Kopter Group AG’s Data Protection Notice

    Data Controller

    Kopter Group AG, with registered office at Flugplatzareal 10, 8753 Mollis, Switzerland, email dataprotection@koptergroup.com, as the data controller of your personal data (the “Data Controller”) provides you with the following data protection notice in accordance with the Swiss Federal Act on Data Protection (FADP) and the Regulation (EU) 2016/679, the “GDPR”, collectively referred to as the “Privacy Law.”
    The Data Controller has appointed a Data Protection Officer (DPO), who supervises, monitors, and provides specialized consultancy in the field of data protection. The DPO may be contacted for any assistance at the following email address: dataprotection@koptergroup.com.

    Categories of Data Subjects Involved and Personal Data Processed

    For individuals applying for job positions with Kopter Group AG, please note that recruitment-related personal data is subject to a separate Recruitment Data Privacy Notice. Applicants will be redirected to this specific notice during the application process. For Kopter’s employees and  contractors, the applicable notice is the Employee Data Privacy Notice, which can be found on the company’s intranet.This data protection notice applies to individuals who, for various reasons, have had, have, or intend to have professional, commercial, or business relations with Kopter Group AG or other entities within the Leonardo Group (“Group”). This includes, but is not limited to:
    • Individuals acting as representatives of customers, suppliers, partners, or other counterparties of the Group.
    • Individuals attending events, conferences, or initiatives organized by the Group.
    The personal data (“Data”) processed may include:
    • General personal data: name, surname, tax code, VAT number, residence, domicile, place of work, email address, telephone number, company, role, and company classification.
    • Data necessary for due diligence, including assessments of professionalism, reputation, and reliability, potentially collected through third-party providers.

    Purposes and Legal Basis of the Processing Activities

    The Data may be processed for the following purposes:

    1. Managing contractual relationships: To manage contractual relationships with the Data Subjects or their organizations, and to send related communications.
    2. Compliance with legal standards: To adhere to legal, regulatory, and safety standards applicable to the Group.
    3. Anti-corruption and anti-money laundering obligations: To fulfill obligations regarding anti-corruption, anti-money laundering, and organizational standards under Swiss or EU laws.
    4. Reputation protection: To protect the Group’s reputation, market position, and corporate assets by engaging with individuals or entities with proven professionalism and reliability.
    5. Event management: For attendees of events, conferences, or seminars, to send invitations to similar initiatives.

    The provision of Data is necessary for managing relationships with the Group. Failure to provide Data may prevent the Group from fulfilling contractual or legal obligations.

    Categories of Recipients of the Data

    The Data may be shared with:

    1. Public bodies or private entities: Entities authorized to receive Data under applicable laws.
    2. Service providers: Entities providing assistance or consultancy services to the Data Controller or the Group.
    3. Internal personnel: Authorized personnel of the Data Controller, including those in administration, accounting, sales, customer support, and IT maintenance, who process Data following specific instructions and confidentiality requirements.
    4. Third countries: If necessary for the stated purposes, Data may be transferred to countries outside Switzerland and the EEA. Such transfers will comply with Privacy Law, ensuring equivalent data protection standards.

    Methods of Processing and Data Retention Period

    Data will be processed:
    • Using automated or manual systems, ensuring security and confidentiality.
    • According to principles of proportionality and necessity, collecting only data strictly required for the stated purposes.
    • Retained only for the time necessary to fulfill the purposes for which it was collected, unless longer retention is required by legal obligations or to protect the rights of the Data Controller.

    Data Subjects’ Rights

    Data subjects have the following rights in relation to their personal data:

    1. Right to Information
      You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, if so, to access the data, along with information about the purpose of the processing, its origin, and the recipients.
    2. Right to Rectification
      You have the right to request the correction or completion of inaccurate or incomplete personal data.
    3. Right to Erasure
      You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent (where consent was the legal basis).
    4. Right to Restriction of Processing
      You have the right to request that the processing of your personal data be restricted under specific conditions, such as when you contest the accuracy of the data or the processing is unlawful but you prefer restriction to deletion.
    5. Right to Object
      You have the right to object to the processing of your personal data for certain purposes, such as for direct marketing or when the processing is based on legitimate interests.
    6. Right to Data Portability
      You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller, where technically feasible, in certain circumstances.
    7. Right to Withdraw Consent
      If the processing of your data is based on your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing before the withdrawal.
    8. Right to Lodge a Complaint
      You have the right to lodge a complaint with the relevant supervisory authority (Swiss Federal Data Protection and Information Commissioner or a relevant EU authority) if you believe your rights have been violated.

    Note: There is no automated decision-making or profiling in the processing of your personal data by Kopter Group AG.

    For assistance or to exercise any of these rights, Data Subjects may contact the Data Controller at dataprotection@koptergroup.com.

    Updates and Changes to this Kopter Data Protection Notice

    Kopter Group AG reserves the right to change, update, or amend this Privacy Notice at any time, in compliance with applicable laws. Any changes will be communicated on this page, and the date of the most recent update will be reflected below. We encourage you to review this policy periodically to stay informed about how we are protecting your information. By continuing to use the Site after any changes are posted, you acknowledge and accept those changes.