Declaration on the processing of personal data (Privacy Policy)
With this Privacy Policy, Helvetische Bank AG (hereinafter referred to as the ‘Bank’) provides information on its handling of personal data in accordance with the Swiss Data Protection Act (DSG).
The Bank is responsible for the processing of personal data as described below.
If you have any questions about data protection, please contact the following addresses:
Helvetische Bank AG
Data Protection Officer
Seefeldstrasse 215
CH-8008 Zurich
E-mail: info@helvetischebank.ch
Phone+41 44 204 56 00
The Bank processes personal data lawfully and respects the right of every person to protection of their privacy and protection against misuse of their personal data in accordance with the applicable legal system.
The legal basis of the data protection declaration is Article 13 of the Swiss Federal Constitution (protection of privacy) and Swiss data protection legislation. Personal data is processed in accordance with the Swiss Data Protection Act (DSG) and on the basis of the legal, regulatory and contractual rights and obligations incumbent on the Bank and the Bank's applicable General Terms and Conditions (GTC).
The Privacy Policy provides clients and third parties (e.g. service providers) whose personal data the Bank processes with specific and transparent information about which personal data the Bank processes, why and on what legal basis the Bank processes personal data, how the Bank ensures the accuracy of the processed personal data and when the personal data is destroyed. Finally, the privacy policy contains information on the body responsible for data protection and contact details.
Personal data is any information relating to an identified or identifiable person. Data subjects are persons about whom data is processed. The processing of personal data includes any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification, disclosure, archiving, deletion or destruction of personal data.
3.1 Personal data of clients (including authorized representatives, agents, beneficial owners, controlling owners, etc.)
The type and scope of the personal data processed by the Bank depend on various factors: legal or natural person, categorization of the client (e.g. private client, professional client, institutional client), type of service (e.g. execution-only, investment advice, asset management), type of products (e.g. domestic or foreign securities, funds, structured products, etc.), place of residence or nationality (Switzerland or abroad) and tax domicile (Switzerland or abroad) of the client.
In particular, the following personal data is processed:
Customer data: e.g. surname, first name, date of birth, residential address, e-mail address, telephone number, documents to identify the contractual partner, beneficial owner or controlling person (e.g. passport or ID copy), personal data relevant under tax law (e.g. tax domicile, tax number)
Information on third parties: e.g. data of the authorized representative or agent
Transaction, order and risk management data: e.g. account details and coordinates of the beneficiary's bank, execution venues, information to assess the client's experience and knowledge (e.g. education and training, profession and career), risk appetite and risk capacity (e.g. family circumstances) and risk profile, financial circumstances (e.g. assets, income, expenditure, liabilities) and any instructions (e.g. geographical or industry-specific investment restrictions)
Contacts with customers and third parties: e.g. information on telephone conversations, e-mails and products
Records: e.g. telephone conversations, minutes of conversations and consultations, electronic file notes
Technical data: e.g. account and contract numbers and IP addresses.
3.2 Personal data of visitors and interested parties
The Bank may also process personal data of visitors and interested parties (e.g. so-called “prospects”). In particular, the following personal data is processed:
Data of visitors and prospects: e.g. surname, first name, date of birth, residential or correspondence address and e-mail address, telephone number. Depending on the situation, the bank may process additional personal data to determine the contractual partner, the beneficial owner or the controlling owner (e.g. copy of passport or identity card) and personal data relevant under tax law (e.g. tax domicile) Contacts with visitors and prospects: e.g. information on telephone calls, e-mails, technical data: e.g. IP addresses.
3.3 Personal data of service providers
The Bank may also process personal data of service providers. In particular, the following personal data is processed:
Data of service providers: e.g. surname, first name, date of birth, residential address, e-mail address, telephone number. Depending on the situation, the Bank may process further personal data, e.g. information on the duration and quality of the collaboration, the type and duration of the contract, extracts from commercial and criminal records, contact details.
Contacts with service providers: e.g. information on telephone calls, e-mails.
Technical data: e.g. IP addresses, recording of accesses.
The Bank processes personal data in connection with the establishment and management of the business relationship with the client, to ensure proper business operations, to comply with legal, regulatory and contractual obligations, in particular to
Fulfilment of due diligence obligations (CDB) when identifying the contractual partner, the beneficial owner or a third party acting on behalf of the customer (e.g. authorized representative, agent) in the context of establishing and opening a business relationship
Fulfillment of obligations to clarify the origin of assets and background of transactions in accordance with the Anti-Money Laundering Act (AMLA)
Compliance with the rules of conduct in the provision of financial services (e.g. execution-only, investment advice, asset management)
Fulfillment of duties in the context of management and the monitoring and control of risks (e.g. market, credit and operational risks, investment profiles)
Fulfillment of legal and regulatory disclosure, information and reporting obligations to audit companies, authorities, courts, public prosecutors, etc.
Fulfilling contractual duties and obligations (e.g. in the context of asset management, investment advice, execution of orders, placing orders with service providers)
Safeguarding the interests and securing the claims of the bank and its employees and bodies.
The Bank processes personal data that it receives directly from the client, authorized representative, agent or asset manager (e.g. first and last name, residential address, e-mail address, telephone number, function, application documents) as well as personal data from publicly accessible registers and lists (e.g. commercial register, sanctions list of the US Treasury [OFAC], United Nations [UN], State Secretariat for Economic Affairs [SECO], from the media). The data may also be obtained from publicly accessible registers and lists (e.g. commercial register, sanctions list of the US Treasury [OFAC], the United Nations [UN], the State Secretariat for Economic Affairs [SECO]), from the media and, if applicable, personal data transmitted to it by authorities, courts and public prosecutors' offices.
The duration of the retention of personal data depends on the relevant legal and regulatory provisions, internal bank directives, contractual obligations and the purpose of the data collection.
In principle, the bank retains personal data for the duration of the business relationship and then archives the personal data for 10 or more years, depending on the applicable legal and regulatory provisions. The retention periods may be extended in the case of ongoing or anticipated proceedings. The Bank may also retain data for longer in exceptional cases for other reasons. The Bank destroys or anonymizes personal data after the retention period has expired. The Bank processes and stores personal data exclusively in Switzerland.
The Bank complies with the applicable data protection provisions. In particular, it takes appropriate organizational and technical measures to protect personal data. Organizationally and technically, the Bank ensures that only employees of the Bank who must have access to personal data in order to perform their duties process personal data. These employees receive training and further training in the application of data protection law.
As a matter of principle, the Bank does not forward any personal data. The Bank will forward personal data if there is a legal or regulatory obligation to do so (e.g. in the context of administrative and mutual legal assistance requests, bilateral and multilateral mutual legal assistance agreements, for the attention of the Money Laundering Reporting Office) or a contractual agreement.
The Bank forwards personal data if the disclosure is necessary for the fulfillment of an order placed by the client or a third party representing the client (e.g. authorized representative, agent, asset manager) (e.g. settlement of securities and payment transactions). In addition, the Bank may engage external service providers for the processing of personal data in accordance with section 3. These are in particular IT, support and hosting providers. These providers are checked by the Bank with regard to compliance with data protection and are obliged to process the personal data exclusively on behalf of the Bank and in accordance with its instructions.
If indicated within the scope of the processing purposes in accordance with section 4, the Bank may also disclose the data to third parties such as its business partners, official bodies and other private and/or official bodies, which then process the data not on behalf of the Bank and in accordance with its instructions, but for their own purposes and thus on their own responsibility and in accordance with their own data protection provisions.
Personal data is processed by employees of the Bank. The Bank does not create automated user profiles.
The Bank shall ensure with the care customary in the business that personal data is only processed lawfully, proportionately and in good faith. Any consent to the processing of personal data may be revoked at any time with effect for the future by writing to the address given in section 1.
The client has the right to information, correction, deletion and to the surrender of his personal data for transfer to another body. The Bank reserves the right to assert restrictions provided for by law, e.g. if it is obliged to store or process certain data, has an overriding interest in doing so or requires it for the assertion of claims. The exercise of customers' rights may conflict with contractual agreements and this may have consequences such as premature termination of the contract or claims for compensation. In such cases, the Bank will inform the client in advance, unless this has already been contractually agreed.
The exercise of customer rights requires proof of identity (e.g. a copy of an ID card). To assert their rights, customers can contact the address given in section 1.
Customers have the right to enforce their claims in court or to appeal to the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch).
The Bank may amend the Privacy Policy at any time without prior notice. The current version published on the website shall apply
This declaration is subject to Swiss substantive law. The exclusive place of jurisdiction is Zurich.
Contact form
Send us a message
Address
Helvetische Bank
Seefeldstrasse 215
8008 Zürich
Tel +41 44 204 56 00
Fax +41 44 204 56 99
