General Privacy Policy

At Swiss Capital Wealth Management AG, we are committed to safeguarding your personal data. This Privacy Policy outlines how we collect and process your personal information. Please note that this document may not cover all aspects of our data processing activities. Additional privacy policies or similar documents may be applicable in specific circumstances.

In the context of this Privacy Policy, «personal data» refers to any information that identifies or could reasonably be used to identify an individual (data subject).

If you provide us with personal data concerning other individuals (e.g., family members, colleagues), you must ensure that these individuals are aware of this Privacy Policy. Additionally, you should only share such data with us if you are authorized to do so and the data is accurate.

This Privacy Policy complies with the EU General Data Protection Regulation («GDPR») and the Swiss Data Protection Act («DPA»). However, the applicability of these laws depends on the specific circumstances of each case.

A.    Responsible Person

The «responsible person» for data processing, as outlined in the Privacy Policy, is: 

Swiss Capital Wealth Management AG

Executive Management

Klausstrasse 4

8008 Zürich

scwm_mail@swisscap.com

www.swisscap.com

 

For any inquiries regarding the processing of personal data or other data protection concerns, please contact us using the information provided above.

B.    Purpose of Data Processing and Legal Basis

We primarily use the data collected to conclude and fulfill contracts with you and our business partners. This includes providing financial services, purchasing products and services from suppliers and subcontractors, and complying with domestic and international legal obligations.

In addition, and in accordance with applicable law, we may process personal data for the following purposes:

·        Enhancing our products, services, websites, apps, and other platforms on which we operate;

·        Communicating and interacting with third parties and addressing their inquiries (e.g. job applications, media requests);

·        Advertising and conducting marketing activities (including the organisation of events), provided you have not objected to such use of your       data. If you are part of our customer base and receive advertising, you can opt out at any time;

·        Asserting legal claims and defending against legal disputes and official proceedings;

·        Preventing and investigating criminal activities and other misconduct;

·        Ensuring the security and functionality of our operations, including IT systems, websites, apps, and other applications;

·        Managing the acquisition and disposal of business divisions, companies, or parts of companies, and other corporate transactions, including       the associated transfer of personal data and measures for corporate governance, compliance with legal and regulatory obligations, and ad-       herence to internal regulations.

C.    Collection and Processing of Personal Data

We primarily process personal data that we receive directly from you, our business partners, and other individuals within the scope of our business relationships, as well as data collected from users when operating our websites, apps, and other applications.

Where permitted, we also obtain personal data from publicly accessible sources (e.g., debtor registers, land registers, commercial registers, press, Internet) or receive such information from authorities or other third parties (e.g., custodian banks, sales partners). The categories of data we receive from third parties, in addition to the data you provide directly, include public registers, data obtained in connection with administrative or court proceedings, details related to your professional role and activities (e.g., for concluding and executing of contracts with your employer), personal details from correspondence and in discussions with third parties, information about individuals associated with you (family members, advisors, legal representatives), financial information and bank account details, data available in the media or on the Internet, including your address, interests, and data related to your use of our websites (e.g. IP address, MAC address of smartphones or computers, device information, settings, cookies, date and time of visit, pages and content accessed, applications used, referring website, and localization data).

We generally retain this data for 12 months after the end of the processing purpose. However, this period may be extended if this is necessary for evidentiary reasons or to comply with legal or contractual requirements.

D.    Cookies / Tracking and and Other Relevant Information About Website Use

Technical Data

When you visit our website, we collect and analyze both user-specific data and technical data in an anonymised form. This includes:

  • User-specific data: IP address, web browser and operating system
  • Technical data: URLs of pages accessed and execution of search queries

This information helps us improve our website and tailor it to user needs.

The aforementioned data is collected and processed to ensure system security and stability, conduct error and performance analysis, and perform internal statistical analyses. This enables us to optimize our website.

When you subscribe to our content or submit a contact form/customer login, we process the data required to provide the requested service. Depending on the service, the data processed may include e-mail address, first name, surname, title, full address, subject and message.
 

We generally store technical data for 6 months.

Communication Data

When you contact us via the contact form, by e-mail, telephone, chat, letter or other means of communication, we collect the data exchanged between you and us, including contact details and relevant metadata of the communication. If we record or listen to telephone conversations or video conferences for training and quality assurance purposes, we will inform you beforehand. Such recordings are made and used in accordance with our internal guidelines and the statutory provisions.

General communication data are stored for 12 months from the last exchange. This period may be extended if necessary for evidentiary reasons, to fulfil legal or contractual requirements, or for technical reasons. E-mails and written correspondence are generally stored for at least 10 years.
Recordings of (video) conferences and chats are generally kept for 2 years.

Cookies and Their Use

We use «cookies» to customize our services to better meet your needs. Cookies are small files stored on your computer or mobile device when you visit or use our websites. These files, which cannot perform any actions on their own, store specific settings and data related to your interactions with our website through your browser. When a cookie is activated, it can be assigned an identification number that uniquely identifies your browser and enables the use of the information contained in the cookie. There are two main types of cookies: Temporary cookies and permanent cookies. Temporary cookies are automatically deleted from your devices at the end of the browser session. Permanent cookies remain on your device for a specified period or until you delete them. We primarily use temporary cookies to manage your session and enhance your browsing experience

For a detailed explanation of cookies and how they work, please visit http://www.allaboutcookies.org/.

Google Analytics and Similar Services

We may use Google Analytics or similar services to design and continuously optimize our website according to your needs. These third-party services can be based in any country in the world; for Google Analytics, it is Google Ireland Limited (based in Ireland), which uses Google LLC (based in the USA) as a sub-processor (collectively «Google», www.google.com). These services enable us to measure and evaluate the use of our website on an anonymized basis. For this purpose, permanent cookies are set by the service provider. We have configured Google Analytics to anonymize IP addresses of visitors by shortening them within Europe before they are forwarded to the USA, ensuring that they can no longer be traced. Additionally, we have disabled the «Data sharing» option and the «Signals» option.

While we assume that the information we pass to Google is not personal data for Google, it is possible that Google may use the collected data to draw conclusions about visitors’ identities, create personal profiles, and link this data to the Google accounts of these individuals for its purposes. If you are registered with Google, it can identify you, and in this case, personal data will be processed by Google according to its data protection provisions. The service provider only provides us with data about the use of our website without sharing personal information about you.

For more information on the terms of use and privacy policy of Google Analytics, please visit:
https://marketingplatform.google.com/about/analytics/terms/us/.

E.    Disclosure of Data to Third Parties and Transfer of Data Abroad

As part of our business activities and for the purposes outlined in this Privacy Policy, we may transfer data to third parties when such a transfer is permitted and deemed appropriate for them to process the data on our behalf or, if applicable, for their own purposes. The following categories of recipients may receive data: 

  • Our service providers (e.g. external LCR providers, CRM/PMS providers, data hosting providers, etc.)
  • Audit companies
  • Custodian banks
  • Domestic and foreign authorities, official bodies and court 

Most recipients are located in Switzerland, but some may be based in other country worldwide. You should be aware that your data may be transmitted to any country in where the aforementioned entities are located.

If a recipient is located in a country without adequate legal data protection, we will ensure the recipient complies with data protection standards. This is typically achieved by using the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?)Exceptions to this requirement may apply in specific cases, such as:

  • Legal proceedings abroad
  • Overriding public interest
  • Fulfillment of a contract that necessitates disclosure
  • Your consent
  • Data that has been made publicly available and where processing has not been objected to.

F.    Duration of Data Storage

Customer data, including personal data, is processed and stored only as long as necessary to fulfill our contractual and legal obligations or the purposes for which the data was collected. This typically spans the entire duration of the business relationship and beyond, in accordance with statutory retention and documentation obligations. Personal data may be stored for the period during which claims can be asserted against our company or as long as we are legally obligated or have legitimate business interests (e.g., for evidence and documentation purposes). Once the personal data is no longer needed for these purposes, it is deleted or anonymized as much as possible. Shorter retention periods, such as 30 days or less, apply to operational data (e.g., system protocols, logs).

G.    Data Security

We have implemented appropriate technical and organizational security measures to protect all personal data from unauthorized access and misuse. These measures include issuing instructions and providing training, IT and network security solutions, access controls and restrictions, encryption of passwords, data storage and transmission and pseudonymization and regular controls.

However, we cannot guarantee the security of data transmission over the Internet. In particular, there is a certain risk of unauthorized access by third parties when data is transmitted by e-mail.

H.    Your Rights

In accordance with applicable law, you have the following rights regarding your personal data:

  • Right to Information. You can request information about your personal data that we process.
  • Right to Correction. You have the right to request corrections to any inaccurate personal data.
  • Right to Deletion. You can request the deletion of your personal data, subject to certain conditions.
  • Right to Restrict Processing. You may request restrictions on the processing of your personal data.
  • Right to Object: You have the right to object to our data processing, particularly for direct advertising, profiling, and other legitimate interests.
  • Right to Data Portability. You can request to receive certain personal data in a structured, commonly used, and machine-readable format for transmission to another controller.

Please not that we reserve the right to assert legal restrictions on these rights where applicable, such as if we are obligated to store or process certain data, have an overriding interest (insofar as we can invoke such interests), or require the data to assert claims.

You have the option to object to or revoke your consent to data processing at any time. However, exercising these rights may conflict with your contractual obligations and could lead to consequences such as the premature termination of the contract and associated costs. If this is the case, we will inform you in advance, unless already contractually agreed upon.

In general, exercising these rights requires proof of your identity (e.g., by providing a copy of identification documents if your identity is not otherwise apparent or cannot be verified in any other way). To assert these rights, you can contact us using the contact details provided above.

Additionally, every data subject has the right to assert their rights in court or to lodge a complaint with the competent data protection authority. In Switzerland, the competent data protection authority is the Federal Data Protection and Information Commissioner, which can be contacted at (http://www.edoeb.admin.ch/edoeb/en/home.html).

I.    Profiling

We may process some personal data automatically to evaluate certain personal aspects (profiling). Profiling helps us better inform and advise you about products and services that may be relevant to you. For this purpose, we may use evaluation tools to tailor our communications and advertising to your needs, including for market and opinion research.

J.    Changes to This Privacy Policy

We may amend this Privacy Policy at any time without prior notice. The current version published on our website shall apply. If the Privacy Policy is part of an agreement with you, we will notify you by e-mail or other appropriate means in the event of a change.