Novotema Website Privacy Statement
1) Scope and Introduction for all Website Visitors
The Novotema Privacy Statement (“Statement”) explains how personal data is collected, used and disclosed by Novotema when users access and use the services and features offered on our website and any of our other websites or mobile applications that link to this Statement (the “Sites”).
This Statement is supplemented, and are incorporated herein, by the Novotema Cookie Notice , the Novotema Business Contact Privacy Notice and the Novotema Job Applicant Privacy Notice, the Novotema GDPR Privacy Addendum, the Novotema PIPL Privacy Addendum and the Novotema California Privacy Addendum.
International Users of the Sites - users from different countries and states may visit the Sites. Section 1 of this Statement applies to all users. Depending on your place of residence, further sections may apply to you.
2) Collection of Information
We collect the following information on our website:
a) Information We Collect Automatically:
When you access or use our Sites, we automatically collect the following information which is stored separate from other data that you may provide to us. We use this information to provide the Sites to you, deduce statistical and anonymous information about the users of the Sites and for the technical administration and the security of the Sites:
b) Information You Provide to Us:
We also collect information you provide directly to us. For example, when you visit the Sites, we collect information when you request to create an account, respond to a survey, participate in any interactive features of the Sites, sign up for a newsletter or provide general feedback. The types of information we may collect include your name, company name, title, street address, telephone number, email address and any other information you choose to provide. We collect this information for offering the function that you use respectively.
3) Use of Information
We may use information about you for various purposes, including:
We may also use your information to contact you about our own goods and services that may be of interest to you. If you do not want us to use your information in this way, please see the section of this privacy notice entitled “Choices About How We Use and Disclose Your Information.”
4) Recipients and Categories of Recipients of Personal Data
We do not share, sell, or otherwise disclose information about you for purposes other than those outlined in this Statement. However, we may use and disclose aggregated information about our users and other information that does not reasonably identify any individual, without restriction. We may share information about you as follows or as otherwise described in this Website Privacy Statement and in each case only in accordance with applicable law. Possible recipients or categories of recipients of your personal data are:
5) Social Sharing Features
On our Sites, you can interact with social networks operated by third parties as set out below.
6) Security
IDEX takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
If you have any questions about this privacy policy, the data processing practices of Novotema, or our Sites, you can contact us at novotema.privacy@idexcorp.com or privacy@IDEXcorp.com.
7) Do Not Track Signals
Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such a signal is broadcast or received by us.
8) Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
Cookies. Most web browsers are set to accept cookies by default. You can block cookies by activating the setting on your web browser that allows you to refuse the setting of all or some cookies. These settings are usually found in the ‘options’ or ‘preferences’ menu of your web browser. In order to understand these settings or get further information, refer to the documentation provided by the provider of the web browser you are using. For further information about deleting or blocking cookies, please visit: www.allaboutcookies.org. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our Sites or perform certain functionalities of the Sites. For additional details about the cookies used in our Sites, please visit our Novotema Cookie Notice.
Promotional Communications. You may opt out of receiving promotional emails or messages from Novotema by following the instructions in those emails or messages or by using other tools we may make available or by emailing us at novotema.privacy@idexcorp.com or privacy@IDEXcorp.com. If you opt out, we may still send you nonpromotional communications, such as those about your account or our ongoing service relationship.
9) Accessing and Correcting Your Information
General. You may at any time review or ask for the rectification or removal of your information by contacting us at the contact information shown below. However, note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time.
10) Jurisdiction Specific Privacy Rights
The law in some jurisdictions may provide you with additional rights regarding our use of Personal Data. To learn more about any additional rights that may be applicable to you as a resident of one of these jurisdictions, please see the privacy addendum for your state that is attached to this Privacy Notice.
Your Rights under the General Data Protection Regulation (“GDPR”)
If you are a resident of the European Economic Area or the United Kingdom, you have the additional rights described in the Novotema GDPR Privacy Addendum [insert link] to this Statement
Your Rights under the Personal Information Protection Law (“PIPL”)
If you are a resident of the in the People’s Republic of China (“China”, which, solely for the purposes herein, is exclusive of Taiwan, Hong Kong and Macau), you have the additional rights described in the Novotema PIPL Privacy Addendum [insert link] to the Statement.
Your California Privacy Rights
If you are a resident of California, you have the additional rights described in the Novotema California Privacy Addendum [insert link] to the Statement.
11) Contact Information
If you have any questions, concerns, complaints, or suggestions regarding this Statement, or have any requests related to the personal information we collect about you, you may contact us the corporate affiliate that operates this Site or at our corporate headquarters:
For a contact information for our Corporate Affiliates: https://www.idexcorp.com/affiliates-list/
For our Corporate Headquarters: Novotema, Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy novotema.privacy@idexcorp.com or privacy@idexcorp.com
GDPR Privacy Addendum
Information to Residents in the European Economic Area and the UK
Effective Date: [Insert effective Date]
This GDPR Privacy Addendum supplements our Statement and applies to residents of the European Economic Area, i.e. the European Union plus Iceland, Norway, and Lichtenstein, as well as to residents of the United Kingdom.
The data controller pursuant to Art. 4 No. 7 General Data Protection Regulation (Regulation (EU) 2016/679) and the UK General Data Protection Regulation and the Data Protection Act of 2018 (collectively, the “GDPR”) is Novotema a company with its principal place of business at Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy will process your personal data pursuant to this Statement as a personal data handler under PIPL, and can be contacted at the following email addresses:novotema.privacy@idexcorp.com or Privacy@idexcorp.com.
IDEX may have business unit-specific Data Protection Officers when necessary to comply with the GDPR. Some of our business units may also have a representative in the European Union and/or the United Kingdom when necessary, however our business units that are European Economic Area may not be not required to appoint a representative and have elected not to do so. More information about contacting IDEX’s representative (when appropriate) and Data Protection Officer is set forth below under the “Contact Information” portion of this GDPR Privacy Addendum.
1. Processing of Personal Data
The types of information about you that we process and the purposes for that processing is described in our Statement. As described in our Statement we process personal data for different purposes. The legal bases according to the GDPR for such processing are listed below (Please see our our Novotema Cookie Notice for information about processing of data derived from cookies):
Processing purposes |
Lawful basis |
|
We only process this kind of cookie or similar tracking data if you have given us your prior consent (Art. 6 (1) (a) GDPR). |
|
These data are processed on the basis of statutory regulations, which allow us to process personal data to the extent necessary for the use of a service (Art. 6 (1)(b) GDPR) or because we have a predominant legitimate interest in providing you with, or optimize the functions on our presences on social media (Art. 6 (1)(f) GDPR), as well as your consent vis-á-vis the respective operator of the social media platform (Art. 6 (1)(a) GDPR). We might act as joint controller with the respective social media site. For further information, please see Section 2 below. |
|
This data is processed on the basis of statutory provisions which allow us to process personal data to the extent necessary for the use of a service or the performance of a contract (Art. 6 (1) (b) GDPR), any processing for these purposes that is not necessary for the use of our website and the functions provided on the website is necessary for pursuing our or a third party’s legitimate interests which are not overridden by the interests or fundamental rights and freedoms of the users which require the protection of personal data (Art. 6 (1) (f) GDPR). Insofar as the processing is based on our legitimate interests, such interests are running a stable and efficient website, having a good customer service, employing people, making our business processes more efficient and improving our business and services. |
|
The personal data is processed for pursuing our or a third party’s legitimate interests which are not overridden by the interests or fundamental rights and freedoms of the users which require the protection of personal data (Art. 6 (1) (f) GDPR). The legitimate interests are running a user-friendly website, improving our offers by tailoring our offers to the individual user, running a secure and stable website, making our business processes more efficient and pursuing our legal rights. |
Communicating with you about services, offers, promotions, rewards, and events offered by IDEX and others |
Depending on the individual case such communication can be based on different legal bases. We might provide you with certain information based on a declaration of consent (Art. 6 (1) (a) GDPR), we might also provide you the information because you have subscribed to a specific service in which case the processing is necessary for the performance of a contract with you (Art. 6 (1) (b) GDPR). Certain communication might also be based on our legitimate interest to provide tailored marketing information to the users of the Sites (Art. 6 (1) (f) GDPR). |
Carrying out any other purpose described to you at the time the information was collected |
The legal basis will depend on the individual case. |
2. Social Media
a) LinkedIn
For users located in the European Economic Area and Switzerland, LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland ("LinkedIn Ireland"). The privacy statement of LinkedIn Ireland can be accessed here: https://de.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy. In it, you will also find information on the privacy setting options for your LinkedIn profile.
We are also jointly responsible with LinkedIn Ireland for the processing of so-called Page Insights data when people visit our LinkedIn company page. For this purpose, we have concluded a joint processing responsibility agreement with LinkedIn Ireland, which can be accessed here: https://legal.linkedin.com/pages-joint-controller-addendum. LinkedIn Ireland undertakes, among other things, to assume primary responsibility under the GDPR for the processing of Page Insights Data and to comply with all obligations under the GDPR with respect to the processing of Page Insights Data. We receive non-personal information and analytics about the use of our account or interactions with our posts from LinkedIn Ireland as part of so-called Page Insights. With this information, we can analyze and optimize the effectiveness of our LinkedIn activities. For this purpose, LinkedIn Ireland processes in particular data that you have provided to LinkedIn Ireland via the information in your profile. This especially includes the following data:
In addition, LinkedIn Ireland will process information about how you interact with our LinkedIn company page, such as whether you are a follower of our LinkedIn company page.
b) Twitter
Twitter is operated by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The privacy statement of Twitter can be accessed here: http://twitter.com/privacy. Further setting options can be found at https://twitter.com/personalization.
Twitter also transfers personal data to the USA and other third countries outside the European Economic Area for which there is no EU Commission adequacy decision. Further information can be found here: https://twitter.com/de/privacy.
You can change your privacy settings on Twitter in the account settings at: http://twitter.com/account/settings.
3. Retention Periods
We delete or anonymize your personal data as soon as it is no longer required for the purpose for which we processed it.
In general, we store your personal data for the duration of the usage or the contractual relationship via the website plus a period of 15 days for IT security purposes. We store general web log files for a period of one year and for analytical information, we store the data for three years.
In the event that you have given us your consent to process your data (e.g. for marketing purposes including the associated profiling), we will store your data until you revoke your consent or the processing purpose does not apply anymore.
For the retention period of cookies and other tracking, please refer to the details in our Novotema Cookie Notice.
After these periods have expired, the data will be erased unless this data is required for a longer period due to legal retention periods, alternative purposes or for criminal prosecution. Beyond these retention periods, we may retain the data for the purposes of legal defense and law enforcement for as long as is necessary for the preparation or execution of a possible legal dispute (usually up to four years, whereby the legal dispute itself may inhibit the course of this period). If data can be stored for these reasons, it will be blocked. The data will then no longer be available for further use.
4) Rights of Residents in the European Economic Area and the United Kingdom
The GDPR provides you with certain rights in relation to the processing of your personal data. These rights are subject to various conditions under the GDPR and/or your countries specific implementation of the GDPR.
All such requests to exercise these rights may be sent to privacy@idexcorp.com or to the other contact information listed below. Those rights include:
RIGHT OF OBJECTION. YOU HAVE THE RIGHT; FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA ON THE BASIS OF ART. 6 (1) (e) OR (f) OF THE GDPR. WE WILL STOP PROCESSING YOUR PERSONAL DATA UNLESS WE CAN PROVE COMPELLING REASONS FOR PROCESSING WORTHY OF PROTECTION WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.
5) Obligation to Provide Personal Data
You are under no contractual or statutory obligation to provide personal data. However, if you do not provide the personal data we require to process your request (e.g. when you contact us with questions about our products), we may not be able to respond to such request.
6) Automated Decision-Making
No automated decision- making as referred to in Art. 22 GDPR occurs on the Sites.
7) International Data Transfers
Novotema is an affiliate of the IDEX Corporation which operates internationally, as such, your information may be made available to companies and/or branches within our group which may be located outside of the U.S., including in countries which may not provide the same level of protection of your information as in your home jurisdiction. In some countries, the federal, state, local, provincial, or other governments, courts, and law enforcement or other regulatory agencies may be able to obtain disclosure of your information through their laws.
If and when transferring your personal data to which the GDPR applies onwards outside the EU/EEA or the United Kingdom, we will do so using one of the following safeguards:
International transfers within Novotema and IDEX are governed by Standard Contractual Clauses (as defined under the GDPR) approved by the EU Commission and/or the Information Commissioner’s Office in the United Kingdom.
You may request a copy of the Standard Contractual Clauses or other applicable safeguards by contacting novotema.privacy@idexcorp.com or privacy@idexcorp.com.
8) Contact Information
If you have any questions or comments about this GDPR Privacy Addendum, the ways in which Novotema collects and uses your information described above and in the Statement, your choices and rights regarding such use, or wish to exercise your rights under the GDPR, please do not hesitate to contact us at:
To Contact Novotema
Phone: +39 035 926530
Email: novotema.privacy@idexcorp.com or privacy@IDEXcorp.com
Postal Address: Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy
To Contact IDEX:
Phone: 1-847-498-7070
Email: privacy@IDEXcorp.com
Postal Address: IDEX Corporation
Attn: Legal Department: Compliance/Privacy
3100 Sanders Road, Suite 301
Northbrook, IL 60062, USA
PIPL Privacy Addendum
Privacy Statement Addendum for China Residents
Effective Date: [Insert effective Date]
This Addendum applies to residents of the in the People’s Republic of China (“China”, which, solely for the purposes herein, is exclusive of Taiwan, Hong Kong and Macau). We are committed to processing and protecting your personal data under Chinese law, including the Personal Information Protection Law of the People’s Republic of China (PIPL).
Novotema, a company with its principal place of business at via San Giovanni delle Formiche 2, 24060 Villongo BG Italy will process your personal data pursuant to this Statement as a personal data handler under PIPL, and can be contacted at the following email addresses: novotema.privacy@idexcorp.com or Privacy@idexcorp.com.
1. Collection of Information
We collect the following information on our website:
a) Information We Collect Automatically:
When you access or use our Sites, we automatically collect the following information which is stored separate from other data that you may provide to us. We use this information to provide the Sites to you, deduce statistical and anonymous information about the users of the Sites and for the technical administration and the security of the Sites:
b) Information You Provide to Us:
We also collect information you provide directly to us. For example, when you visit the Sites, we collect information when you request to create an account, respond to a survey, participate in any interactive features of the Sites, sign up for a newsletter or provide general feedback. The types of information we may collect include your name, company name, title, street address, telephone number, email address and any other information you choose to provide. We collect this information for offering the function that you use respectively.
2. Use of Information
We may use information about you for various purposes, including:
We may also use your information to contact you about our own goods and services that may be of interest to you. If you do not want us to use your information in this way, please see the section of this Statement entitled “Choices About How We Use and Disclose Your Information.”
3. Legal Basis for processing
We are entitled to process your personal data because one or more of the following legal bases applies:
4. International Data Transfers
To the extent permitted by PIPL, we may transfer your personal data outside of China to companies and/or branches within our group or to third parties as described in this Statement, and we will ensure the recipient is bound by applicable laws in its jurisdiction to provide a standard of protection for your personal data that is equivalent to that under this Statement.
5. Retention Periods
We delete or anonymise your personal data as soon as it is no longer required for the purpose for which we processed it.
In general, we store your personal data for the duration of the usage or the contractual relationship via the website plus a period of fifteen (15) days for IT security purposes.
In the event that you have given us your consent to process your data (e.g. for marketing purposes including the associated profiling), we will store your data until you revoke your consent or the processing purpose does not apply anymore.
For the retention period of cookies and other tracking, please refer to the details in our IDEX Cookie Notice, available here Novotema Cookie Notice.
After these periods have expired, the data will be erased unless this data is required for a longer period due to legal retention periods, alternative purposes or for criminal prosecution. Beyond these retention periods, we may retain the data for the purposes of legal defence and law enforcement for as long as is necessary for the preparation or execution of a possible legal dispute (usually up to four years, whereby the legal dispute itself may inhibit the course of this period). If data can be stored for these reasons, it will be blocked. The data will then no longer be available for further use.
6. Your Rights
The PIPL provides you with certain rights in relation to the processing of your personal data. Besides the rights listed below, you also have the right to request us to interpret this Statement for you.
All such requests to exercise these rights may be sent to novotema.privacy@idexcorp.com or privacy@idexcorp.com or to the other contact information listed below. Those rights include:
7. Obligation to Provide Personal Data
You are under no contractual or statutory obligation to provide personal data. However, if you do not provide the personal data we require to process your request (e.g. when you contact us with questions about our products), we may not be able to respond to such request.
8. Automated Decision-Making
No automated decision occurs on the Sites.
9. Changes to This PIPL Privacy Addendum
IDEX reserves the right to amend this PIPL Privacy Addendum at our discretion and at any time. When we make changes to this PIPL Privacy Addendum, we will post the updated addendum on the Website and update the addendum’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
10. Contact Information
If you have any question, concerns, complaints or suggestions, or would like to exercise your rights with respect to your information pursuant to the PIPL, or otherwise need to contact us, you must contact both us and our representative in China (when applicable) at the contact information below:
To Contact Novotema:
Phone: +39 035 926530
Email: novotema.privacy@idexcorp.com or privacy@IDEXcorp.com
Postal Address: Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy
To Contact IDEX:
Phone: 1-847-498-7070
Email: privacy@IDEXcorp.com
Postal Address: IDEX Corporation
Attn: Legal Department: Compliance/Privacy
3100 Sanders Road, Suite 301
Northbrook, IL 60062, USA
To Contact our Representative:
Phone: +86 (21) 52415599
Email: kko@idexcorp.com
Postal Address: IDEX Trading (Shanghai) Co., Ltd.
Attn: Legal Department: Compliance/Privacy
Rm 3502-3504, Zhao Feng Plaza, No. 1027
Chang Ning Road
Shanghai 200050
California Privacy Addendum
Privacy Statement Addendum for California Residents
Effective Date: January 2, 2023
This Privacy Statement Addendum for California Residents (the “California Privacy Addendum”) supplements the information contained in our Privacy Statement and describes Novotema collection and use of Personal Information (as defined below). This California Privacy Addendum applies solely to all visitors, users, and others who reside in the State of California (“Consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (collectively, the “CPRA”) and any terms defined in the CPRA have the same meaning when used in this notice.
This California Privacy Addendum applies to information that we collect on our Website that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your device (“Personal Information”). However, publicly available information that we collect from government records and deidentified or aggregated information (when deidentified or aggregated as described in the CPRA) are not considered Personal Information and this California Privacy Addendum does not apply to such information.
This California Privacy Addendum does not apply to employment-related Personal Information collected from our California-based employees, job applicants, contractors, or similar individuals (“Personnel”). Please contact your local human resources department if you are part of our California Personnel and would like additional information about how we process your Personal Information.
Novotema collects, and over the prior twelve (12) months have collected, the following categories of Personal Information about Consumers:
Category |
Applicable Pieces of Personal Information Collected |
A. Identifiers. |
A real name; alias; postal address; unique personal identifier; online identifier; Internet Protocol address; email address; and other similar identifiers. |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name; address; and telephone number. Some Personal Information included in this category may overlap with other categories. |
D. Commercial information. |
Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
F. Internet or other similar network activity. |
Log information, device information, and information collected by cookies and other tracking technologies described in our Privacy Statement. |
G. Geolocation data. |
IP-based physical location or movements that may only identify your location to a geographic region, such as a town, city, or state. This information may be used for network security purposes and cannot be used to locate your exact location. |
Novotema will not collect additional categories of Personal Information without providing you notice. As further described in To Whom Do We Sell or Share Your Personal Information, we do not “sell” any categories of Personal Information for monetary or other valuable consideration and we do not “share” any categories of Personal Information for cross-context behavioral advertising.
2. Sources of Personal Information
We collect Personal Information about you from the sources described in our Privacy Statement.
3. Purposes for Our Collection of Your Personal Information
We only use your Personal Information we collect, and over the prior twelve (12) months, have used the Personal Information we collected, for the purposes described in our Privacy Statement. Novotema not use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
4. Third Parties to Whom Do We Disclose Your Personal Information for Business Purposes
Novotema may disclose your Personal Information to third parties for one or more business purposes. When we disclose Personal Information to non-affiliated third-parties for a business purpose, we enter a contract that describes the purpose, requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for the specific business purposes for which the Personal Information was disclosed, and requires the recipient to otherwise comply with the requirements of the CPRA.
In the preceding twelve (12) months, Novotema has disclosed the following categories of Personal Information for one or more of the business purposes described below to the following categories of third parties:
Personal Information Category |
Categories of Non-Service Provider and Non-Contractor Third Party Recipients |
A. Identifiers. |
Service Providers; affiliates, parents, and subsidiary organizations of IDEX; business partners; government entities (such as tax authorities); and other advisors (such as accounting and legal advisors). |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
Service Providers; affiliates, parents, and subsidiary organizations of IDEX; business partners; government entities (such as tax authorities); and other advisors (such as accounting and legal advisors). |
D. Commercial information. |
Service Providers; affiliates, parents, and subsidiary organizations of IDEX; business partners; government entities (such as tax authorities); and other advisors (such as accounting and legal advisors). |
F. Internet or other similar network activity. |
Service Providers; affiliates, parents, and subsidiary organizations of IDEX; advertisers and advertising networks; social media companies; Internet cookie information recipients, such as analytics and behavioral advertising services; and government entities. |
G. Geolocation data. |
Service Providers; affiliates, parents, and subsidiary organizations of IDEX; Internet cookie information recipients, such as analytics and behavioral advertising services; and government entities. |
We disclose your Personal Information to the categories of third parties listed above for the following business purposes:
In addition to the above, we may disclose any or all categories of Personal Information to any third-party (including government entities and/or law enforcement entities) as necessary to:
5. To Whom Do We Sell or Share Your Personal Information
“Sale” of Your Personal Information for Monetary or Other Valuable Consideration
In the preceding twelve (12) months, Novotema has not “sold” Personal Information (including any Personal Information for minors under the age of 16) for either monetary or other valuable consideration.
“Sharing” of Your Personal Information for Cross-Context Behavioral Advertising
In the preceding twelve (12) months, Novotema has not “shared” Personal Information (including any Personal Information for minors under the age of 16) for the purpose of cross-context behavioral advertising.
6. Consumer Data Requests
The CPRA provides Consumers with specific rights regarding their Personal Information. This section describes your CPRA rights and explains how to exercise those rights. You may exercise these rights yourself or through your Authorized Agent. For more information on how you or your Authorized Agent can exercise your rights, please see Exercising Your CPRA Privacy Rights.
Exercising Your CPRA Privacy Rights
To exercise the rights described above, please submit a request (a “Consumer Request”) to us by either:
If you (or your Authorized Agent) submit a Consumer Request to delete your information online, we will use a two-step process in order to confirm that you want your Personal Information deleted. This process may include verifying your request through your email address on record, calling you on your phone number on record (which may include an automated dialer), sending you a text message and requesting that you text us a confirmation, sending you a confirmation through US mail. By making a Consumer Request, you consent to us contacting you in one or more of these ways.
If you fail to make your Consumer Request in accordance with the ways described above, we may either treat your request as if it had been submitted with our methods described above or provide you with information on how to submit the request or remedy any deficiencies with your request.
Only you, or your Authorized Agent that you authorize to act on your behalf, may make a Consumer Request related to your Personal Information. To designate an Authorized Agent, see Authorized Agents below.
All Consumer Requests must:
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm which Personal Information relates to you or the individual for whom you are making the request as their Authorized Agent.
Making a Consumer Request does not require you to create an account with us.
We will only use Personal Information provided in a Consumer Request to verify the requestor’s identity or authority to make the request.
Authorized Agents
You may authorize your agent to exercise your rights under the CPRA on your behalf by registering your agent with the California Secretary of State or by providing them with power of attorney to exercise your rights in accordance with applicable laws (an “Authorized Agent”). If you authorize an Agent, we may request that your Authorized Agent submit proof of identity and that they have been authorized exercise your rights on your behalf. We may deny a request from your Authorized Agent to exercise your rights on your behalf if they fail to submit adequate proof of identity or adequate proof that they have the authority to exercise your rights.
Response Timing and Format
We will confirm our receipt of your Consumer Request within ten (10) business days of its receipt. We will generally process these requests within forty-five (45) calendar days of its receipt. If we require more time (up to an additional 45 calendar days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
In response to a Right to Know or Data Portability Consumer Request, we will provide you with all relevant information we have collected or maintained about you on or after January 1, 2022, unless an exception applies. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For Data Portability Consumer Request, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your Consumer Request unless it is excessive, repetitive, or manifestly unfounded. We reserve the right to consider more than two (2) total Right to Know or Data Portability Consumer Requests (or combination of the two) in a twelve (12) month period to be repetitive and/or excessive and require a fee. If we determine that your Consumer Request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We do not collect any Sensitive Personal Information as defined under the CPRA.
8. Personal Information Retention Periods
We delete or anonymize your Personal Information when no longer required for purpose or purposes for which we collected it.
In general, we store your Personal Information for the duration of the usage or contractual relationship via the Website plus a period of [15 days] for security purposes
In the event you have given us your consent to process your Personal Information (e.g., for marketing purposes including associated profiling), we will store your Personal Information until you revoke your consent or the processing purpose does not apply anymore. Other California Privacy Rights
For the retention period of cookies and other tracking technology, please refer to the details in our Novotema cookie notice, available [@BU-please insert link to BU Cookie Notice].
After the periods described above has expired, your Personal Information will be erased unless the Personal Data is required for a longer period of time, such as for legal retention periods, alternative purposes, or for criminal prosecution. Beyond these retention periods, we may also retain the Personal Data for the purposes of legal defense and law enforcement for as long as necessary for the preparation or execution of a possible legal dispute (usually up to four years, whereby the legal dispute itself may inhibit the course of this period). If Personal Data is stored for these reasons, it will be blocked for all other uses.
9. Changes to This CPRA Privacy Addendum
Novotema reserves the right to amend this California Privacy Addendum at our discretion and at any time. When we make changes to this California Privacy Addendum, we will post the updated addendum on the Website and update the addendum’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
If you have any questions or comments about this California Privacy Addendum, the ways in which Novotema collects and uses your information described above and in [@BU-please insert link to your on-line privacy statement (in which this notice should be imbedded)], your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
To Contact Novotema:
Phone: +39 035 926530
Email: novotema.privacy@idexcorp.com or privacy@IDEXcorp.com
Postal Address: Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy
To Contact IDEX:
Phone: 1-847-498-7070
Email: privacy@IDEXcorp.com
Postal Address: IDEX Corporation
Attn: Legal Department: Compliance/Privacy
3100 Sanders Road, Suite 301
Northbrook, IL 60062, USA
Novotema BUSINESS CONTACT PRIVACY NOTICE
1. Introduction
This Privacy Notices to Business Contacts (“Notice”) describes the steps Novotema Spa, Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy (“Company”), part of IDEX Corporation (“IDEX”), takes to protect the Personal Data that we Process about Business Contacts. The Company is committed to the protection of the Personal Data that we process about you in line with the data protection principles set out in the applicable Data Protection Law. This Notice informs you how we Process your Personal Data if you are one of our Business Contacts.
This Notice may be amended from time to time. The Company will post any change to this Notice a reasonable period of time in advance of the effective date of the change.
2. Definitions
The following terms are used within this Notice and are defined as follows:
Term |
Definition |
Business Contacts |
All Consumers, Corporate Partners or employees of a Corporate Partner or any other person which IDEX contacts or interacts with in the context of establishing, developing, maintaining, servicing or otherwise furthering the business relationship. |
Consent |
Any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he/she, by a statement or by a clear affirmative action, signifies agreement to the specific processing of his/her Personal Data. It has to be a clear affirmative act (“Opt-In”). Silence or inactivity are not sufficient. Consent may be withdrawn at any time with effect for the future. |
Consumer |
A person that buys goods or services mainly for personal purposes. |
Corporate Partner |
Persons or organizations that buy goods or services from IDEX mainly for their own business purposes, or other business partners with which we have a contractual or commercial relationship, like subcontractors and suppliers; this includes existing as well as prospective Corporate Partners. |
Data Controller |
The natural or legal person, public authority, agency or other body which alone, or jointly with others, determines the purposes and means of the Data Processing. |
Data Processing
|
Any operation, or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Data Processor |
A natural or legal person, public authority, agency or other body, which processes Personal Data on behalf of the Data Controller (Article 28 GDPR). |
Data Protection Procedures |
Any local BU internal policies/procedures supplementing this Policy. |
Data Protection Law |
All applicable state, local and federal/national laws related to data protection including, but not limited to, GDPR. |
Data Protection Officer (“DPO”) |
The person which is appointed by the Company (only where required by law) to protect the Data Subjects’ rights and to act as the point of contact between the Company and you in order to ensure that the Company complies with all applicable Data Protection Law. |
Data Subject |
Any person to whom the respective Personal Data refers. |
Personal Data |
Any information relating to an identified or identifiable natural person (Article 4 GDPR). |
3. Identity and Contact Details of the Data Controller and the Data Protection Officer
The Company is responsible for Processing your Personal Data and is the Data Controller.
If you have any questions about this Notice, please contact us at
Novotema Spa
Piazza Filippo Meda 3, 20121 Milano MI Italy
novotema@idexcorp.com
You can contact our Data Protection Officer at novotema.privacy@idexcorp.com, Novotema Spa, Via San Giovanni delle Formiche 2, 24060 Villongo BG Italy.
4. Categories and Sources of Personal Data Processed
The Company Process different categories of Personal Data of our Business Contacts. These may include: [@BU: Please verify and add or delete as needed]
Most of the Personal Data we Process, you have provided directly to us. Other Personal Data may be provided by your employer, our Corporate Partners or other instances involved in the initiation of your business relationship and/or the execution of contracts with our Corporate Partners. In addition, we may process Personal Data which we permissibly obtain from publicly accessible sources (such as LinkedIn) or that are legitimately transmitted to us by third parties (such as credit agencies).
5. Purposes of Data Processing
The Company Processes Personal Data of Business Contacts for various business purposes in connection with your business relationship with the Company or our Corporate Partner: [@BU: Please verify and add or delete as needed]
6. Legal Bases for Processing Personal Data
The Company Processes Personal Data relating to its Business Contacts based on multiple different legal bases:
7. Your Rights
The GDPR provides you with rights relating to the Processing of your Personal Data. These rights include:
These rights are not absolute and are subject to various conditions under Data Protection Law and any other applicable laws and regulations.
You may exercise these rights by contacting your Privacy Lead (see Section 3). You also have the right to lodge a complaint with a Supervisory Authority.
8. Data Sharing and International Data Transfers: Intra-Group and External Third Parties
Intra-group transfers
As a member of a multinational enterprise operating under a decentralized management structure, the Company may share Employee Personal Data with IDEX affiliates / BUs listed here, for the purposes set out in this Notice. Please note that the Company only shares Employee Personal Data with those listed companies where this is covered by a lawful basis for such Processing.
These transfers are protected by the obligations set out in intra-group agreements that we have entered into between the various IDEX legal entities. International transfers within the IDEX are governed by EU Commission-approved Standard Contractual Clauses for Data Controllers and, where relevant, for Data Processors. You may receive a copy of these Standard Contractual Clauses used in our intra-group agreements by contacting the Privacy Lead (see Section 3).
External Third Parties
The Company may share Personal Data with external vendors whom we engage to perform services or functions on our behalf and under our instructions. Where applicable, their Processing of your data will be subject to the GDPR requirements. The Company will also ensure that its contracts with these parties ensure they only Process Personal Data in accordance with our instructions and in order to provide the agreed services and protect the integrity and confidentiality of the Personal Data entrusted to them, in line with the GDPR requirements.
For the purposes set out in this Notice, we may also disclose your Personal Data to our IT service providers, auditors, lawyers, consultants, law enforcement, courts and tribunals and other public authorities, such as tax and social security bodies. Some of these recipients are themselves responsible to determine the purposes and means of the Processing and for the lawfulness of the Processing on their end. Where necessary, we will ensure that appropriate contractual measures are in place to ensure the protection of your Personal Data.
Some of the vendors we engage to Process your Personal Data are located outside the European Economic Area. We will ensure that these transfers are either:
9. Retention of Personal Data
The Company will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected or for legal obligations. Such legal obligations may arise particularly under tax and commercial law. If your data is no longer necessary for the fulfilment of contractual or legal obligations it will be deleted; unless they are needed to secure, assert or enforce legal claims. In this case, we will retain them in accordance with the regular limitation period. During this period, this data is blocked and is no longer available for any other use.
10. Statutory/Contractual Requirements
You may choose to not provide us with your Personal Data and/or provide incomplete Personal Data. However, please be aware that, in certain cases, we may not be able to engage in, or continue a business relationship with you, as your Personal Data is required for administrative purposes and/or to fulfill statutory requirements.
11. Automated Decision-Making and Profiling
Your Personal Data will not be used for automated decision-making and/or profiling.
NOVOTEMA JOB APPLICANT PRIVACY NOTICE
1. Introduction
This Job Applicant Privacy Notice (“Notice”) describes the steps that Novotema Spa, via San Giovanni delle Formiche 2, 24060 Villongo BG Italy (“Company”), part of IDEX Corporation (“IDEX”), takes to protect the Personal Data that we Process about job applicants. The Company is committed to the protection of the Personal Data that we Process about you consistent with the data protection principles set out in all applicable Data Protection Law. This Notice informs you how we Process your Personal Data if you apply for a position with Novotema Spa.
In regard to the Processing of Personal Data of website users, please see our Website Privacy Notice, which you may access here [please insert clear link to Website Privacy Notice on your BU website]. Please note that in the course of the application process data may also be processed by the respective operator of the network or platform through which you came across one of our job postings, such as LinkedIn. For such Processing, the respective operator of the network or platform is the Data Controller. Please consult the privacy policy of the respective operator of the respective network or platform for details.
This Notice may be amended from time to time. We will post any change to this Notice a reasonable period of time in advance of the effective date of the change.
2. Definitions
The following terms are used within this Notice and are defined as follows:
Term |
Definition |
Consent |
Any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he/she, by a statement or by a clear affirmative action, signifies agreement to the specific processing of his/her Personal Data. It has to be a clear affirmative act (“Opt-In”). Silence or inactivity are not sufficient. Consent may be withdrawn at any time with effect for the future. |
Data Controller |
The natural or legal person or other body which alone, or jointly with others, determines the purposes and means of the Data Processing. |
Data Processing
|
Any operation, or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Data Processor |
A natural or legal person, public authority, agency or other body, which processes Personal Data on behalf of the Data Controller (Article 28 GDPR). |
Data Protection Law |
All applicable state, local and federal/national laws related to data protection including, but not limited to, GDPR. |
Data Protection Officer (“DPO”) |
The person which is appointed by the Company (only where required by law) to protect the Data Subjects’ rights and to act as the point of contact between the Company and you in order to ensure that the Company complies with all applicable Data Protection Law. |
Data Subject |
Any person to whom the respective Personal Data refers. |
European Economic Area (“EEA“) |
The Member States of the European Union, plus Norway, Iceland and Lichtenstein.
|
GDPR |
the EU General Data Protection Regulation 2016/679. |
Personal Data |
Any information relating to an identified or identifiable natural person (Article 4 GDPR). |
Sensitive Data |
Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation (Article 9 GDPR). |
Supervisory Authority |
An independent public authority, which is established by a European Union Member State (Article 51 GDPR) or any other public authority which is responsible for monitoring the application of Data Protection Law. |
3. Identity and Contact Details of the Data Controller and the Data Protection Officer
The Company is responsible for Processing your Personal Data and is the Data Controller.
If you have any questions about this Notice, please contact us at
Novotema Spa
Piazza Filippo Meda 3, 20121 Milano MI Italy
novotema@idexcorp.com
You can contact our Data Protection Officer at novotema.privacy@idexcorp.com, Novotema Spa, via San Giovanni delle Formiche 2, 24060 Villongo BG Italy.
4. Categories and Sources of Personal Data Processed
The Company Processes different categories of Personal Data that is provided to us through your application and during your application process. These may include:
We may also obtain the above data about you from other sources, including recruitment agencies, the references you provide, websites and other publicly available information on the Internet. This includes, for example, Personal Data that you have made public in the context of an online profile. We may also receive information that you submit to us through third-party websites, such as LinkedIn.
5. Purposes for Data Processing
The Company Processes Personal Data of job applicants for various business purposes that are necessary:
6. Legal Basis for Processing Personal Data
The Company Processes Personal Data of its job applicants based on multiple different legal bases:
7. Your Rights
The GDPR provides you with rights relating to the Processing of your Personal Data. These rights include:
These rights are not absolute and are subject to various conditions under Data Protection Law and any other applicable laws and regulations.
You may exercise these rights by contacting your Privacy Lead (see Section 3). You also have the right to lodge a complaint with a Supervisory Authority.
8. Data Sharing and International Data Transfers: Intra-Group and External Third Parties
Intra-group transfers
As a member of a multinational enterprise operating under a decentralized management structure, the Company may share Personal Data of job applicants with other IDEX affiliates/BUs listed here, for the purposes set out in this Notice. Please note that the Company only shares Personal Data of job applicants with those companies where this is covered by a lawful basis for such Processing.
These transfers are protected by the obligations set out in intra-group agreements that we have entered into between the various IDEX legal entities. International transfers within the IDEX are governed by EU Commission-approved Standard Contractual Clauses for Data Controllers and, where relevant, for Data Processors. You may receive a copy of these Standard Contractual Clauses used in our intra-group agreements by contacting and requesting same from the Company.
External Third Parties
The Company may share Personal Data with external vendors whom we engage to perform services or functions on our behalf and under our instructions. Where applicable, their Processing of your Personal Data will be subject to the GDPR requirements. The Company will also ensure that its contracts with these parties ensure they only Process Personal Data in accordance with our instructions and in order to provide the agreed services and protect the integrity and confidentiality of the Personal Data entrusted to them, in line with the GDPR requirements.
For the purposes set out in this Notice, we may also disclose your Personal Data to our IT service providers, auditors, lawyers, consultants, law enforcement, courts and tribunals and other public authorities, such as tax and social security bodies. Some of these recipients are themselves responsible to determine the purposes and means of the Processing and for the lawfulness of the Processing on their end. Where necessary, we will ensure that appropriate contractual measures are in place to ensure the protection of your Personal Data.
Some of the third parties we engage to Process your Personal Data are located outside the European Economic Area. We will ensure that these transfers are either:
9. Retention of Personal Data
The Company will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected or for legal obligations. Such legal obligations may arise particularly under tax and commercial law. If your data is no longer necessary for the fulfilment of contractual or legal obligations, it will be deleted; unless it is needed to secure, assert or enforce legal claims. In this case, we will retain the date in accordance with the regular limitation period. During this period, this data is blocked and is no longer available for any other use.
In general, application data will be deleted three months after the application proceeding has ended at the latest.
10. Statutory/Contractual Requirements
You may choose to not provide us with your Personal Data and/or provide incomplete Personal Data. However, please be aware that, in certain cases, we may not be able to proceed with your application process as your Personal Data may be required for administrative purposes and/or to fulfill statutory requirements.
11. Automated Decision-Making and Profiling
Your Personal Data will not be used for automated decision-making and/or profiling.
Thank you for your message.
Error