In the context of its activity, Capital Trustees AG (hereinafter also referred to as “Capital”) processes data relating to individuals and/or legal entities as defined in Ar. 5 DPA (“personal data”).
Such personal data includes information about current and past Clients, about potential Clients, business partners, and any other person who interacts with Capital.
The data processing carried out by Capital respects the Federal Act on Data Protection (DPA) of 25th September 2020, the Ordinance to the Federal Act on Data Protection (DPOa) of 31st August 2022 (hereinafter also referred to as ” Applicable Regulations”)
With the following information, we would like to give you an overview of how we will process your data and of your rights according to data privacy laws. The details on what data will be processed and which method will be used depend significantly on the services applied for or agreed upon.
The responsible is:
Capital Trustees AG
Call.: +41 (0)44 5125004
We process personal data in accordance with the provisions of the Applicable Regulations:
We process personal data obtained from our clients and other counterparties in the context of our business relationship. We also process personal data that we obtain from publicly accessible sources (e.g. debt registers, commercial and association registers, press, internet) or that is legitimately transferred to us by other companies or from other third parties.
Relevant data we process is personal information (e.g. name, address and other contact details such as e-mail address and telephone number, date and place of birth, nationality) and identification data (e.g. ID card or passport details). Furthermore, we collect also data for the fulfillment of our legal and contractual obligations such as information about your personal and financial situation (e.g., your financial background, information about your assets and their origin, professional information such as job title and professional experience, family details such as name of your partner or children, tax domicile and tax-relevant information and documents) and other data, similar to those categories. This information (including periodic review results) may be collected also with respect to prospective clients.
We collect information in connection with our clients’ risk assessments and under a risk-based approach, such as information on pending charges or insolvency and bankruptcy, or other similar information.
We can record phone calls and video-calls between you and Capital and during the call we may collect data, including your phone number, forwarding numbers, time and date of calls and messages, duration of calls, images etc..
When you access our website (www.capitaltrustees.ch), by means of cookies, information about you use of the website (usually: data related to your activity during your visit, date and time of the access, information about your device and your web browser) are automatically collected and stored. We can also collect information that you have voluntarily provided.
More in general, we collect details of our interactions with you.
Within the company, every unit that requires your data to fulfill our contractual and legal obligations will have access to it.
We may pass on information about you only if legal provisions demand it, or if you have given your consent, or if we have been authorized by a contract or to protect a legitimate interest.
Recipients of personal data can be, for example:
Capital takes appropriate technical (e.g. encryption, logging, access control, data backup, etc.) and organizational (e.g. instructions for our employees, confidentiality agreements, etc.) measures to ensure security of the data collected and processed and protect them from unauthorized access, improper use, loss, falsification and destruction. However, it is impossible to completely exclude security risks: some residual risks are most often unavoidable. In particular, since perfect data security cannot be guaranteed for communications via e-mail, instant messaging or similar means of communication, we recommend that you send confidential information in safe mode.
Data transfer in states outside Switzerland could take place to Countries that guarantee an adequate data protection on the basis of a decision of the Federal Council.
Outside these Countries, and in the absence of other protection requirements (referred to in Article 16 DPA), the transmission of data abroad can take place so long as:
In the context of our business relationship, you must provide all personal data that is required for accepting and carrying out a business relationship and fulfilling the accompanying contractual obligations or that we are legally obliged to collect. Without this data, we are, in principle, not in a position to finalize or execute a contract with you. In particular, anti-money laundering regulations require us to identify you on the basis of your identification documents before establishing a business relationship and also to update your personal data during the relationship.
In order for us to be able to comply with these statutory obligations, you must provide us with the necessary information and documents in accordance with the Anti-Money Laundering regulations, and to immediately disclose any changes over the course of the business relationship.
If you do not provide us with the necessary information and documents, we cannot enter into or continue the business relationship you desire.
We retain your personal data to the extent necessary for the purpose for which we collected it or to comply with legal or regulatory requirements.
In the case of contracts, we store your personal data at least for the duration of our contractual relationship.
We also keep personal data whenever we have a legitimate interest to do so. In particular, this may occur if we need personal data to assert claims or defend against claims, for archiving purposes, to ensure IT security or as long as the limitation period for contractual or non-contractual claims is still running.
Furthermore, we store your personal data for the retention period stipulated by applicable law (e.g. in compliance with the retention periods under Swiss tax and/or commercial and/or anti-money laundering legislation, which are at least of 10 years).
Personal data that is not necessary for the purpose of the treatment and for which there is no justification for keeping it will be deleted or anonymized.
Every data subject has the right to access (according to Article 25 of the DPA), the right to rectification updating, limitation and/or objection to its processing and cancellation of Data if incomplete, incorrect or collected in violation of the law (according to Articles 6 and 30-32 of the DPA) and – if applicable – the right to data portability (according to Article 28 of the DPA).
Based on the Applicable Regulations, your rights are not absolute as in certain circumstances they may be subject to exceptions.
We do not use any automated decision-making.
We do not process your data automatically.
Thank you very much. Kind regards