The Company is the controller of the personal data (i.e., any information relating to an identified or identifiable natural person known as data subject) collected from and about you through the Website and the Services that is processed in compliance with the terms of this Policy.
The Company collects
(1) data that you have voluntarily shared with the Company,
(2) activity data collected when you access and interact with the Website or the Service and
(3) additional information, as the case may be.
More in particular, the Company collects your name and surname, email, postal address and other registration information, such as those you provide directly to us when you purchase products from our online store, download our free software(s), register new products, enter a contest or sweepstakes or sign into a page that requires prior authorization.
3Dconnexion may also collect: financial information to bill you for the products and services you purchased online by using the Website and the related Services; or information from other sources, such as publicly available information from social media services and commercially available databases.
The Company does not collect or process any special categories of personal data, therefore we ask you that you do not send us, and you do not disclose, any information included in a special category of personal data (such as information related to racial or ethnic origins, political opinions, religion or other beliefs, health records, criminal background or trade union membership) on or through the Website, the Services or otherwise.
We collect and use your personal data for:
a) allowing you to use the Website and the requested Services, thus including the processing of your purchases or orders;
b) measuring and improve those Services and the relevant features;
c) improving your experience with the Website and the Services;
d) providing you with customer support and to respond to inquiries, as the case may be;
e) complying with applicable laws or regulation, as well as to respond to requests from public and government authorities;
f) protecting the rights of the Company, as to situation where the Company has a good faith belief that a processing activity is necessary in order to: (1) protect, enforce, or defend its legal rights; (2) protect the safety, privacy and security of the users of the Website or of the Services; and (3) protect itself against possible frauds or risks;
g) completing a merger or sale of assets for which the transfer of your information to the party or parties involved in the transaction as part of that transaction may be necessary;
h) upon your optional consent and without prejudice to our legitimate interest where allowed by the Applicable Data Protection Legislation, sending you customized marketing communications either via automated means (e.g., email, sms, mms, fax, phone calls without human operator, social media, etc.) and non-automated means (e.g., paper mail and phone calls with operator);
i) upon your optional consent, sharing your personal data with our trusted business partners in order to receive their marketing and promotional communications.
When the data collected from or about you are not personal data or have been duly anonymized, we may use such information for additional purposes or share it with our third parties as the case may be.
The processing of your personal data for the purposes of:
a) Section 3, letters from a) to d) of this Policy is necessary for the running of the Website and the provision of the Services;
b) Section 3, letter e) of this Policy is mandatory as it is required under applicable laws;
c) Section 3, letters f) and g) of this Policy are based on the legitimate interest of the Company, as the case may be;
d) Section 3, letter h) and i) of this Policy are performed on the basis of your optional consent and, where possible and in alternative to consent, on the legitimate interest of the Company. These data processing activity are not mandatory and you can object or revoke your consent at any time through the modalities as per Section 10 of this Policy.
The Company will process the personal data for as long as is necessary to achieve the intended purposes pursuant to Section 3 above. In any case, the following retention periods shall apply:
a) the data collected for the purposes of Section 3, lett. a), to d) will be retained for a period strictly necessary for allowing you the use of the Website or the Services;
b) the data collected for the purposes of Section 3, lett. e), will be retained for ten (10) years in order to respond to data subjects’ requests and to comply with applicable laws and regulations, as the case may be;
c) the data collected for the purposes of Section 3, lett. f) and g) will be retained for the period strictly necessary in order to pursue the Company’s legitimate interests;
d) the data collected for the purposes of Section 3, lett. h) and i), will be retained for the period strictly necessary in order to achieve the purpose for which they were originally collected and, in any case, no longer than three (3) years;
e) the data collected for the purposes of Section 3, lett. i) will be retained in accordance with the policies and retention periods adopted by our trusted third parties acting in the role of autonomous data controllers.
With regard to the above mentioned purposes, the data is processed through both electronic and manual means, and is protected through adequate security measures. With this regards, although the Company uses appropriate administrative, technical, personnel and physical measures to safeguard personal data in its possession against loss, theft and unauthorized use, disclosure or modification, it cannot guarantee that all possible cyber-risks can be excluded.
For purposes consistent with those at Section 3 of this Policy, the Company may share your personal data with the following categories of recipients located within or outside the European Economic Area (EEA), in compliance and within the limits of the provisions of Section 7 below:
a) Other companies of the Group, as the case may be;
b) Third parties service providers entrusted with processing activities and duly appointed as processors or sub-processors when required by the Applicable Data Protection Legislation (e.g., cloud service providers, other entities of the group, providers of services instrumental to or supporting the Services – and thus, by way of example and without limitation, companies that provide IT services, experts, consultants and lawyers – companies resulting from possible mergers, demergers, or other transformations);
c) Competent national authorities in order to comply with applicable laws;
d) Trusted third parties business partners, upon your explicit consent.
Your personal data may be transferred to countries within and outside the EEA, in particular to USA.
Some non EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at here.
Please note that appropriate and suitable safeguards to protect your personal data in the possible transfer to countries outside the EEA will be put in place in compliance with the Applicable Data Protection Legislation, as the case may be.
The Website does not address subjects under the age of 18, nor is the Company knowingly collecting personal data from people under the age of 18.
At any time and at no charge, you have and / or can exercise the following rights:
a) the right to be informed on the purposes and methods of the processing;
b) the right of access;
c) the right to obtain a copy of the data held overseas and obtain information concerning the place in which such data are kept;
d) the right to ask for updating, rectification or integration of the data;
e) the right to request the cancellation, anonymization or blocking of the data;
f) the right to limit the processing;
g) the right to object to the processing, wholly or partly, also where it is carried out through automated individual decision-making, including profiling;
h) the right to revoke the consent to the processing;
i) the right to contact the data protection officer, as the case may be;
j) the right to lodge a complaint in front of the competent national data protection or judicial authority. Please note that the Group’s main establishment is in Monaco, therefore the competent data protection authority is the Monegasque authority;
k) the right to data portability (i.e., to receive an electronic copy of your personal data, if you would like to port your personal data to yourself or a different controller).
In case of any doubts, comments or complaints please contact us at privacy(at)3dconnexion.com or contact the Group Data Protection Officer at DPO(at)3dconnexion.com.
This Policy shall apply from the date specified in the introduction. The Company may amend and/or supplement this Policy also as an effect of any subsequent amendments and/or supplements to the Applicable Data Protection Legislation. Such amendments shall be notified in advance to you on a regular basis by the same Company.