Type To Search

E-Banking
Quilvest Logo

Type To Search

Quilvest (Switzerland) Ltd.

Privacy Notice

View / download the brochure

This Privacy Notice provides information on how Quilvest (Switzerland) Ltd. processes personal data.

BE-doc_01_purpose

PRIVACY NOTICE

The purpose of this Notice is to provide information about how Quilvest (Switzerland) Ltd., Stockerstrasse 23, 8002 Zurich, Switzerland (“QVS”), as responsible data controller from a data protection perspective, processes personal data and which rights data subjects have in relation to the Swiss Data Protection Act (“DPA”) and the EU General Data Protection Regulation (“GDPR”). The details on what data will be processed and which method will be used depend significantly on the services requested applied for or agreed upon. Therefore, not every element of this information may be applicable to all clients and data subjects, such as accountholders, authorised agents and representatives, beneficial owners, controlling persons, beneficiaries and other persons involved in or initiating a business relationship with QVS (“Client”).

BE-doc_05_more-info

1. WHO CAN YOU CONTACT IN RELATION TO DATA PROTECTION MATTERS?

The Client can reach the QVS’ responsible department and representative for data protection matters at: Quilvest (Switzerland) Ltd., Data Protection Officer, Stockerstrasse 23, 8002 Zurich,
dpoqvs@quilvest.com

BE-doc_04_client-exe

2. WHICH PERSONAL DATA AND CATEGORIES ARE PROCESSED?

QVS collects and processes personal data that it obtains from Clients in the context of an existing business relationship or from interested parties in the business initiation phase with QVS. Personal data may be processed at every stage of the business relationship and will vary according to the persons involved.

QVS may process personal data that is transmitted to it via technical infrastructure, such as access to websites, cookies, e-banking, apps, or via platforms for payment or securities transactions, or that is transmitted to QVS by third parties, such as authorised agents and representatives, beneficial owners, card-holders, co-obligors in credit arrangements, guarantors, legal successors or beneficiaries. 

QVS also processes personal data, if necessary in order to provide services that QVS obtains from publicly accessible sources, such as debt registers, land registers, commercial registers, press, internet etc. Personal data may also be collected and processed from Swiss and foreign public offices, authorities and courts within the scope of their operations.

Depending upon which products and services are used by the Client, the following categories of personal data are processed:

  • personal information (e.g. name, date and place of birth, nationality, address, telephone number, e-mail address and other contact details);
  • identification data (e.g. ID card, passport details and other national ID or tax numbers), and authentication data (e.g. specimen signature);
  • information on products and services used as well as order and risk management data (e.g. information on payment and securities transactions, investment experience and knowledge, investment risk profile, information on compliance with due diligence requirements and anti-money laundering rules);
  • Client’s account data and information on the business relationship (e.g. account, contract and portfolio numbers, contract duration, information on spouses/partners and other family details, information on authorised agents or representatives);
  • information on the Client’s financial circumstances and his personal and professional background (e.g. data on the Client’s creditworthiness, tax situation and origin of the assets as well as information on the Client’s requirements, interests, wishes and preferences);
  • technical data and information generated by contacts with the Client (e.g. minutes of conversations in relation to investment recommendations, transaction orders) and by the Client’s electronic correspondence with QVS (e.g. logs of system access, changes to settings, website visits);
  • audio-visual data (e.g. video or telephone recordings).
BE-doc_04_client-exe

3. WHAT IS THE PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA?

QVS processes personal data in accordance with the provisions of the DPA and GDPR as follows:

3.1    For fulfillment of contractual obligations
Personal data is processed in order to provide banking and financial services in the context of carrying out QVS’ contracts with Clients or to carry out pre-contractual measures that occur as part of a client request.

The purposes of data processing are based on the specific product or service (e.g. bank account, credit, transactions in financial instruments, maintenance of custody account) and can include, among others, needs assessments, advice, asset management and support, as well as execution of transactions. Client can find further details about the purposes of data processing in the relevant General Terms and Conditions and contract documents.

3.2    In the context of legitimate interests
Where required, QVS processes personal data beyond the actual fulfilment of the contract for the purposes of the legitimate interests pursued by QVS or a third party.  

Examples are:

  • Reviewing and optimizing procedures for needs assessments for the purpose of direct client discussions;
  • Measures for business management and further development of services and products;
  • Risk management;
  • Consulting and exchanging data with information offices (e.g. debt register) to investigate creditworthiness and credit risks in credit business and the requirement in connection with exemption from seizure of assets;
  • Marketing or market and opinion research;
  • Asserting legal claims and defense in legal disputes;
  • Ensuring IT security and IT operation of QVS;
  • Prevention and investigation of crimes and/or misconduct;
  • Video surveillance to protect the rights of owners or tenants of premises and for collecting evidence in hold-ups or fraud;
  • Measures for building and site security, such as access controls. 

3.3    As a result of Client’s consent
As long as a Client has granted QVS the consent to process his personal data for certain purposes, this processing is lawful on the basis of the Client’s consent. Consent given can be withdrawn at any time. This applies also to withdrawing declarations of consent that were given to QVS before the GDPR came into force, i.e. before May 25, 2018. Withdrawal of consent does not affect the legality of personal data processed prior to withdrawal. Revoking consent may affect the scope of products and services QVS can offer.

3.4    Due to statutory provisions or in the public interest  
QVS is subject to various statutory obligations (e.g. Swiss Banking Act, Financial Services Act, Anti-Money Laundering Act, FINMA ordinances and circulars, tax laws) and bank regulatory requirements.

Purposes of processing include, among others, assessment of creditworthiness, checking the identity and age, prevention of fraud and money laundering, fulfilling control and reporting obligations under fiscal laws, and measuring and managing risks within QVS.

BE-doc_04_client-exe

4. WHO RECEIVES PERSONAL DATA?

Within QVS, every unit that requires personal data of a Client to fulfill QVS’ contractual and statutory obligations will have access to it.

With regard to transferring personal data to recipients outside QVS, it must be noted that as a bank QVS is under a duty to maintain secrecy about any client-related facts and evaluations of which QVS may have knowledge (bank client secrecy and data protection rules pursuant to QVS’ General Terms and Conditions). QVS may only disclose information about the Client if QVS is legally required to do so, if the Client has given his consent, if QVS is authorized to provide bank information and/or if processors commissioned by QVS guarantee compliance with bank client secrecy and the provisions of the DPA and/or GDPR.

Under these circumstances, recipients of personal data can be, for example:

  • public entities and institutions (e.g. Swiss National Bank, FINMA) and other competent regulatory, prosecuting, tax or governmental authorities, courts or other tribunals in any jurisdiction upon providing a legal or official obligation;
  • creditors or liquidators submitting queries in connection with a foreclosure;
  • service providers in connection with credit or bank cards;
  • service providers or authorised agents commissioned by QVS. These include companies in the categories of banking services, IT services, logistics, printing services, insurances, legal advisors and consultancy, telecommunications, collection agencies, sales and marketing;
  • finders and external asset managers;
  • third parties in connection with the granting of a loan (such as insurance companies, investment companies, trustees, service providers carrying out value assessments);
  • other companies belonging to QVS (the “QVS Group”) for business purposes, in particular for the benefit of holistic and efficient Client service delivery across QVS Groups entities;
  • other companies such as BEMBERG CAPITAL S.A. and its group companies for the purpose of risk control due to statutory or official obligations (e.g. for group-wide monitoring of compliance, money-laundering and other risks).

The recipients above may autonomously disclose personal data to their agents and/or delegates who process this information for the sole purpose of assisting the recipients in providing their services to QVS and/or assisting the recipients in complying with their own legal obligations.

BE-doc_04_client-exe

5. WILL DATA BE TRANSFERRED TO A THIRD COUNTRY?

Transfers of personal data to recipients in states outside Switzerland or the European Economic Area without equivalent level of data protection (known as third countries) take place as long as

  • QVS has concluded with the recipient of the personal data standard contractual clauses adopted by the European Commission, as adapted to satisfy Swiss law requirements,
  • it is necessary for the purpose of concluding or performing a contract;
  • Clients have granted QVS consent; or
  • another justification or exception provided under the DPA and/or GDPR.
BE-doc_04_client-exe

6. IS A CLIENT OBLIGED TO PROVIDE PERSONAL DATA?

In the context of a QVS business relationship with a Client, a Client must provide all personal data that is required for accepting and carrying out a business relationship and fulfilling the accompanying contractual obligations or that QVS is legally obliged to collect.

In particular, anti-money laundering regulations require QVS to identify Clients on the basis of the Client’s identification documents (e.g. passport, ID card) before establishing a business relationship and to collect and record e.g. the Client’s name, address and other contact details, place and date of birth, nationality, and identification details for this purpose. To enable QVS to comply with these statutory obligations, a Client must provide QVS with the necessary information and documents in accordance with the Swiss Anti-Money Laundering Act, and to immediately disclose any changes over the course of the business relationship.

If a Client does not provide QVS with the necessary information and documents, QVS cannot enter into or continue the business relationship with a Client.

BE-doc_04_client-exe

7. WILL AUTOMATED INDIVIDUAL DECISION-MAKING AND/OR PROFILING TAKE PLACE?

The decisions which QVS makes do not rely on any exclusively automated processing of personal data. If QVS uses fully automated individual decision-making processes, QVS will inform the Client separately and provide information on criteria and procedures applied. The Client can request an explanation about automated individual decision-making carried out, to express his/her point of view and that a natural person reviews the related decision where such a decision is exclusively based on such processing.

There are some business areas in which personal data are at least partially processed automatically with the aim of evaluating certain personal aspects to the extent required by law and regulation (e.g. for the prevention of money laundering), for needs assessments, for product and service requirements, in the context of lending to assess the credit affordability and the Client’s creditworthiness, in the context of providing advisory and asset management services to perform client segmentation as well as suitability and appropriateness assessments, and in the context of risk management. However, none of these profiling activities pose a high risk to the Client’s personality or fundamental rights as QVS does not match data such that it would allow an assessment of essential aspects of the personality of a Client.

BE-doc_04_client-exe

8. FOR HOW LONG WILL PERSONAL DATA BE STORED?

QVS will process and store personal data of Clients for as long as it is necessary to fulfill the purposes set out in this Privacy Notice or in order to fulfill contractual and statutory obligations. If the personal data is no longer required in accordance with the foregoing, it is deleted, unless further processing is required – for a limited time – for the following purposes:

  • Fulfilling obligations to preserve records according to commercial and tax law: This includes in particular the Swiss Code of Obligations, the Federal Act on Value Added Tax, the Federal Act on Direct Taxation, the Federal Act on Harmonization of Direct Taxes of Cantons and Municipalities, the Federal Act on Stamp Duties and the Federal Act on Withholding Tax.
  • Legal holds, which require the keeping of records for a defined or undefined period of time. A legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated.
BE-doc_04_client-exe

9. WHAT DATA PROTECTION RIGHTS DOES A CLIENT HAVE?

The Client has under the DPA and GDPR

  • the right to access personal data from QVS as to whether and what personal data QVS processes from the Client;
  • the right to rectification of personal data if personal data is inaccurate or incomplete;
  • the right to have personal data deleted if they are no longer required for the purposes for which they were gathered or processed, if the consent has been revoked or if the personal data were unlawfully processed in the first place;
  • the right to have the processing of personal data restricted;
  • the right to data portability if the Client requests that QVS provides certain personal data in a commonly used electronic format or transfers it to another controller.

A Client can withdraw consent granted to QVS for the processing of personal data at any time with effect to the future. Processing that was carried out before the withdrawal is not affected by it.

If the Client wishes to exercise the above-mentioned rights or if the Client does not agree with the way QVS handles the Client’s personal data, the Client can contact QVS by speaking to his Client Relationship Manager, by sending an email or letter to QVS. The contact details can be found under section 1 above. In order for QVS to be able to prevent misuse, QVS may need to identify the requester (for example by means of a copy of the ID card, passport, if identification is not possible otherwise).

If the exercise of any of the above rights are in conflict with your contractual obligations, this may have consequences (including termination of respective contracts), of which QVS will inform the Client accordingly. QVS will also inform the Client if the exercise of any of the above rights entail costs, which may be invoiced to the Client as per applicable laws and regulations.

If the Client is located in the European Economic Area (“EEA”), it also has the right to lodge a complaint with a competent data protection authority in its respective country. A list of authorities in the EEA can be found under https://edpb.europa.eu/about-edpb/board/members_en.

BE-doc_05_more-info

10. INFORMATION ON A CLIENT'S RIGHT OF OBJECTION

10.1 Right to object to data processing for direct marketing purposes
In individual cases, QVS processes personal data of Clients in order to conduct direct marketing. A Client has the right to object to the processing of personal data for the purpose of this type of marketing at any time. This also applies to profiling, insofar as it is in direct connection with such direct marketing. If a Client objects to processing for the purpose of direct marketing, QVS will no longer process a Client’s personal data for this purpose.

10.2 Individual right of objection
On grounds relating to a Client’s particular situation, a Client shall have the right of objection, at any time, to the processing of his personal data, which is based on the public interest or on balancing interests.   

10.3 Recipient of an objection
If a Client submits an objection, QVS will no longer process its personal data unless QVS can give evidence of mandatory, legitimate reasons for processing, which outweigh the Client’s interests, rights, and freedoms, or processing serves the enforcement, exercise, or defense of legal claims. Please note, that in such cases QVS will not be able to provide services and maintain a business relationship.

The objection should be addressed to the contact details under section 1 above.

BE-doc_06_doc-review

11. AMENDMENTS TO THIS PRIVACY NOTICE

QVS reserves the right to amend this Privacy Notice at any time for any reason. The version published on www.quilvest.ch/legal is the current version.

 

Last update: January 2024

Â