Privacy Policy

This text applies equally to female persons and to a plurality of persons.

In the context of business relations to clients or potential clients (“Clients”) and with individuals or legal entities linked to the Client, such data is processed that is provided to the Bank by the data subject (e.g. Client). The Bank also obtains such data from service providers (e.g. credit agencies, databases), public registers (e.g.commercial registers, Swiss Official Gazette of Commerce) or authorities that the Bank requires for the rendering of the service, or for statutory or regulatory reasons.

Linked individuals or legal entities are deemed to include but not be limited to each:

The categories of personal data that the Bank processes include personal information (e.g. name, date/place of birth, civil status, address, interests, family relationships, contact data (telephone number or email address), transaction data, financial circumstances, investment objectives, tax residency, US status, professional information, data arising from use of the Bank’s website (e.g. IP address, cookies) and other information on powers of attorney, personal relationships, regulatory relationships, log files).

It is possible that data other than the above are processed when signing up for a specific service offering or for a specific product offering. These may relate for example to: order data, payment orders, transactions, direct debit data, documentation data, investment behaviour, investment strategy, accounting records and other business data, sureties entered into.

To the extent that the Bank processes personal data meriting higher protection, it does so in the context of:

The Bank collects and processes only those personal data that arenecessary for achieving a specific purpose. Personal data areprocessed in particular for the following purposes:

The Bank processes personal data, especially taking account of the Federal Act on Data Protection (FADP) and the Data Protection Ordinance (DPO). In this context, when processing personal data the Bank checks that the personal data are processed legitimately and in accordance with the principles of good faith and proportionality. The data are only processed as stated when they were obtained, in a way that can be identified by the data subject or provided for by legislation. The Bank does not process the personal data in a hidden or secret matter, unless provided for by law. Personal data are used by the Bank only for a specific purpose that can be identified by the data subject. Taking account the state of the art of technology and the costs of implementation, the Bank makes use of suitable technical and organisational measures to ensure that the processed personal data:

If it becomes apparent that personal data are incorrect or incomplete, the Bank will rectify, delete or destroy the personal data, unless this is forbidden by law or regulatory provisions.

To the extent necessary, the Bank processes personal data on the basis of the following reasons:

The Bank processes personal data for the initiation or conclusion of a contract, the fulfilment of duties arising from a contract (e.g.advisory/administrative services, account or securities account management or the execution of orders and transactions), for measures to improve the products and services or for direct marketing.

Furthermore, the Bank has legitimate private interests in processing personal data:

The Bank is obliged to process personal data on the basis of various statutory and regulatory provisions. These include but are not limited to statutory duties, such as the Financial Market Supervision Act, the Banking Act, the Anti-Money Laundering Act, the Financial Services Act, etc.

To the extent that consent is required with regard to processing of the personal data, the Bank will obtain this from the data subject. Any consent granted can be withdrawn at any time. Any withdrawal of consent will only become effective after it has been received by the Bank and does not affect the legitimacy of processing of personal data until consent was withdrawn. There may be reasons (e.g. on the basis of legislation) that make it necessary to process personal data despite consent being withdrawn. Withdrawal of consent can lead to the limitation of certain services or termination of the business relationship.

The Bank processes and stores personal data as long as necessary to fulfil the purpose for which the personal data were collected or to fulfil the contractual or statutory duties. This is usually 10 years from the time of rendering of the service or termination of the business relationship.

If personal data cannot be erased, technical and organisation measures will be taken to ensure that

As a matter of principle, the data subject is entitled to the following rights, unless there is a statutory duty to the contrary:

The modalities relating to the exercise of the aforementioned rights of the data subject and duties of the Bank, e.g. in verbal or written form, are to be clarified between the data subject and the Bank by mutual consent. If the provision of information, the release or transfer of data involves excessive expenses, the Bank may insist on a contribution to costs of no more than CHF 300

The personal data are only processed by those individuals who require them for the fulfilment of contractual or legal duties. To the extent this is necessary, service providers and third parties (e.g.outsourcing partners) are granted access to the data. When doing so, bank-client confidentiality and other statutory provisions will be upheld.

Service providers and third parties as recipients of personal data can be, for example:

No transfer of data to other countries is performed on principle. Should personal data be transferred to other countries, such transfer will be performed subject to compliance with the provisions prescribed by law and where this is required to perform the contract (e.g. handling of international transactions or execution of orders at foreign trading venues). If contract processors in other countries are employed, they will be made subject to an obligation to comply with bank-client confidentiality and data protection.

The Bank reserves the right to process in the future personal data in an automated manner to create client profiles, predict developments as well as to identify characteristic and personal features in connection with the data subject. The Bank may, for example, use the client profiles thus created to provide the client with offers and make information accessible to them.

In the event that the Bank processes in an automated manner personal data meriting higher protection or performs profiling with higher risk for data subjects, the Bank will log and impose internal regulations on such instances of processing, which means implementing technical and organisational measures so that such processing can be reviewed at a later date for conformity with the intended purpose, for example.

Protection of personal data is given highest priority at the Bank. The Client’s personal data is subject to bank-client confidentiality. Personal data are treated as strictly confidential and protected from access by unauthorised third parties. Individuals who are not subject to a duty of confidentiality do not have access to the personal data collected as a matter of principle. Likewise, the Bank ensures that the recipients of the personal data comply with the applicable data protection provisions.

The following information shows how the Bank processes data in connection with the online presence.

The website can be used without registration and thus without any transfer of personal data. The Bank only processes personal data to the extent necessary to provide the services and products on offer.

The website uses what are known as cookies. Cookies are harmless text files that are automatically saved on the terminal device by the browser when the internet page is visited. They make it possible to identify a visitor within a predefined time frame. These cookies are employed to enable the technical functions, such as contact forms, to be used. In addition, they are the technical tools of third-party providers and Google Analytics named in “Operation and hosting of this website”. Most internet browsers accept cookies automatically. Browsers can, however, be configured at any time to not save cookies. In principle, this website can also be used without accepting cookies. Disabling cookies can, however, restrict the functionality of this website.

In order to evaluate its website, the Bank uses Google Analytics, aweb analysis service of Google LLC, 1600 Amphitheatre Parkway,Mountain View, CA 94043, USA. This involves the use of cookies to enable analysis of website usage by visitors to the website. The information generated thereby is transmitted to the provider’s server and is stored there. Access data are first anonymised by truncating the IP address of users. This means that it is no longer possible to identify a visitor. Google will evaluate the visitor behaviour in order to compile reports on website activities and to provide other services related to the website use and Internet use for the website operator. The related Google recordings from the visit to the website will be automatically deleted after a maximum of 180 days. The recording of these data can be prevented, which means future processing is declined, by installing a browser add-on from the following website: tools.google.com. Learn more about Google Analytics privacy policy by visiting policies.google.com/privacy. By using the Bank’s website, the user consents to the processing by Google of the data collected in the manner described above and for the aforementioned purpose.

Operation and hosting of the website (Cmsbox)
This website uses the Cmsbox content management system. Cmsbox GmbH, Terrassenweg 18, 3012 Bern, Switzerland, is responsible for the technical operation and the hosting of this system.Cmsbox GmbH collects personal data to be able to provide, review and improve its services.

Server records
Each time this website is accessed, the server infrastructure records a series of general data on the access, which are stored in what are known as log files. The name of the website accessed, the URL, the date and time of access, data volume transferred, notification of successful access, browser type and version, the operating system of the user, the referrer URL (the site previously visited) and the IP address of the user are recorded. These data are required to check and ensure the operability and security of the Cmsbox system.
 
Matomo
Cmsbox uses the Matomo tracking system to evaluate visitor numbers. This data collection helps Cmsbox GmbH to operate and improve the technical infrastructure but can also be disabled when explicitly requested. The recording of data is pseudonymised, which means that it is no longer possible to identify a visitor. Furthermore, the related recordings are deleted after 180 days.
 
reCaptcha
The forms on the Bank’s website are protected by Google reCAPTCHA v3 from unauthorised sending through robots. For this, it is technically essential for a large volume of personal data to be transmitted to Google. Google has undertaken to ensure appropriate data protection.

Webfonts
This website uses fonts.com, a font service of Monotype GmbH, Spichernstrasse 2, 10777 Berlin (www.fonts.com). Each time this website is accessed, files are loaded from a font.com server to display the text in a specific font. In this process, your IP address maybe transmitted to a server of fonts.com and stored as part of the customary weblogs. Further processing is the responsibility offonts.com. The corresponding terms and conditions and configuration options can be found in the privacy policy of fonts.com: monotype.com/legal/privacy-policy.

The Bank reserves the right to modify the privacy policy at any time subject to the provisions of data protection. The current version of this privacy policy can be accessed on the Bank’s website.

The Bank is deemed to be data controller for the processing of the personal data. Inquiries in connection with data protection can be made to:

SB Saanen Bank Ltd.
Data protection officer
Bahnhofstrasse 2
CH-3792 Saanen
info@saanenbank.ch

Issue: August 2023