HOME
COMPANY
SERVICES
CAREER
PROJECTS
news e insight
EVENTS
CONTACT US
EN
IT
EN
FR

Privacy policy

Intro

The processing of personal data carried out by SECURITY LAB SA and SECURITY LAB ADVISORY Sagl is carried out in compliance with the Federal Law on Data Protection (LPD) and EU Regulation 679/2016, the principles of correctness, lawfulness, transparency, purpose limitation and storage, minimization and accuracy, and the protection of integrity and confidentiality.

This Privacy Policy is intended for the site www.sec-lab.com and all its subdomains (hereinafter “Site”). The Data Controllers are Security Lab SA and Security Lab Advisory Sagl (Sec-Lab) To request more information on the processing of personal data or to exercise their rights, the User can contact us:

by contacting in writing:
Security Lab SA or Security Lab Advisory Sagl
Corso Enrico Pestalozzi 21A, 6900 - Lugano Switzerland by writing to the email address:

01. What is personal data and what is a treatment

Personal data is information that identifies or can identify, directly or indirectly, a natural person and that can provide information about their characteristics, habits, personal relationships, etc. They are considered personal data, by way of example but not limited to: the name, surname, address or other contact data, an identification number or an online identifier.

A treatment is any operation carried out with or without the aid of automated processes and applied to personal data. The following are considered treatments, by way of example but not exhaustive: the collection, registration, organization, storage, modification, consultation, cancellation or destruction of data.


02. What are the personal data subject to processing

  • Browsing data
    The computer systems used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow the User to be identified. This data includes the IP addresses of the computers used by the User that connect to the Site; the URI addresses of the requested resources (UniformResource Identifier); the time of the request, and other parameters relating to the User's operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site to check its correct functioning, to identify anomalies and/or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Data Controller or third parties.
  • Data provided by the User

- The optional, explicit and voluntary sending of e-mail to the addresses indicated on this site involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.

- Personal data such as name, surname, e-mail are collected by the Data Controller when filling out the “Contact Us” Form or the “Newsletter” Form.

- In case of interest in one of the job positions indicated in the Career section, if the User sends the CV via email, as an attached file, Sec-Lab reminds the User that, if the User wishes to make known to the company information relating to his person falling within the scope of so-called special data or worthy of particular protection, such data can be processed only if the user has indicated his explicit consent in the copy of the CV attached to the e-mail. Sec-Lab in any case, invites the User not to indicate special data or data worthy of particular protection, with the exception of those that are considered by the User to be absolutely indispensable in order to allow an adequate evaluation of his application.

03. Purposes of the treatment

The User's personal data will be processed for the following purposes:

  • Respond to User requests by providing general information on the services offered by Sec-Lab;
  • Give feedback to potential candidates in relation to open professional positions in the Career section;
  • Send the User communications/notifications regarding the service;
  • To comply with the obligations established by law, by a regulation, and to satisfy requests from the competent Authority;
  • Exercise by the Data Controller the right of defense (extrajudicial, judicial);
  • Send to the User who has filled out the Newsletter Form and given their consent, communications relating to Sec-Lab services, events, courses, as well as commercial, advertising and informational communications (marketing). In this case, the User may revoke the consent given at any time by clicking on the appropriate “unsubscribe” link at the bottom of the newsletter.

04. Legal basis for the processing of User data

Each treatment is justified by one of the following legal conditions:

  • The processing is necessary to execute the User's requests. In this case, the provision of personal data is mandatory;
  • The processing is necessary to comply with a legal obligation. In this case, the provision of data is mandatory
  • The processing is necessary for the pursuit of the legitimate interest/overriding interest of the Data Controller, provided that it does not prevail over the interests or fundamental rights and freedoms of the User that require the protection of personal data. In this case, the provision of data is optional.

05. Who may the data be disclosed to

As part of the activity of Sec-Lab and for the purposes specified above, the User's personal data may be shared with:

  • Duly appointed data processors who provide specific processing or ancillary services on behalf of the Data Controller and under his instructions; the User may at any time request the updated list of Data Processors;
  • Companies/Associations that are partners of the Data Controller (e.g. AITI, ATED ICT TICINO);
  • Autonomous Data Controllers to whom the data could be communicated pursuant to legal provisions or orders from the Authorities; to allow the Data Controller to exercise its rights (law firm);
  • Subjects authorized by the Data Controller to process the personal data necessary for carrying out activities strictly related to the provision of services and who have assumed an appropriate legal and contractual obligation of confidentiality (e.g. employees and/or collaborators of the Data Controller).

We do not sell or otherwise disclose your personal data to third parties.

06. Where is the data stored

Personal data is stored electronically on servers located in the EU and Switzerland.
The Data Controller, if necessary, will have the right to transfer data even outside the EU and Switzerland. In this case, the Data Controller hereby ensures that the transfer of data will take place in accordance with the applicable legal provisions, ensuring adequate protection.

07. How long is the data kept

The User's personal data is kept in compliance with current regulations for the period of time necessary to achieve the purpose for which they were collected; in particular for the purposes of managing the User's requests for a period not exceeding 12 months from the receipt of the request, unless the User purchases a service of Sec-Lab.

The CV and any personal data of the Candidates for a period of time not exceeding 24 months from the receipt of the CV.

When the processing is based on the User's consent, personal data is kept until said consent is revoked.

08. Minori

Minors under the age of 16 must not provide information or personal data to the Data Controller without the consent of those exercising parental responsibility over them. Without such consent, it will not be possible for minors to send requests through the site.

Sec-Lab takes children's privacy seriously. Therefore, it invites all those who exercise parental responsibility over minors to inform them about the safe and responsible use of the Internet and the Web.

09. What are the User's rights

The User may ask, at any time, for confirmation as to whether or not his personal data is being processed, and in relation to them he has the right to:

  • request access to data to obtain information on the purposes pursued with the processing, on the recipients to whom the data could be communicated, the duration of the processing (where possible) and the possible consequences of a processing based on profiling;
  • revoke consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the revocation;
  • request the correction of personal data if they are inaccurate or incomplete;
  • request the cancellation of data if they are no longer necessary for the Data Controller for the intended purposes of the processing, are inadequate for the purposes of the processing, the User has revoked his consent or the data has been processed illegally;
  • request the limitation of data processing, in the cases provided for by the law;
  • request the transfer of data to another Data Controller, in a commonly used format eligible for a computer device, without hindrance from the current Data Controller;
  • object to the processing of your data and, specifically, you have the right to object to decisions that concern you if based solely on automated processing of your data, including profiling;
  • lodge a complaint with the competent authority, if you believe that the treatments concerning you violate current legislation on data protection

To exercise your rights, you can use the contact details provided in the INTRODUCTION or access the website of the Federal Representative of data protection and transparency.

10. Automated decision-making

The User is not subject to decisions based on automated processing.

11. Amendments

Sec-Lab reserves the right to modify or simply update the content of this Privacy Policy, in part or completely, also due to changes in the applicable legislation. These changes will be binding as soon as they are published on the Site. If the User continues to access or use the service after such publication, it is assumed that he has expressly accepted these changes. Sec-Lab It therefore invites the User to visit this section regularly to be aware of the most recent and updated version of the Privacy Policy so as to be always updated on the data collected and on the use made of it Sec-Lab.

Cookie Policy

HomeCompanyCareerProjectsNews and insightsEvents
Governance & ComplianceOffensive SecurityCyber DefenseE-learning

Lugano
Enrico Pestalozzi 21A Course,
6900 Lugano, Switzerland

Munich
24, avenue de l'Annonciade
MC 98000 Monaco

Call us at

+41 91 922 59 41

Send us a message