
Until the position is closed on Linkedin | ||
Compliance with the applicable legal framework | Need to comply with a legal obligation that we are subject to. | |
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | 1) Contact details 2) Education (certificate and diploma); 3) Professional title; 4) Economic Data; 5) Health data (belonging to protected categories); 6) Images; |
LEGAL BASIS | ||
Our legitimate interest is to simplify and improve our recruitment processes. If special categories of data (such as, data relating to your health) is processed in this context, the legal basis for such processing is the necessity to comply with relevant laws (Discrimination Act (Sw: Diskrimineringslagen (2008:567)). | ||
RETENTION PERIOD | ||
If you do not request that we destroy your file, your data will be automatically destroyed after the time provided by the applicable legislation and in any case no more than two years after we last have contact with you.If you are an unsuccessful applicant your data will be stored for two years in order to defend a discrimination claim in court as stated in the Discrimination Act (Sw. Diskrimineringslag (2008:567) | ||
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Site access and security management, including video surveillance if you are interviewing on our premises | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | Images |
LEGAL BASIS | ||
Our legitimate interest is to protect people, premises, and property. | ||
RETENTION PERIOD | ||
Video surveillance images will be stored for maximum of 3 days from the date of recording. Except for the cases where further period is necessary to pursue a legal interest before a Court and/or is required by a binding order of a Public Authority | ||
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Compliance with the applicable legal framework | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | 1) Contact details 2) Education (certificate and diploma); 3) Professional title; 4) Fiscal code; 5) Health data (belonging to protected categories); |
LEGAL BASIS | ||
Need to comply with a legal obligation that we are subject to (i.e., the Swedish Discrimination Act (Sw: Diskrimineringslagen (2008:567)). | ||
RETENTION PERIOD | ||
For the duration of the limitation period of the obligations that we are subject to (2 years, except for the cases where further period is necessary to pursue a legal interest before a Court and/or is required by a binding order of a Public Authority. | ||
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Management and follow-up of potential disputes | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | 1) Contact details 2) Education (certificate and diploma); 3) Fiscal code; 4) Economic data; 5) Health data (belonging to protected categories); 6) Images; 7) ID Card data. |
LEGAL BASIS | ||
Our legitimate interest is to defend our interests, including through legal action. | ||
RETENTION PERIOD | ||
Your data will be stored in the phases preceding litigation, as well for the duration of the dispute and until all potential remedies have been exhausted. In any case, no longer than 10 years (Sw: Preskriptionslag (1981:130)). | ||
PURPOSES | PROCESSING ACTIVITIES | CATEGORIES OF PERSONAL DATA |
Processing your request to receive our job alerts | 1) Collection; 2) Recording/Storage; 3) Organization Structuring; 4) Use; 5) Visualization/Consultation/Access; 6) Disclosure (by transmission, dissemination or making otherwise available); 7) Erasure. | 1) Contact details 2) Education (certificate and diploma); 3) Economic data; 4) Health data (belonging to protected categories); 5) Images; |
LEGAL BASIS | ||
Your optional consent. | ||
RETENTION PERIOD | ||
Until your consent is withdrawn. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this policy (e.g., we use IT service providers to host your personal data on our behalf).
- to other entities of the Dedalus
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this policy.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
- Should your personal data be transferred to other countries inside or outside the European Economic Area (“EEA”), we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
- This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or alternatively;
the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims, ).
You can obtain copies of these documents, including the countries where personal data are transferred, by emailing our Group Data Protection Officer (“DPO”), whose contact details are set out in Section 6 (How can you contact us?) below.
5. WHAT RIGHTS DO YOU HAVE?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or erased.
- You also have the right to request that processing of your personal data be restricted or to object to the same.
- You have the right to portability of your personal data.
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the same.
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will unfortunately be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 6 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the Swedish Data Protection Supervisory Authority (Integritetsskyddsmyndigheten | IMY).
6 . How can you contact us?
If you have any questions or requests regarding our processing operations with your personal data under this policy, including exercising your rights, as outlined above, you may contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address: [email protected]
Current version: [Dedalus – applicant privacy policy – v. 1 ]
Last updated: [July 2022]
__________________________________________
Information notice for job applicants – Dedalus Healthcare BV – BELGIUM
Dedalus Healthcare BV (“Dedalus”) attaches a great deal of importance to and intends to pay particular attention to protecting your personal data and respecting your privacy.
The aim of this privacy policy (the “Policy”) is therefore to inform you of how your personal data is processed when you submit your application for a position within Dedalus (paid employment, internship, etc.).
In this regard, please note that Dedalus is deemed to act as the controller of your personal data(hereinafter referred to as “we”, “us” and “our”). Please refer to Section 7 (“How can you contact us?”) below to access the contact details.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, date of birth, etc).
- Professional and educational data (e.g., image, resume, identity of your current employer (if applicable).
- Evaluation data regarding your professional skills, including the results of practical tests performed during the recruitment process
- Personal data (i.e., data relating to your personal life, as it appears on your resume or that you voluntarily convey in your exchanges with us, such as your hobbies or your marital status).
- Economic data (e.g., your current salary and salary expectations, etc.).
- Sensitive data (e.g., information regarding disability) and other special categories of data (e.g., racial, or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership) if applicable pursuant to local legislation
The provision of your personal data is voluntary, but in most cases, we will be unable to process your application properly without it. For example, if you refuse to provide us with reasonably required information regarding your educational and professional background, we will be unable to determine whether your profile meets the needs of the position and will have to reject your application.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties (e.g., contact details for people with whom we can verify your references), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
The personal data may be collected directly from you or can be provided by third parties (such as, previous employers to verify your references) and/or publicly accessible sources.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | The legal basis of the processing is the performance of the necessary steps to enter a potential employment contract with you. If special categories of data (such as, data relating to your health, your membership of a trade union and/or your political opinions, racial and/or ethnical origins, philosophical and/or religious beliefs, etc.) is processed in this context, the legal basis for such processing is the necessity to comply with relevant laws. |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | Our legitimate interest is to simplify and improve our recruitment processes. |
Site access and security management, including video surveillance if you are interviewing on our premises. | Our legitimate interest is to protect people, premises, and property. |
Compliance with the applicable legal framework | Need to comply with a legal obligation that we are subject to. |
Management and follow-up of potential disputes | Our legitimate interest is to defend our interests, including through legal action. |
Processing your request to receive our job alerts | Your optional consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this policy (e.g., we use IT service providers to host your personal data on our behalf).
- to other entities of the Dedalus
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this policy.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
- Should your personal data be transferred to other countries inside or outside the European Economic Area (“EEA”), we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
- This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or alternatively;
the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims, ).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | Until the recruitment process in question is completed and your application has been rejected/accepted . |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | If you do not request that we destroy your file, your data will be automatically destroyed after the time provided by the applicable legislation and in any case no more than one year after we last have contact with you. |
Compliance with the applicable legal framework. | For the duration of the limitation period of the obligations that we are subject to. |
Management and follow-up of potential disputes | For the duration of the dispute and until all potential remedies have been exhausted |
Processing your request to receive our job alerts | Until your consent is withdrawn |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or erased
- You also have the right to request that processing of your personal data be restricted or to object to the same
- You have the right to portability of your personal data
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
same
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will unfortunately be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant data protection supervisory authority at the following link Homepage | Autorité de protection desdonnées
Gegevensbeschermingsautoriteit (dataprotectionauthority.be)
7. How can you contact us?
If you have any questions or requests regarding our processing operations with your personal data under this policy, including exercising your rights, as outlined above, you may contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address:
For Dedalus Heakthcare BV: [email protected]
Current version: Dedalus – applicant privacy policy – v. 1 ]
Last updated: July 2022
Consent (optional)
Having read the privacy information notice for job applicants I hereby agree to the processing of my personal data for the purpose of receiving Dedalus job alerts via e-mail, phone, SMS, ordinary mail, and any other means.
___________________ [signature or check box]
__________________________________________
Information notice for job applicants – iSOFT Nederland B.V. – NEDERLAND
Information notice for job applicants
iSOFT Nederland B.V. with registered office in Rijswijk, Einsteinian 28, 2289 CC (“Dedalus”) attaches a great deal of importance to and intends to pay particular attention to protecting your personal data and respecting your privacy.
The aim of this privacy policy (the “Policy”) is therefore to inform you of how your personal data is processed when you submit your application for a position within Dedalus (paid employment, internship, etc.).
In this regard, please note that Dedalus is deemed to act as the controller of your personal data(hereinafter referred to as “we”, “us” and “our”). Please refer to Section 7 (“How can you contact us?”) below to access the contact details.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, date of birth, etc).
- Professional and educational data (e.g., image, resume, identity of your current employer (if applicable).
- Evaluation data regarding your professional skills, including the results of practical tests performed during the recruitment process
- Personal data (i.e., data relating to your personal life, as it appears on your resume or that you voluntarily convey in your exchanges with us, such as your hobbies or your marital status).
- Economic data (e.g., your current salary and salary expectations, etc.).
- Data related to criminal convictions and offences (e.g., Declaration of good behavior (VOG)) if the required by the role and if authorized by local laws.
The provision of your personal data is voluntary, but in most cases, we will be unable to process your application properly without it. For example, if you refuse to provide us with reasonably required information regarding your educational and professional background, we will be unable to determine whether your profile meets the needs of the position and will have to reject your application.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties (e.g., contact details for people with whom we can verify your references), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
The personal data may be collected directly from you or can be provided by third parties (such as, previous employers to verify your references) and/or publicly accessible sources.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | The legal basis of the processing is the performance of the necessary steps to enter a potential employment contract with you. If special categories of data (such as, data relating to your health, your membership of a trade union and/or your political opinions, racial and/or ethnical origins, philosophical and/or religious beliefs, etc.) is processed in this context, the legal basis for such processing is the necessity to comply with relevant laws. |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | Our legitimate interest is to simplify and improve our recruitment processes. |
Site access and security management, including video surveillance if you are interviewing on our premises. | Our legitimate interest is to protect people, premises, and property. |
Compliance with the applicable legal framework | Need to comply with a legal obligation that we are subject to. |
Management and follow-up of potential disputes | Our legitimate interest is to defend our interests, including through legal action. |
Processing your request to receive our job alerts | Your optional consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this policy (e.g., we use IT service providers to host your personal data on our behalf).
- to other entities of the Dedalus
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this policy.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
- Should your personal data be transferred to other countries inside or outside the European Economic Area (“EEA”), we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
- This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or alternatively;
the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims, ).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | All information that is not necessary for your personnel file, will be stored until the recruitment process in question is completed. Information that is relevant for your personnel file will be stored during your employment and up to 2 years after you leave the company. |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | Four weeks after closure of the procedure (rejection/acceptance of the application). |
Compliance with the applicable legal framework. | For the duration of the limitation period of the obligations that we are subject to. |
Management and follow-up of potential disputes | For the duration of the dispute and until all potential remedies have been exhausted |
Processing your request to receive our job alerts | Until your consent is withdrawn. Unless a resume is stored, then consent needs to be provided every year, otherwise your data will be erased. |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or erase.
- You also have the right to request that processing of your personal data be restricted or to object to the same
- You have the right to portability of your personal data
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the same
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will unfortunately be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant data protection Supervisory Authority (for the Netherlands: Autoriteit Persoonsgegevens)
A list of data protection authorities can be found at https://ec.europa.eu/justice/article- 29/structure/data-protection-authorities/index_en.htm
7. How can you contact us?
If you have any questions or requests regarding our processing operations with your personal data
under this policy, including exercising your rights, as outlined above, you may contact us on the
following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the
following address: [email protected]
Current version: Dedalus – applicant privacy policy – v. 2]
Last updated: July 2022
__________________________________________
Information notice for job applicants – AMPHI SYSTEMS DANMARK
Dedalus Amphi systems AS (“Dedalus”) attaches a great deal of importance to and intends to pay particular attention to protecting your personal data and respecting your privacy.
The aim of this privacy policy (the “Policy”) is therefore to inform you of how your personal data is processed when you submit your application for a position within Dedalus (paid employment, internship, etc.).
In this regard, please note that Dedalus is deemed to act as the controller of your personal data(hereinafter referred to as “we”, “us” and “our”). Please refer to Section 7 (“How can you contact us?”) below to access the contact details.
1. What personal data do we collect?
We collect the following categories of personal data about you:
- Identification data (e.g., surname, first name, date of birth, etc).
- Professional and educational data (e.g., image, resume, identity of your current employer (if applicable).
- Evaluation data regarding your professional skills, including the results of practical tests performed during the recruitment process
- Personal data (i.e., data relating to your personal life, as it appears on your resume or that you voluntarily convey in your exchanges with us, such as your hobbies or your marital status).
- Economic data (e.g., your current salary and salary expectations, etc.).
- Sensitive data (e.g., information regarding disability) and other special categories of data (e.g., racial, or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership) if applicable pursuant to local legislation
The provision of your personal data is voluntary, but in most cases, we will be unable to process your application properly without it. For example, if you refuse to provide us with reasonably required information regarding your educational and professional background, we will be unable to determine whether your profile meets the needs of the position and will have to reject your application.
In any case, we will inform you when it is mandatory to provide your personal data.
Additionally, if you provide us with personal data belonging to third parties (e.g., contact details for people with whom we can verify your references), you undertake to ensure that such persons have been duly informed of the processing of their personal data in accordance with this policy and, if required, have consented to the processing of their personal data.
The personal data may be collected directly from you or can be provided by third parties (such as, previous employers to verify your references) and/or publicly accessible sources.
2. Why do we use your personal data?
The table below outlines the purposes that we process your personal data for and, for each purpose, the legal basis for the processing operation in question:
PURPOSES | LEGAL BASIS |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | The legal basis of the processing is the performance of the necessary steps to enter a potential employment contract with you. If special categories of data (such as, data relating to your health, your membership of a trade union and/or your political opinions, racial and/or ethnical origins, philosophical and/or religious beliefs, etc.) is processed in this context, the legal basis for such processing is the necessity to comply with relevant laws. |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | Our legitimate interest is to simplify and improve our recruitment processes. |
Site access and security management, including video surveillance if you are interviewing on our premises. | Our legitimate interest is to protect people, premises, and property. |
Compliance with the applicable legal framework | Need to comply with a legal obligation that we are subject to. |
Management and follow-up of potential disputes | Our legitimate interest is to defend our interests, including through legal action. |
Processing your request to receive our job alerts | Your optional consent. |
In any case, please note that we will not process your personal data for any other purpose that is incompatible with the above-mentioned purposes.
3. Who do we share your personal data with?
In the context of our processing operations, we may communicate your personal data to the following recipients:
- to our service providers, suppliers, agents, and contractors, to the extent that they assist us in carrying out the purposes set out in this policy (e.g., we use IT service providers to host your personal data on our behalf).
- to other entities of the Dedalus
- to competent courts, public authorities, government agencies and law enforcement agencies (including where we are required to comply with legal or regulatory requests).
Regardless of the recipient, we will only disclose your personal data to them on a strictly need-to- know basis and only to the extent required to fulfill the purposes identified in this policy.
We do not sell your personal data.
4. Do we transfer data outside the European Economic Area?
- Should your personal data be transferred to other countries inside or outside the European Economic Area (“EEA”), we ensure that the level of protection your personal data is given is not adversely affected by such transfers.
- This specifically means that each of the intended transfers is based on one of the following mechanisms at least:
- the existence of an adequacy decision issued by the European Commission for the country that your personal data is transferred to; or alternatively;
the conclusion of standard contractual clauses reproducing the models adopted by the European Commission; or, alternatively;
the existence of an exemption related to one of the specific situations exhaustively provided for by the General Data Protection Regulation 2016/679 (“GDPR”) (e.g. where you have given your consent to such transfer having been informed of the absence of safeguards, where the transfer is necessary for the performance of a contract concluded between you and us, where the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party, or where the transfer is necessary for the establishment, exercise or defense of our legal claims, ).
5. How long do we store your personal data for?
We store your personal data for no longer than is necessary for the purpose of the processing concerned.
In other words, this means that the storage periods we apply vary depending on the purpose for which we process the data in question. The table below therefore indicates, for each purpose, the storage period that will be applied to your personal data:
PURPOSES | STORAGE PERIOD |
Processing of your application to: (i) determine the suitability of your profile for the position in question; and (ii) make you an offer if we believe that your profile matches the position that you have applied for. | Until the recruitment process in question is completed and your application has been rejected/accepted . |
If your application is unsuccessful, your profile will be kept in a pool of applicants (so we can offer you future opportunities that are likely to suit you) and, if necessary, your profile will be shared with the other entities of the Dedalus Group that are likely to offer opportunities corresponding to your expectations. | If you do not request that we destroy your file, your data will be automatically destroyed after the time provided by the applicable legislation and in any case no more than one year after we last have contact with you. |
Compliance with the applicable legal framework. | For the duration of the limitation period of the obligations that we are subject to. |
Management and follow-up of potential disputes | For the duration of the dispute and until all potential remedies have been exhausted |
Processing your request to receive our job alerts | Until your consent is withdrawn |
We have also defined an archiving policy. This ensures that your personal data is not stored in the active database unnecessarily.
In any case, once the applicable storage period has elapsed, we will irrevocably erase or anonymize your personal data so that you can no longer be identified.
6. What rights do you have?
In accordance with the applicable data protection legal framework, particularly the GDPR, you have the following rights as a data subject:
- You may request access to your personal data and request that it be rectified or erased
- You also have the right to request that processing of your personal data be restricted or to object to the same
- You have the right to portability of your personal data
- Where processing of your personal data is based on your consent, please note that you may withdraw your consent at any time, without affecting the lawfulness of processing based on your consent carried out prior to your withdrawal of the
same
However, please note that some of the above rights are subject to specific conditions dictated by the applicable data protection legal framework. So, if your specific situation does not meet these conditions, we will unfortunately be unable to comply with your request.
To exercise your rights, please contact our DPO using the contact details provided in Section 7 (How can you contact us?). To process your request as efficiently as possible, we may ask you for certain additional information to confirm your identity and/or assist in locating the personal data that forms the subject matter of your request.
In any case, please note that you may lodge a complaint with the relevant data protection supervisory authority: https://www.datatilsynet.dk/
7. How can you contact us?
If you have any questions or requests regarding our processing operations with your personal data under this policy, including exercising your rights, as outlined above, you may contact us on the following address: [email protected]
We also have appointed a data protection officer (“DPO”), which you can contact by e-mail at the following address: [email protected]
Current version: [Dedalus – applicant privacy policy – v. 1 ]
Last updated: [July 2022]
This document has been prepared pursuant to EU Regulation 2016/679 (the “GDPR“) to enable users to understand what cookies are installed when they use the website www.dedalus.com (the “Website“).
- Data controller and data protection officer
Dedalus S.p.a., with registered office in Italy, Milano, Piazza della Santissima Trinità 6 (“Dedalus“) is the data controller of the personal data (the “Data“) of the users of the Website collected using cookies. For any request it is possible to write to Dedalus at the above-mentioned physical address or through the e-mail address [email protected].
Dedalus has appointed a Data Protection Officer (“DPO“), who can be contacted at
- Data processed by Dedalus
The navigation on the Website involves the use of cookies, short strings of text that the websites visited send to the user’s browser, where they are stored and then transmitted to the same websites during subsequent visits. While browsing a site, the user may also receive cookies on their computer from sites or web servers other than the one he/she is visiting (so-called “third party” cookies). It is possible to distinguish:
- Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website.
- Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
- Marketing cookies are used to target advertising to a user (behavioural targeting). They are often served by third party companies, and track a user across websites.
This Website uses the following cookies:
While technical cookies cannot be refused by the user of the Website, as they are strictly functional to the Website itself, the user can freely choose to accept or refuse the use of profiling cookies. The user can set and review their choices regarding cookies here with the “cookies setting” function available on the website
(privacy section).
- Purposes and legal basis of the processing
By using cookies, the following purposes are pursued:
3.1 to enable the navigation of the Website and its smooth functionality. The legal basis for the processing is the provision to users of services related to the Website and the legitimate interest of Dedalus to have a functional website.
3.2 to fulfil any obligations under applicable laws, regulations, or EU legislation, or to comply with requests from the authorities. The legal basis for the processing is the obligation of Dedalus to comply with mandatory legislation.
3.3 analyse user behaviour and possibly send him advertising messages in line with the preferences expressed by the same during navigation. The legal basis for processing in this case is the consent of the interested party.
3.4 for the needs of defence of the rights of Dedalus in the context of any litigation, even in court. The legal basis of the processing is the legitimate interest of the Owner to protect its rights.
The conferment of Data is optional, but (except in cases of processing based on consent) the failure to provide Data prevents the Controller from allowing the navigation of the Website.
- Recipients of the Data
The Data may be communicated:
(a) to third parties who need to perform specific activities in relation to the Data, in accordance with the purposes of the processing, or to service providers to the Data Controller.
(b) to authorities, entities and/or parties to whom the Data must be disclosed, pursuant to binding legal or contractual provisions.
(c) in other circumstances, such as acquisitions and sales to potential third-party companies, when we expect to sell or transfer part of or all our business.
- Transfer of Data outside the European Economic Area
As for the possible transfer of Data to countries not belonging to the European Economic Area, the processing will take place according to one of the legally permitted methods and therefore through the selection of recipients established in countries considered adequate by the European Commission or through the stipulation of standard contractual clauses.
- Data retention
The Data will be kept only for the time necessary for the purposes for which they were collected, respecting the principles of conservation limitation and minimization. More precisely, the terms of duration of the cookies are defined in the previous section 2. For the Data whose processing is based on the consent of the interested party, it is specified that the same will be kept until such consent is revoked.
- Data subjects’ rights
In the presence of the relevant legal prerequisites, the data subject may ask the Data Controller or the DPO for access to their Data, to rectify or erase them or to object to their processing, to request the restriction of processing in the cases provided for by Article 18 GDPR, as well as to obtain in a structured, commonly used, and machine-readable format the data concerning him/her, in the cases provided for by Article 20 GDPR.
In addition, the user has the right to revoke any consent to processing at any time, without affecting the lawfulness of the processing carried out by the Controller before the revocation.
Requests should be made in writing to the Data Controller at the addresses indicated above.
In any case, the interested party may lodge a complaint with the Guarantor for the Protection of Personal Data if he believes that the processing of his Data is contrary to the regulations in force.
Current version: Dedalus –Cookie policy– Dedalus S.p.a v. 1
Last updated: October 2021