Privacy Policy

The English version of the privacy policy is for information purposes only. In the event of any dispute, the German version is authoritative.

Contents

1. Scope
2. Legal bases
3. Terms
4. Data Controller / Data Protection Officer / Representative
5. Nature, scope, and purpose
6. Applications from potential employees
7. Third parties
8. Cookies, tracking, and other technologies
9. Social Media
10. Data security
11. Switzerland and abroad
12. Rights of the data subject
13. Your obligation to provide personal data
14. Liability
15. Duration
16. Our right to amend at any time
17. No offer and no prospectus

Version dated 01/09/2023

1. Scope

  • In this Privacy Policy, we, Zugerberg Finanz AG and the foundations managed by Zugerberg Finanz AG, the Zugerberg Vested Benefits Foundation, the Wildspitz Vested Benefits Foundation, and the Zugerberg 3a Retirement Savings Foundation (hereinafter: “we” or “us”, “our part”, or the like), explain how we collect and otherwise process personal data. The descriptions are not exhaustive.
  • Depending on the activities we undertake, further regulations (e.g., terms and conditions, conditions of participation, exclusions, and other documents) may apply.

2. Legal bases

  • This Privacy Policy takes into account the requirements of Swiss data protection law and the EU General Data Protection Regulation (hereinafter: the “GDPR”). In individual cases, it must be clarified whether and to what extent the aforementioned regulations apply.
  • If the GDPR is applicable, we process personal data at least in accordance with one of the requirements of Art. 6 GDPR, for example: the processing is necessary for the fulfilment of a contract to which the data subject is a party, or for the implementation of pre-contractual measures taken at the request of the data subject.

3. Terms

  • “Personal data”: any information relating to an identified or identifiable person.
  • “Data subject”: a person about whom personal data is processed.
  • “Processing”: any handling of personal data, regardless of the means and procedures used, in particular the procurement, storage, use, reworking, disclosure, archiving, or destruction of data.

4. Data Controller / Data Protection Officer / Representative

  • The party responsible for the processing of personal data is usually the following person; the individual case may deviate from this.Zugerberg Finanz AG
    47 Lüssiweg
    CH-6302 Zug
    info@zugerberg-finanz.ch

5. Nature, scope, and purpose

  • We use the personal data we collect in particular so that we can conclude and fulfil our contracts with our clients and business partners and comply with our legal obligations in Switzerland and abroad.
  • Furthermore, we may process personal data concerning you and other persons for the following purposes:
    • To provide and further develop our offerings, services, and websites, apps, and other platforms on which we are present;
    • To communicate with third parties and process their inquiries (e.g., applications, media inquiries);
    • To review and optimize procedures for needs analysis for the purpose of direct client contact and to collect personal data from publicly accessible sources for the purpose of client acquisition;
    • Advertising and marketing (including organizing events), insofar as you have not objected to the use of your data for this purpose (if we send you advertising as an existing client, you can object at any time; we will then put you on a blacklist for further advertising);
    • Market and opinion research, media monitoring;
    • To assert legal claims and to mount a defense in connection with any legal disputes and official proceedings;
    • To prevent and investigate criminal offences and other misconduct (e.g., conducting internal investigations, data analysis to combat fraud);
    • To ensure the operation of our business, in particular IT facilities, our websites, apps, and other platforms;
    • Video surveillance to safeguard our right to control who enters our premises and other measures for IT, building, and system security and for the protection of our employees and other persons and of assets belonging to us or entrusted to us (e.g., access controls, visitor lists, network and email scanners, telephone records);
    • To purchase and sell business units, companies, or parts of companies and to carry out other corporate transactions and the associated transfer of personal data, as well as to implement measures for business management and compliance with legal and regulatory obligations and internal regulations;
    • Training for internal use;
    • Other purposes about which you have been informed by us.
  • If you have given us your consent to process your personal data for certain purposes (e.g., when you register to receive newsletters or to carry out a background check), we will process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we need such a basis. Consent given can be revoked at any time, but this will have no effect on data processing that has already taken place.

6. Applications from potential employees

  • We process personal data about potential employees who have applied for a position with us for the purpose of assessing their suitability for the position or fulfilling an employment contract. We may allow persons to store their personal data with us, even if their application is rejected, for the purpose of checking their suitability for employment and contacting them in relation to later job vacancies. We may also use this data to inform them about new developments at our company or to maintain contact with them.

7. Third parties

  • We may have personal data processed by third parties or process it in collaboration with them. We may also transfer personal data to third parties. Such third parties are, in particular, specialized providers whose services we make use of. We also guarantee data protection on the part of third parties.
  • We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of carrying out our business and activities, if and to the extent that such processing is permitted for legal reasons.

8. Cookies, tracking, and other technologies

  • We use “cookies” and similar technology on our websites and apps to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website [or install our app]. If you visit this website again or use our app, it lets us recognize you even if we do not know who you are. In addition to cookies that are only used during a session and are deleted after you leave the website (“session cookies”), cookies can also be used to store user settings and other information for a certain period of time (e.g., two years) (“permanent cookies”). However, you can set your browser to reject cookies, only store them for one session, or otherwise delete them early. The default setting on most browsers is to accept cookies. We use permanent cookies so that you can save user settings (e.g., Language, Autologin), so that we can better understand how you use our services and content, and so that we can show you offers and advertisements tailored to you (which can also happen on websites of other companies; however, they do not find out from us who you are, if we even know this ourselves, because they only see that the same user who visited a particular one of our pages is also visiting their website). Some of the cookies are set by us, some are also set by contractual partners with whom we work. If you block cookies, certain functionalities (e.g., Language selection) may no longer work.
  • To the extent permitted, we sometimes also include visible and invisible image elements in our newsletters and other marketing emails, the retrieval of which from our servers allows us to determine whether and when you have opened the email, so that we can measure and better understand how you can use our services and tailor them to you. You can block this in your email program; this is the default setting in most programs.
  • By using our websites and apps and consenting to receive newsletters and other marketing emails, you consent to the use of these technologies. If you do not want them to be used, you must change the settings on your browser or your email programs, or uninstall the app, unless this can be adjusted via the app settings.
  • If Google Analytics or other statistical services that no personal data (e.g., email addresses) is transmitted to are used:
  • We sometimes use Google Analytics or similar services on our websites. This is a service that enables us to measure and analyze the use of the website (non-personal data); it is provided by third parties that may be located in any country in the world (in the case of Google Analytics, the provider is Google Ireland (based in Ireland); Google Ireland relies on Google LLC (based in the USA) as the order processor (hereinafter both referred to as “Google”), www.google.com). Permanent cookies, which are set by the service provider, are also used for this purpose. We have configured the service in such a way that visitors’ IP addresses are shortened by Google in Europe before being forwarded to the USA and cannot therefore be traced back. We have disabled the “Data transfer” and “Signals” settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles, and link this data to the Google accounts of these persons. If you have registered with the service provider yourself, the service provider also knows you. Your personal data will then be processed by the service provider under the responsibility of the service provider in accordance with its own data protection regulations. The service provider only tells us how our own website is used (no information about you personally).
  • We also incorporate social network plug-ins (e.g., Facebook, Twitter, YouTube, Pinterest, or Instagram) in our website. This is visible to you in each case (typically in the form of corresponding symbols). We have configured these elements to be disabled by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. Your personal data will then be processed under the responsibility of this operator in accordance with its own data protection regulations. We do not receive any information about you from the operator.

9. Social Media

  • We use various platforms (social media) to get in touch with (potential) clients. Personal data may be processed in Switzerland and abroad (EEA or third countries) in this context. The regulations of the respective platforms (contract, terms and conditions, etc.) apply to you in these cases.

10. Data security

  • In order to ensure data security commensurate with the respective risk, we take appropriate technical and organizational measures, e.g., by encrypting data carriers and data transmissions, issuing instructions, conducting training, and implementing IT and network security solutions, access restrictions, and access monitoring.
  • Due to the monitoring activity by third parties (e.g., public prosecutor’s offices or secret services), we cannot directly influence their corresponding processing of personal data.
  • As a financial service provider, our client data is considered confidential and is subject to the corresponding legal confidentiality protection against unauthorized third parties.

11. Switzerland and abroad

  • We generally process personal data in Switzerland. However, we may also transfer personal data abroad (EEA or third countries) and process it or have it processed there, provided that the law there ensures adequate data protection in the assessment of the Federal Data Protection and Information Commissioner (FDPIC) or in accordance with the decision of the Swiss Federal Council, and – if and insofar as the General Data Protection Regulation (GDPR) is applicable – in accordance with the decision of the European Commission.
  • We may transfer personal data to countries whose law does not ensure adequate data protection, provided that data protection is guaranteed for other reasons, in particular on the basis of standard data protection clauses or by means of other appropriate guarantees. In exceptional cases, we may export personal data to countries without adequate or suitable data protection if the special data protection requirements are met, such as the express consent of the data subjects or a direct connection with the conclusion or execution of a contract. We would be happy to provide data subjects with information about any guarantees or provide a copy of such guarantees on request.

12. Rights of the data subject

  • Within the framework of the data protection law applicable to you (e.g., insofar as the GDPR is applicable), you as the data subject have the right to access, correction, and deletion of personal data, the right to free confirmation of the processing of data concerning you, and the right to restrict data processing and to object to our data processing, in particular for the purposes of direct marketing, profiling carried out for direct advertising, and other legitimate interests in the processing, as well as the right to the disclosure of certain personal data for the purpose of transfer to another entity.
  • In order to assert the above-described rights of the data subject, it is generally a prerequisite that you prove your identity, for example by means of a copy of an ID card or the like. In case of doubt, we can request the submission of further documents.
  • In return, we are entitled to the legal and contractual counter-rights, which allow us to restrict the rights of the data subject, for example if we are legally obliged to retain files for a certain period of time.
  • If you would incur costs in connection with asserting your rights as a data subject, we will inform you of this in advance.
  • As a data subject, you have the right to enforce your claims by means of legal proceedings or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

13. Your obligation to provide personal data

  • In order to establish and carry out a business relationship and fulfil the associated legal obligations, you must provide us with various personal data. If you do not provide us with this data, we will not be able to conclude or fulfil a contract with you; for example, our website cannot be used if certain information to ensure data transmission (e.g., your IP address) is not provided.

14. Liability

  • ZF’s liability is excluded to the extent permitted by law.

15. Duration

  • Personal data will be processed for the duration that is necessary for the respective purpose or that is legally required. Personal data the processing of which is no longer necessary will be anonymized or deleted as far as possible.

16. Our right to amend at any time

  • This privacy policy may be unilaterally adapted, supplemented, and amended by us at any time. The version published on our website always applies. Insofar as the privacy policy is part of a contract or agreement with you, we ask you to visit our website at regular intervals in order to view the currently valid version of our privacy policy.

17. No offer and no prospectus

  • This privacy policy does not constitute an offer or a prospectus within the meaning of financial market law.