What are personal data?
Personal data refers to any information relating to an identified or identifiable natural person, such as name, address, bank details, location data, online identifiers, etc.
When you use our website, we may collect personal data. Please read the information below carefully to understand how we will use your personal data that you share with us.
What types of personal data do we collect?
SupraTherm processes identification data (name, surname) and contact data (phone, email address, physical address) or your interests that you provide to us when you visit our website, including information you transmit to us when you contact us using one of the forms on our website.
Additionally, we process details about how you use our website, including, for example, traffic data, location data, pages you visit.
In certain situations, we may collect information about the device used to access our website, such as IP address, operating system, and browser type used, to improve the functioning of the website and the services we offer. This data is aggregated and used for statistical purposes, without identifying any specific individual.
What is the purpose of collecting personal data?
The main purpose of collecting and processing personal data provided by you on our website is to respond to your requests when you contact us through the available contact functions on our website. Additionally, when you give your express consent (e.g. by checking the corresponding consent box), we will inform you about additional products or services that may be of interest to you, for marketing purposes. In order to offer you information and counseling tailored to your interests, we may use analytical procedures that may include profiling. We always ensure that the use of these procedures does not negatively affect your individual rights and freedoms.
Furthermore, we may process your personal data collected through the website for the legitimate interests of ours or other entities in the Romstal group - these interests consist of improving the performance of the website and its available functionalities, promoting our products and services or those of other entities in the Romstal group, and improving our services and products.
Additionally, we automatically track information about you through the use of our own or service provider applications. This information pertains to details about the device and browser you are using, your IP address, as well as how you interact with our website. The purpose of collecting this data is to improve the functionality of the website (e.g. authentication, user preference retention, and implementing the "shopping cart" system).
What are your rights regarding the processing of your data?
In accordance with applicable legislation in the field of personal data protection, you have the following rights:
• Right of access to processed data;
• Right to rectify inaccurate or incomplete data;
• Right to data portability that you provide to us electronically;
• Right to request the deletion of personal data if there is no other legal basis for retaining it;
• Right to request the restriction of data processing;
• Right to object to data processing in certain cases related to your particular situation; in the case of direct marketing or marketing-related processing, you can object at any time without providing a reason;
• Right to withdraw your consent at any time;
• Right to lodge a complaint with a supervisory authority when you consider that the legal provisions on the protection of personal data have been violated.
Before providing/correcting/deleting etc. your data, we may request proof of identity and sufficient information about your interaction with us so that we can authenticate your request and identify all relevant data regarding you.
Data retention and deletion
Your data will be kept strictly for the period necessary to achieve the purposes described above, but no longer than five years after your last interaction with us, unless there is a legal obligation to retain the data for a longer period. However, we do not assume the retention of all data for the entire period mentioned above, and we may delete or anonymize your personal data earlier if we have no legal obligation to retain it.
Personal data transfers
SupraTherm will not sell, trade or rent your personal information. Your data will not be transferred to a third party, except when SupraTherm is legally required to do so or when the transfer is necessary for the purpose in which the data is processed (for example, to IT service providers employed by us or to marketing agencies that provide services for us).
Additionally, in the legitimate interest of ensuring the efficiency of management, logistics and promotion processes at the Romstal group level, your personal data may be transferred within the Romstal group, for the same purposes described above.
In all cases described above, the disclosure of your personal data is made based on a contract concluded with the recipients of the data, by which they undertake to use the data exclusively for the purpose for which they were entrusted, to respect the obligation of confidentiality and to ensure the security of the data, as well as to comply with all applicable legislation regarding the protection of personal data.
We may also disclose your personal data to public authorities, within the limits and provisions of the law and as a result of express requests made by them.
How we secure your data
SupraTherm takes data security seriously, so we use appropriate technologies and procedures to protect personal information. Our policies and procedures are reviewed periodically and updated in accordance with the latest international standards for the protection of personal data. For example:
• we have policies and procedures and have implemented adequate technical and organizational measures regarding the protection of personal data;
• we have measures that protect against accidental loss and access/use/destruction/disclosure of personal data;
• we carry out impact assessments on the protection of personal data in accordance with GDPR;
• we conduct audits and implement measures for data security;
• we train employees on the protection of personal data;
• all our employees and collaborators have signed confidentiality agreements with us.
However, no information security system is infallible. Therefore, we work continuously to ensure that our security measures are maintained at the highest level and we commit to informing you in a timely manner in the event of any security incidents that may pose a significant risk to your rights.