Global privacy policy at LEM

Privacy Policy

SCOPE OF THE GLOBAL PRIVACY POLICY

  • For the purpose of this Global Privacy Policy, “we”/”us”/”our” or “LEM” refers to LEM HOLDING SA and/or all of its direct or indirect affiliates, subsidiaries and branches (each individually a “LEM Entity”).
  • Each LEM Entity processes personal data in the context of its activities.
  • On a group-wide level, LEM may process personal data that were originally collected by LEM Entities.

This Global Privacy Policy describes the following data processing-related elements:

   -  Where we may obtain your personal data;
   -  What categories of your personal data we may process;
   -  Why we collect and process your personal data, i.e. for what grounds we process it;
   -  How we collect and process your personal data, including the protection measures we implement.

In addition, this Global Privacy Policy also tells you about your rights and how to exercise them.

Privacy is of utmost importance at LEM and its respect is taken into account at every step of data processing. We especially do not trade or sell personal data that has been entrusted to us and value overall the trust people place in us. We promote industry best practices to ensure privacy concerns are addressed and that personal data is protected.

We strive to be global and consistent in how we implement privacy. This Global Privacy Policy therefore applies to:

  1.  All individuals who provide personal data to us (customers, suppliers, business partners, shareholders, ultimate beneficial owners, job applicants, agents, among others, to the exclusion of LEM employees, whose personal data is processed according to specific internal regulations).

  2.  All locations where we operate, even where local regulations do not exist.

  3.  All online or offline methods of contact such as Internet, mail, telephone or email.

With regard to this global purpose, our Global Privacy Policy is based not just on individual country privacy laws, but also on internationally accepted privacy principles and information practices, especially with regard to the principles derived from the Organization for Economic Co-operation and Development (OECD) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation “GDPR”).

Privacy Policy

SOURCES OF YOUR PERSONAL DATA (“WHERE”)

Each LEM Entity may obtain your personal data from several sources, such as:

  • You, when you or the company you represent and/or work for enters into a contract with LEM or you otherwise interact with us – this comprises especially emailing us, signing up for newsletters or events, attending events or entering your personal data on LEM website.
  • LEM website. We automatically collect details of your visit through cookies (such as IP address and web pages visited).
  • Third parties, such as a recruiting agencies or LEM business partners.
  • Third party social networks (such as your own website or social media, Facebook, Google, LinkedIn), especially when you authorize such third party social network to share information and data with us, when you use a social network functionality integrated to our website, or that you interact with us through the social network. You should at all time be aware of the terms of use and privacy policy that applies to the third party social network and are of its exclusive responsibility.
  • Publicly available publications or databases
  • CCTV cameras and other security elements

 

Privacy Policy

Your personal data processed by LEM ("what")

We may collect various categories of personal data that can specifically identify you, especially:

  • Identification information (including your full name, title and function, date of birth, nationality, age or age range, gender, geographic location, copies of passport or identity card details, marital status).
  • Your business and/or personal address and contact details (including your business and/or personal telephone and/or mobile phone numbers and email addresses).
  • Banking data (including bank and payment details, credit card number).
  • Financial data (including credit/income history, data necessary to evaluate your solvency).
  • Transaction-related data (including transaction information (number of products purchased, types of products, order values, sales figures, purchase history, etc.) and customer service information (complaints etc.)).
  • General information pertaining to your organization (including description data such as its type of activities, reported revenues).
  • Recruitment-related information: When you apply for a job position at LEM, we may also collect personal data such as your CV, your education and qualification details, your photograph and other details set out in your application as well as information relating to past employment and opinions from third parties about you.

We do not collect sensitive personal data about you, except upon your express prior consent or unless required by law.

 

Privacy Policy

GROUNDS FOR PROCESSING YOUR PERSONAL DATA (“WHY”)

We process your personal data based on the following grounds:

  • Evaluation and performance of a contract: We may need to process your personal data to take steps to enter into a contract with you or your company or to perform such a contract and manage our relationship with you or your company, including by contacting you.
  • Serving our legitimate interests: We may process your personal data for our legitimate interests such as managing and administering LEM group-wide business activities, credit control and management, analytical purposes for researching, developing and improving products or services, as well as analytical purposes linked to our website. We may also process your personal data to protect our rights (e.g. in the event of legal proceedings).
  • Compliance with our legal and regulatory obligations, a court order or other legal process: We may process your personal data as necessary to comply with our legal and regulatory obligations, a court order or any other legal process, including the obligations of LEM as a listed company on the SIX Swiss Exchange, as well as to proceed to anti-fraud and blacklist management.
  • Specific processing based on your consent: We may process your personal data with your consent especially to provide you with commercial marketing information about us and our products – as a rule, our email newsletters are sent only to those who have expressly asked to receive them (“opt-in”), and the newsletters have a link allowing you to opt out of receiving future messages.

Overall, we limit the collection and processing of personal data to what is required in order to achieve our goal of providing superior quality and value. For example, we use email addresses to send consumers or shareholders or job applicants information they have requested and/or should receive based on the relationship with us. Consumer feedback on products and services is used to improve our products and services.

 

Privacy Policy

PROCESSING MEANS AND SECURITY (“HOW”)

technology/cookies

We use technology in order to better serve you and help us identify and tailor the services that have to be provided. We use cookies to manage our website. For more information about how we use cookies, please see our Cookies Policy.

retention period

We do not keep personal data any longer than necessary to meet the business purpose for which it was collected, respect our operational requirements or respect legal or regulatory imperatives. At the end of the applied retention period, we shall delete your data without it being required that any further information be provided to you.

Should you wish specific information on the retention period applied to your data and/or the criteria used to determine such period, please contact us at the email address provided below (“CONTACT INFORMATION”).

data sharing and transfer

Your personal data may be transferred to various LEM Entities, especially through the use of common databases or a common management of data to LEM and the LEM network. Especially, the processing of your personal data as described above may require that your personal data be ultimately transferred to and/or stored at a destination outside of your country of residence.

Overall, our global privacy program requires the same high level of security and protection of personal data in all countries and locations, with procedures and contracts in place to help ensure this. Especially, any transfer of personal data from the European Economic Area (EEA) or Switzerland to countries that do not provide an adequate level of protection by law, take place using an acceptable data transfer mechanism, especially through the use of Standard Contractual Clauses.

Your personal data may also be transferred to third parties contractors and processors, especially agents, vendors and professional advisors. Such contractors provide services to LEM, including mailing information or samples, cloud services and other IT services. These agents, vendors and business partners are bound by obligations of confidentiality and are required to protect and manage your personal data to the same high standards as the ones that apply to LEM.

LEM may also be required to disclose your personal data to regulatory and supervisory authorities in order to comply with any law, regulation, court order or government request.

In the event that all or part of LEM’s business is acquired by a third party, your personal data may be transferred to the new owner. Such transfer may also intervene prior to such acquisition in the context of a due diligence process, in which case the reviewing party shall be bound by obligations of confidentiality and be required to protect and manage your personal data in conformity with applicable laws.

LEM HOLDING SA, whose equity securities are listed on SIX Swiss Exchange, is required to forward data on LEM’s directors, officers and agents, as well as any other person who would be linked to LEM's listing, to SIX Exchange Regulation Ltd on the basis of legal and regulatory requirements. This relates in particular to the Federal Act on Financial Market Infrastructures and Market Conduct in Securities and Derivatives Trading and the Federal Act on the Swiss Financial Market Supervisory Authority, as well as the respective regulations and self-regulation of the FINMA and SIX.

LEM’s directors, officers and agents, as well as any other person who would be linked to LEM's listing, are informed that:

  • Their data are forwarded to SIX Exchange Regulation Ltd;
  • SIX Exchange Regulation Ltd processes these data on the basis of a legal obligation;
  • Under certain circumstances, SIX Exchange Regulation Ltd and the judicial bodies of SIX Group may, on the legal basis of legal obligation, use their data in investigations or sanction proceedings in accordance with the applicable legal and regulatory rules and ordinances; and
  • Their data may be forwarded to third parties, e.g. the Swiss Financial Market Supervisory Authority (FINMA), criminal prosecution authorities or courts.

INFORMATION SECURITY

LEM is committed to keeping personal data secure and protects it by industry standard security practices and measures, in order to prevent loss, misuse, unauthorized access, disclosure, or alteration. We apply to this purpose appropriate technical, administrative and physical procedures in place.

Access to data is limited to individuals who have a business need consistent with the reason the data was provided.

 

Privacy Policy

YOUR RIGHTS AND CHOICES

  • Access: You have the right to receive information regarding LEM processing of your personal data and to receive a copy of your personal data, as the case may be adapted in order to protect other persons’ personal data.
  • Rectify: We take steps to make sure that the personal data we use is correct. You have the right to require that your personal data be corrected or updated if it is incorrect or incomplete.
  • Erase: You have the right to request the deletion of your personal data in certain circumstances. Please note however that we may be required to retain some of your personal data in order to satisfy our legal or contractual obligations, as well as to satisfy our legitimate needs.
  • Object and restrict: You have the right to object to and requesting that we restrict our processing of your personal data in certain circumstances.
  • Withdraw your consent: You have the right to withdraw any previous consent you provided – please however note that any processing that was validly based on your consent shall remain valid notwithstanding such a withdrawal and that any further processing may be justified by other grounds.
  • Data Portability: Depending on the applicable rules to you, you may have the right to have your personal data returned to you in a structured, commonly used and machine-readable format and, where technically feasible, transmitted to a third party.

In accordance with applicable regulation, you may also be entitled to file a complaint with the competent supervisory authority if you feel your personal data has been mishandled or if we have failed to meet your expectations. You are encouraged to contact us about any complaints or concerns prior to such a step, but you are naturally entitled to complain directly to the relevant supervisory authority.

Please note that, in order to ensure that you are the data subject allowed to exercise these rights, we may ask you for a proof of identity (copy of official identification document with a photo mentioning your date and place of birth).

Any request is free of charge unless your request is unfounded or excessive (e.g. if you have already requested such personal data multiple times in the last twelve months or if the request generates an extremely high workload). In such case, we may charge you a reasonable request fee according to applicable data protection legislation.

In any case, we may refuse, restrict or defer the provision of personal data where the applicable regulation allows us to do so, for example if fulfilling the request will adversely affect the rights and freedoms of others.

You can exercise any of your rights by contacting us at the email address provided below (“CONTACT INFORMATION”).

Privacy Policy

UPDATE

LEM may change and correct this Global Privacy Policy unilaterally at any time and for any reason. We will publish the new version on our website. You are encouraged to regularly visit our website, or contact us, in order to have the latest version of this Global Privacy Policy.

Privacy Policy

CONTACT INFORMATION

If you have any queries or comments in relation to processing your personal data or exercising of any of the rights listed above, please contact us via the following email address: datasecurity@lem.com.

This Global Privacy Policy was last updated October 04, 2018.