Privacy Policy

For Customers of SBS Friction A/S

Last updated: December 20, 2023

SBS Friction is part of Brembo SpA. This privacy policy will explain how we use the personal data we collect about customers.

 

SBS FRICTION A/S (hereinafter the "Company"), in its role of data controller, pursuant to art. 13 of the European Regulation 679/2016 concerning the protection of personal data (the "Regulation"), wishes to provide you with the following information:

 

  1. Types of personal data
  2. Purpose of the processing
  3. Nature of collection and processing methods
  4. Storage of data
  5. Disclosure, dissemination and transfer of data
  6. Rights of Data Subjects
  7. Identity and contact details of the Controller and contact of the Data Protection Officer

 

1. Types of personal data

The data provided by You and concerning the personnel that You have assigned to the performance and management of the agreements (hereinafter the “Data Subjects”), including name, surname, contact data, e-mail addresses, positions where relevant, will be processed by the Company in accordance with the Regulation and with local laws, including possible decisions issued by the Supervisory Authority, as applicable.

2. Purposes of the processing

The Company will process the data of the Data Subjects while carrying out its commercial and financial activities and for the performance of contractual relationships. In particular, the data will be processed in order to comply with the obligations established by the law (for example, tax and accounting obligations); for the registering customers into the Company’s management system (customers' list); for the administrative management of the agreements including for handling of invoices; for the compliance with obligation related to the supply of goods, as well as for handling possible litigation. . The processing of data for the above-mentioned purposes does not require the individual consent since the Company is authorized to avail itself of the reliefs available under letter b), c) of article 6.1, of the Regulation.

3. Nature of collection and processing methods

The collection of personal data concerning a Data Subject is a requirement: failing this, it becomes impossible to enter into a commercial agreement or, in case of existing agreements, to fulfil the obligations and commitments arising from such agreements.

The data shall be processed by the Company, and by those entrusted by the Company with processing, generally by the Administration & Finance department and by the relevant Commercial Department, but also by other staff employees who could have the need to process them (included technical and R&D dept.), mainly by means of electronic or manual systems and according to the principles of fairness, integrity and transparency that are required by applicable laws on data protection as well as by preserving the privacy of the concerned persons, through the implementation of technical and organizational measures ensuring an adequate safety level (including, without limitation, by preventing access from unauthorized persons - unless such access is required by the applicable laws- or by ensuring restoration of access to data after material or technical accidents).

4. Storage of data

The data shall be stored in compliance with the applicable regulations on protection of personal data for the time that is necessary to comply with the above-mentioned purposes. In particular, personal data will be stored by Company for the whole duration of the contractual relationship and also after its termination, in compliance with applicable laws (including, without limitation, the obligation to keep the invoices and other company documents for at least 5 years).

5. Disclosure, dissemination and transfer of data

Without prejudice to the duty of disclosure in order to fulfil any legal or contractual obligations, the data may be disclosed to tax or legal consultants, to Company’s collaborators, to the banks, to public entities as well as to those persons that are authorized by the laws to receive such data, if required,  to Danish or foreign judicial or other public authorities for the fulfilment of legal obligations, or for the performance of the obligations arising from an agreement, including for the purposes of defence before the Courts. Such entities act as independent data controllers.

Contact details may also be disclosed occasionally and for single reasons, to other customers and/or suppliers of the Company, including –without limitation - if it becomes necessary to collaborate with any of such persons for the performance of the contractual obligation.

In order to perform certain services implying the need of personal data processing, the Company may also avail of third parties, including in respect of the service of substitutive filing or quality, process and product audit services. These companies shall operate as external data processors in compliance with specific and adequate directions concerning the processing methods and safety measures as specified in specific contractual documents. The full and updated list of the companies acting as data processors is available on request to the contacts mentioned below.

The data may be disclosed to other companies belonging to the Group, including subsidiaries and affiliates, with registered office inside and outside the European Union (the updated list is available on Brembo’s website: https://www.brembo.com/en/investors/the-group/brembo-structure) if necessary for internal administration purposes and the coordination of the group, or if such companies need to cooperate for the performance of the contract. In this case, with reference to transfer the data to countries located outside the European Union, the Company undertakes to ensure a level of protection and preservation, also by means of entering into specific contracts, adequate to the applicable laws, including the entering into standard contractual clauses (a copy of the undertaken commitments with the Group companies is available on request to the contacts mentioned below). Personal data shall not be disseminated.

6. Rights of Data Subjects

A Data Subject shall have the rights contemplated in the Regulation (articles from 15-21) in respect of the processing of data contemplated thereto, including the right to:

  • Obtain confirmation of the existence of personal data concerning him/her and to gain access to them (right of access);
  • Obtain the updating, modification and/or rectification of its personal data (right of rectification);
  • Obtain erasure, or to set limits to processing, of personal data whose processing is unlawful, including those that are no longer necessary in relation to the purposes for which they were collected or otherwise processed (right to be forgotten and right to the restriction of processing);
  • Object to processing (right to object);
  • Withdraw previously given consent, if any, without prejudice to the lawfulness of processing based on that consent;
  • Receive a copy in electronic form of the data concerning him or her which have been provided to a controller in the framework of an agreement and to have such data transmitted to another controller (right to data portability).

For the exercise of the rights above and in case of further requests for information regarding the present privacy notice, the Data Subject can contact the Data Protection Officer (DPO) by sending an email to privacy.sbs@sbs.dk or by a  registered letter to the legal address of the Company, to the attention of the DPO.

Data Subject may also lodge a complaint with the Supervisory Authority in case of infringement of regulations concerning the protection of personal data. In Denmark, you can file a complaint to Datatilsynet. 

Should you wish to report a complaint or if you feel that SBS has not addressed your concern in a satisfactory manner, you may contact Datatilsynet: https://www.datatilsynet.dk/english/.

7. Identity and contact details of the Controller and contact of the Data Protection Officer

If you have any questions about SBS's privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us:

Email us at: privacy.sbs@sbs.dk

Call us at: +45 63 21 15 15

Or write to us: SBS Friction A/S, att. Marketing, Kuopiovej 11, 5700 Svendborg, Denmark.