Skip to content

Search

Data protection declaration VIAC Invest

This text applies analogously to female and a plural number of persons.

Data protection has a particularly high priority for VIAC. By means of this data protection declaration, VIAC informs about the type, scope and purpose of the personal data collected, used and processed by VIAC and informs about the rights of the person concerned. The extent to which VIAC processes personal data depends primarily on the products purchased by the data subject and the agreed service.

1. Where does VIAC obtain personal data?

In connection with business relationships with customers or potential customers (“Customers”) and natural persons or legal entities associated with the Customer, VIAC processes the data that VIAC receives from the data subject (e.g. customers, employees, applicants). VIAC also obtains data from service providers (e.g. credit information, World-Check), public registers (e.g. Commercial Register, Swiss Official Gazette of Commerce) or authorities (e.g. criminal records). In particular, the following shall be deemed to be related natural persons or legal entities: any authorized representative, authorized signatory, beneficial owner, control holder, payee of a specific payment transaction or any other natural person or legal entity that has a relationship with the Customer that is relevant to the business relationship between the Customer and VIAC.

2. What personal data does VIAC collect and process?

The categories of Personal Data that VIAC processes include Personal Information (e.g. name information, birth information, marital status, address, interests, family information, contact information (telephone or email address), financial information / transactional data (e.g. products completed, debt collection, trade information, income, obligations, assets, credit rating, knowledge and experience), tax information (e.g. tax residency, US status), professional information (e.g. type of employment, professional status, education, activities, occupation, prospects / career goals / further training), data when using the homepage (e.g. IP address, cookies) and other information (powers of attorney, CRM relationships, regulatory relationships, log files).

It is possible that data other than the aforementioned will be processed when a certain offered service or product is concluded. This may include, for example: Order data, payment orders, sales, direct debit data, documentation data, knowledge and experience with the investment of securities, investment behavior, investment strategy, balance sheets and other business data, payrolls, tax documents, guarantees assumed.

3. Purposes of processing

VIAC collects, stores and processes only those Personal Data that are necessary to achieve a specific purpose. Personal Data is processed in particular for the following purposes:

  • In connection with the customer business, i.e. in order to be able to provide the products and services offered by VIAC, e.g. in the customer intake process, for the administration of the business relationship, for the expansion of the business relationship.
  • In connection with Risk, Legal & Compliance, i.e. in order to be able to comply with legal and regulatory obligations, e.g. based on the Banking Code of Conduct Agreement (CDB), the Anti-Money Laundering Act (AMLA), tax laws, to prevent and detect criminal offenses, to respond to actual and potential proceedings, requests or investigations by law enforcement authorities, disclosure of data to tax authorities, financial supervisory authorities and other governmental or regulatory bodies.
  • In connection with marketing; i.e., to improve products and services offered or to launch new products and services, e.g., by means of direct marketing, newsletter distribution, subscription management, market research, website operation, social media presence.
  • In connection with human resources; i.e. in order to be able to ensure the administrative and informational task of personnel management, e.g. through personnel and salary administration, etc.
  • In connection with finance, logistics and operations, i.e. in order to be able to ensure the ordinary business operations, e.g. in finance and accounting, video surveillance and access control, fleet management, IT monitoring and for e-mail services.

4. Compliance with data protection principles

VIAC processes Personal Data in particular in compliance with the Federal Data Protection Act (FADP) and the Ordinance to the Federal Data Protection Act (FADP). When processing Personal Data, VIAC shall ensure that the Personal Data is processed lawfully and in accordance with the principles of good faith and proportionality. The data will only be processed in the way that was specified when the data was obtained, that is recognizable to the person concerned or that is provided for by a law. VIAC does not process personal data covertly or secretly, unless a law so provides. Personal data will be obtained by VIAC only for a specific purpose that is apparent to the data subject. VIAC shall take appropriate measures to ensure that the personal data processed is correct. If Personal Data is found to be inaccurate or incomplete, VIAC will correct, delete or destroy the Personal Data, unless prohibited by law or regulatory provisions.

Where necessary, VIAC will process Personal Data on the basis of the following grounds:

4.1. Overriding public or private interest

VIAC processes Personal Data for the purpose of initiating or entering into a contract, for the performance of obligations under a contract (e.g. advice, account management, asset management or the execution of transactions), for the analysis of customer behavior (including profiling), for measures to improve products and services or for direct marketing.

VIAC further has legitimate private interests to process Personal Data:

  • in order to secure or enforce VIAC’s claims against the Customer and in the realization of collateral provided by the Customer or third parties (if the third party collateral has been provided for claims against the Customer),
  • in the collection of VIAC’s claims against the Customer,
  • in credit checks and inquiries by VIAC with credit information agencies and authorities,
  • in the event of legal disputes of VIAC with the Customer,
  • in the case of inquiries for entitled persons in the event of no contact or no communication.

4.2. Legal basis

VIAC is obliged to process personal data on the basis of various legal foundations. These include, in particular, obligations under supervisory law (e.g. FINMAG, BankG, FIDLEG, FINMA-RS); legal obligations to prevent money laundering or to combat fraud (e.g. CDB, AMLA) as well as tax laws (e.g. FATCA Law, AIA Law) and archiving obligations.

4.3. Consent

If consent is required for the purpose of processing personal data, VIAC will obtain such consent from the data subject. The consent given may be revoked at any time. Such revocation shall only take effect from the time it is received by VIAC and shall not affect the lawfulness of the processing of Personal Data up to the time of revocation. There may be reasons (e.g. based on a law) that make it necessary to process the personal data despite the revocation.

5. Storage period of personal data

VIAC processes and retains Personal Data for as long as is necessary to fulfill the purpose for which the Personal Data was collected or to fulfill contractual, legal or regulatory obligations.

If personal data cannot be deleted, technical and organizational measures are taken to ensure that

  • technical and organizational procedures are implemented to ensure the integrity of the data, in particular to guarantee the authenticity and integrity of the data or documents (e.g. digital signature or time stamp). In addition, it is ensured that the data cannot be subsequently altered without it being possible to detect this;
  • the contents of the data can be traced at any time;
  • accesses and logins are logged and documented by means of “log files”.

6. Data protection rights

There is the right to information, to correction, to data output, to data transfer, to deletion as well as to contradiction of the collected personal data, provided that no contractual or legal obligation is opposed. Furthermore, the data subject may request that a certain data processing be prohibited or that a certain disclosure of personal data to third parties be prohibited.

7. Recipients of personal data

Personal data will only be processed by those persons within VIAC who need it to fulfill contractual or legal obligations. If necessary, service providers (e.g. outsourcing partners) and third parties will also have access to the data. In this context, banking secrecy and other legal provisions are observed.

Service providers and third parties as recipients of personal data may be, for example:

  • other Group companies / Group companies
  • order processors and other service providers (e.g. suppliers)
  • customers
  • public authorities (e.g. government agencies), insofar as this is required by law or by the authorities
  • other internal departments, e.g. Finance, Human Resources, Compliance

VIAC uses third-party software for customer identification. This software is used to verify the official identification document and compare it with the customer. This fulfills the legal requirements and ensures the correct identity of the customer. Data remains in Switzerland and is only processed by the third-party provider to carry out the identification process and is deleted after 90 days. The customer can request the deletion of their data from the third-party provider at any time by contacting VIAC, which will arrange for the deletion at the third-party provider. All data from the identification process is transmitted to VIAC by the third-party provider and remains stored at VIAC in accordance with the statutory provisions.

VIAC uses third-party software to ensure compliance with the Anti-Money Laundering Act (AMLA). This software is used to check whether the customer is a politically exposed person within the meaning of the AMLA or a sanctioned person. This fulfills the legal requirements and protects the reputation of the Swiss financial center. For this purpose, limited customer data (first name, surname, date of birth, country of domicile and nationalities) are processed by the third-party provider abroad.

8. Data transfer abroad

If data are disclosed abroad, VIAC must notify the state or international body and, if applicable, the guarantees pursuant to Article 16 paragraph 2 FADP or the application of an exception pursuant to Article 17 FADP.

If personal data is transferred abroad, this will take place in compliance with the legally prescribed provisions and where this is necessary for the fulfillment of the contract (e.g. tax reporting obligations). If service providers are used abroad, we oblige them to comply with bank client confidentiality and the Data Protection Act.

9. What is profiling and what is an automated individual decision?

VIAC automatically processes personal data in certain cases to evaluate personal aspects (profiling). This may occur, for example, in the following cases:

  • As part of the legal obligation to combat money laundering and terrorist financing, by means of monitoring and evaluation of payment transactions.
  • In order to inform the customer of services and products tailored to him/her by means of advertising, we may use instruments for evaluation as part of direct marketing measures.
  • For the purpose of determining the creditworthiness of the customer by means of probability calculations.

VIAC reserves the right to process personal data in an automated manner in the future in order to create customer profiles, to predict developments and to identify characteristic and personal features in connection with the person concerned (profiling). VIAC may use the customer profiles created, for example, to make offers and information available to the customer. If the data subject is a customer of VIAC, he/she hereby consents to data processing in this context.

10. Protection of personal data

The protection of personal data has top priority at VIAC. Personal data may be subject to professional secrecy and/or bank client confidentiality. Personal data is treated as strictly confidential and protected from access by unauthorized third parties. Persons who are not subject to a confidentiality obligation do not have access to the personal data collected. VIAC also ensures that the recipients of the personal data comply with the applicable data protection provisions.

11.Contact details of the person responsible

The person responsible for the processing of personal data is:

VIAC Invest AG
Innere Margarethenstrasse 2, 4051 Basel
0800 80 40 40
info@viac.ch

Basel, 1. January 2024