Privacy notice (Short Version)

Last updated 1 October 2020

This privacy notice applies to Swiss Asset Management AG, which sometimes use trading names including SAM (together “SAM” or "we" or “our”).

This notice shows our commitment to protect your privacy rights and sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. It applies to:

  • the website/portal features and services provided to you when you visit our websites, portals or our payment panels our clients may use on their websites;
  • your use of software including terminals, mobile and desktop applications provided by SAM; and
  • email, other electronic messages including SMS, telephone, web chat, website/portal and other communications between you and SAM.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

SAM takes a ”layered approach” to explaining its privacy practices, as recommended by regulators. This means that we endeavour to initially provide you with the key privacy information in the form of this ”short form” privacy notice. To review our complete privacy notice, please see our Comprehensive Privacy Notice. Contact us details are provided at the end of this privacy notice, for feedback or any privacy enquiries you may have.

INFORMATION WE MAY COLLECT FROM YOU

You may provide some information to us, for example when you enquire for or make an application for the SAM Services, register to use and/or use any SAM Services, by filling in forms on one of our websites, participating in one of our events or by corresponding with by us phone, e-mail, web chat or otherwise. We may collect some of it through automatic means, for example by using cookies when you visit our websites. Read our Cookie Statement to know more. We may also obtain data about you from third parties, like credit reference and fraud prevention agencies.

USES OF THE INFORMATION

We use information we collect about you to provide you with the products we offer, to notify you about changes to our products and to improve our products. We also use this information to provide you with information about other products we or selected third parties offer which are similar to the ones you have used or enquired about or we think may be of interest to you. If you use one of our financial products, we will also use your information to assess your financial situation and to try to identify and prosecute possible frauds.

DISCLOSURE OF YOUR INFORMATION

We will not disclose your personal data to anyone except as described in this notice.

We may share your personal information with third parties to provide you with the products we offer, including service providers, credit reference agencies and financial institutions. We may also share your personal information with third parties to prevent crime and reduce risk, if required to do so by law, where we deem it appropriate to do so, to respond to legal process or to protect the rights or property of SAM, our customers or others.

WHERE WE STORE YOUR PERSONAL DATA AND DATA SECURITY

The information SAM collects from you may be transferred to, stored at and processed by recipients located in destinations outside the European Economic Area ("EEA"). These countries may have data protection standards that are different to (and, in some cases, lower than) those in which you reside. We will take all steps necessary to ensure that the recipients will use and protect your information in the same secure way that we do.

If we have given you (or if you have chosen) a password, access code or any other secure means or access or authentication which enables you to access certain parts of our site, you are responsible for keeping this password confidential and complying with our instructions. You must not share your password or other login credentials with anyone, and you hereby authorise SAM to act upon instructions and information from any person that enters your credentials.

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site, unless you are communicating with us through a secure channel provided by us. Once we have received your information, we will use strict procedures and security features in an effort to prevent unauthorised access.

YOUR RIGHTS

Where applicable, you may have certain rights under data protection legislation, including the right to access, correct, update or delete your personal information; object to or restrict its processing; request to transfer certain of your personal information to another service provider (so called, data portability); or to revoke any consent you have given.

However, please note that there are exceptions to those rights. For the full explanation of the rights available, please refer to our Comprehensive Privacy Notice.

AUTOMATED DECISION MAKING

Automated decisions mean that a decision concerning you is made automatically on the basis of a computer determination (using software algorithms), without our human review.

For example, we use automated decisions to complete a credit assessment on you when you apply to financial services of SAM, or to carry out anti-fraud checks on the transactions you perform. However, if you are in the European Union, you have the right to object the automated decision and have it manually reviewed based also on information that you can provide. You can contact us at the details below to exercise your right.

LEGAL BASIS FOR PROCESSING

SAM will process your personal information only when we have one of the following grounds:

  • On the basis of your consent, for example to send you marketing messages;
  • Where necessary to enter into a contract with you and perform our obligations under that contract;
  • Where we have a legitimate interest, subject to such processing not overriding your own rights and freedoms;
  • Where we have a legal obligation to collect your personal information or otherwise needs your Personal Information to protect your vital interests or those of another person; or
  • Exceptionally, when necessary in the public interest, for example when law enforcement agencies request information to investigate a crime.

CHANGES TO OUR PRIVACY NOTICE

Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this privacy notice.

CONTACT US

At SAM, we welcome all comments, queries and requests relating to our use of your information.

Our Data Protection Officer is the person in charge of ensuring our company adheres to this privacy notice. This person is also the main contact for our Data Protection Supervisory Authority. If you wish to exercise any of your rights or receive further information concerning Swiss Asset Management AG (to which this notice applies), you should write to our Data Protection Offer (DPO) via the contact form on the Contact Us page of our website or at the address below:

Swiss Asset Management AG, Attention: DPO, Bahnhofstrasse 32, 6300 Zug, Switzerland

Privacy notice (Comprehensive Version)

Last updated 1 October 2020

This Comprehensive Privacy Notice, together with our Terms of Use governs SAM’s collection, processing and use of your Personal Data. As used in this Privacy Policy, "SAM", "we", "us" or "our" refers to Swiss Asset Management AG, a Swiss E-Money Institution, registered with the Swiss Companies Register under company number CHE-100.818.828, with its registered address at Bahnhofstrasse 32, 6300 Zug, Switzerland.

References to “you” or “your” in this privacy notice are to the individual who is accessing or applying to use the SAM Services (as defined below) either on your own account or on behalf of a business. This includes, in relation to a customer or prospective customer of SAM, any sole trader and any principals, including the managing and financial directors, any other directors and officers, shareholders, partners and beneficial owners of a customer, as well as any member of staff accessing or using the SAM Services on behalf of a customer.

This notice shows our commitment to protect your privacy rights and sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. It applies to:

  • the website/portal features and services provided to you when you visit SAM’s website
  • your use of software including terminals, mobile and desktop applications provided by SAM; and
  • email, other electronic messages including SMS, telephone, web chat, website/portal and other communications between you and SAM.

Together these are all referred to in this notice as “SAM Services”.

Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.

SAM is the data controller under this Privacy Policy, which sets out the manner in which SAM, as data controller, may use your Personal Data.

“DPL” herein means data protection law applicable to SAM, including the Swiss Data Protection Act and the EU General Data Protection Regulation 2016/679, their successors or implementing texts. Personal Data" has the meaning set forth in DPL. This notice covers our use of your Personal Data arising from use of the SAM website (www.samswiss.ch) as well as registering / subscribing / buying / selling / using our products and services. If you have any questions or need any further clarity please get in touch. Contact details are set out below in the Contact Us section.

In this Privacy Policy capitalised terms have the meaning set out in the Definitions section below.

SAM is committed to protecting and respecting your privacy. The purpose of this Privacy Policy is to describe:

  • The types of Personal Data we collect and how it may be used;
  • Our use of cookies and similar technology;
  • How and why we may disclose your Personal Data to third parties;
  • The transfer of your Personal Data within and outside of Switzerland and the European Economic Area (“EEA”);
  • Your statutory rights concerning your Personal Data;
  • The security measures we use to protect and prevent the loss, misuse, or alteration of Personal Data; and
  • Retention of your Personal Data by SAM.

Collection and use of personal information

A. Personal Information We Collected

We collect Personal Data to provide you with our Services. When we require certain personal information from users it is because we are required by law to collect this information or it is relevant for specified purposes. Any information you provide to us that is not required is voluntary. You are free to choose whether to provide us with the types of personal information requested, but we may not be able to serve you as effectively or offer you all of our Services when you do choose not to share certain information with us.

For example, we collect personal information which is required under the law to register for an account, add a payment method, or execute a transaction. We also collect personal information when you use or request information about our Services, subscribe to marketing communications, request support, complete surveys or sign up for a SAM event. We may also collect personal information from you offline, such as when you attend one of our events, or when you contact customer support. We may use this information in combination with other information we collect about you as set forth in this Privacy Policy. This may include:

  • Personal Identification Information: Full name, date of birth, age, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email.
  • Account information, such as username, password, account settings and preferences;
  • Financial information, such as bank account numbers, bank statement, and trading information;
  • Formal Identification Information used for identity verification: Tax ID number, passport number, driver’s license details, national identity card details, photograph identification cards, and/or visa information.
  • Residence verification information, such as utility bill details or similar information;
  • Information regarding the way in which you use our services, such as when you used our services and the specific services used; and
  • Information relating to communications with us, whether through the SAM website or via e-mail, over the phone or via any other medium.
  • Employment Information: Office location, job title, and/or description of role.
  • Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, and/or timestamp.
  • Online Identifiers: Geo location/tracking details, browser fingerprint, OS, browser name and version, and/or personal IP addresses.
  • Usage Data: Survey responses, information provided to our support team, public social networking posts, authentication data, security questions, user ID, click-stream data and other data collected via cookies and similar technologies. Please read our Cookie Statement for more information.
  • Any other information that you or your customer provide to us.

We also automatically collect certain computer, device and browsing information when you access the SAM website or use SAM Services. This information is aggregated to provide statistical data about our users' browsing actions and patterns, and does not personally identify individuals. This information may include:

  • Computer or mobile device information, including IP address, operating system, network system, browser type and settings. This information may be directly obtained by SAM or through third party services such as Google Analytics and other tracking tools. This service usage data helps us our systems to ensure that our interface is accessible for users across all platforms and can aid during criminal investigations;
  • Website usage information.

We also collect information through our applications. if you download or use mobile or desktop applications provided by SAM, we may receive information about your location and your device or the service you are using (including where a payment transaction takes place). Some devices allow applications to access real-time location-based information (for example GPS). Our mobile and desktop apps may collect such information from your mobile device or your computer at any time while you download or use our apps, if your device has real-time location data access enabled. Where required, we will always seek to notify you if it is our intent to collect real-time location information and, also where required by law, obtain your consent. We may use such information for regulatory purposes, our own due diligence checks, to better understand transaction patterns and to optimise your experience.

We may receive information about you from other sources and add it to our account information. For example, we work closely with, and receive information from, third parties like business partners, financial institutions, merchants, subcontractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference and fraud prevention agencies. Credit reference and fraud prevention agency use is further explained below. We may also review public comments and opinions made on social networking sites (e.g. Facebook and Twitter) to better understand our customers and our provision and development of the SAM Services.

Finally, we may collect Personal Data from third party partners and public sources, which include:

  • Reputational information;
  • Financial information;
  • Business activities of corporate customers.

We need to collect certain types of information for compliance with legal requirements relating to our anti-fraud/anti-money laundering/counter financing of terrorism/know your customer obligations. If this information is not provided we will not be able to provide a service for you. Your Personal Data may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defense of legal claims. We will not delete Personal Data if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved. We may perform behavioral tracking of a customer's activities on our SAM website or across different websites, or allow third-party data collection through our SAM Service.

It is important to note that the Personal Data we collect on you when you create an account will be retained for the mandatory retention period set forth by applicable law and as necessary for us to maintain an exhaustive documentation of our operations as required from us as regulated financial sector professionals, even if your account has not been successfully activated (e.g., if account verification has not been completed) or no transaction has been made using it.

Our privacy notice has incorporated elements from the General Data Protection Regulation (GDPR) as we act in accordance to its personal information processing rules within the European Economic Area (EEA). For individuals who reside in the European Economic Area, (including Switzerland (collectively “EEA Residents”), pursuant to Article 6 of the EU General Data Protection Regulation (GDPR) or any equivalent legislation (collectively “EEA Data Protection Law”), we process this personal information to comply with our legal obligations.

B. Use of Cookies and Similar Technology

SAM receives and stores certain information automatically whenever you interact with SAM. The SAM website uses cookies. Cookies are small text files that are placed on your computer by websites that you visit, including SAM. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Cookies are typically stored on your computer's hard drive. Information collected from cookies is used by us to evaluate the effectiveness of our website, analyze trends, and administer the Platform. The information collected from cookies allows us to determine such things as which parts of our website are most visited and difficulties our visitors may experience in accessing our website. With this knowledge, we can improve the quality of your experience on the Platform by recognizing and delivering more of the most desired features and information, as well as by resolving access difficulties. We also use cookies and/or a technology known as web bugs or clear gifs, which are typically stored in emails to help us confirm your receipt of, and response to, our emails and to provide you with a more personalized experience when using our website. The information we collect includes:

  • Technical information, including the Internet protocol (IP) address used to connect your computer or device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system platform;
  • Information about your visit or whether you opened an email, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the site page and any phone number used to call our customer service number.

We use third party service provider(s), to assist us in better understanding the use of our website. Our service provider(s) will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how visitors navigate around our site, what products are browsed, and general Transaction information. Our service provider(s) analyses this information and provides us with aggregate reports. The information and analysis provided by our service provider(s) will be used to assist us in better understanding our visitors' interests in our website and how to better serve those interests. The information collected by our service provider(s) may be linked to and combined with information that we collect about you while you are using the Platform. Our service provider(s) is/are contractually restricted from using information they receive from our website other than to assist us.

If you want to avoid using cookies altogether, you can disable cookies in your browser. However, disabling cookies might make it impossible for you to use certain features or our website or services, such as logging on to your SAM Account or making transactions. Your use of our website or service with a browser that is configure to accept cookies constitutes an acceptance of our and third-party cookies.

For more information about cookies, the types of cookies we use and how we use them please see our Cookie Statement.

C. How We Use Your Personal Information

We collect and use your information for a variety of reasons. We need some information to enter into and perform our contract – for example your contact and payment details. Some information processing is required by law due to our anti-fraud screening obligations or in the public interest such as making sure we verify our customers' identities.

Some information is processed because you've given your consent to that, which can be withdrawn in your account preferences and settings. Other information we collect and use because we have legitimate business interests to so, having taken into account your rights, interests and freedoms.

We may use your Personal Information to:

  • Create and administer your SAM account and generally for accounting, billing, maintenance of legal documentation and claim and dispute management. Related processing operations are necessary for the performance of a contract with you (or to take steps at your request prior to entering into a contract), and for compliance with legal obligations to which we are subject;
  • Process your SAM transactions. Related processing operations are necessary for the performance of a contract with you and for compliance with legal obligations to which we are subject;
  • Verify your identity in accordance with applicable know-your-customer, money laundering and other financial sector legislation or regulations, including as required for compliance with the SAM Anti Money Laundering ("AML")/Counter Terrorist Financing ("CTF") Policy, as well as address other law enforcement needs as more fully described in our Terms of Use, and generally as required for compliance with legislation and regulations applicable to SAM. SAM utilises and thus shares information with a third-party AML verification tool in addition to its internal identification screening procedures.
  • Personalise your SAM Services experience. Related processing operations are necessary for purposes of our legitimate interests (that is, improving our services);
  • Analyse SAM website usage, and improve our website and website offerings. Related processing operations are necessary for purposes of our legitimate interests (that is, improving and promoting our services);
  • Help us respond to your customer service requests and support needs. Related processing operations are necessary for the performance of a contract with you, and for purposes of our legitimate interests (that is, improving our services and offering you the best experience);
  • Contact you about SAM Services. The email address you provide may be used to communicate information and updates related to your use of the SAM Services.

Automated Decisions Making

Automated decisions mean that a decision concerning you is made automatically on the basis of a computer determination (using software algorithms), without our human review. We may make automated decisions on certain matters. For example, we may do this to decide whether we can provide our services to you based on a credit check/risk profiling. Depending on the outcome of the credit check/risk profiling, a decision will be reached automatically as to whether we are able to provide products or services to you based on your credit worthiness.

If you disagree with the decision you are entitled to contest this by contacting us at following email address: [email protected]

D. Marketing

We may also occasionally communicate company news, updates, promotions and related information relating to similar products and services provided by SAM. We may also administer a contest, promotion, survey or other site features as will be more explained on the website. We shall only do this where you have given us your consent or otherwise where we are permitted to do so under the DPL in pursuit of our legitimate interests (that is, promoting our services).

We may share Personal Data with third parties to help us with our marketing and promotional projects, or sending marketing communications.

If you want to opt out of receiving promotional and marketing emails, text messages, post and other forms of communications from us (or our promotional partners) in relation to which you might receive in accordance with this section, you can best opt out by using one of the following ways:

  • Log into your account and update your profile.
  • Click "unsubscribe" at the bottom of an email we sent you.
  • contact us at [email protected] to opt-out.

If you do opt out of receiving promotional and marketing messages, we can still contact you regarding our business relationship with you, such as account status and activity updates, survey requests in respect of products and services we have provided to you after you reserve from us, reservation confirmations or respond to your inquiries or complaints, and similar communications.

DISCLOSING AND TRANSFERRING PERSONAL DATA

We may disclose your Personal Data to third parties and legal and regulatory authorities, and transfer your Personal Data outside Switzerland and the EEA, as described below.

A. Disclosures to Third Parties

There are certain circumstances where we may transfer your Personal Data to employees, contractors and to other parties.

  • We may share information about you with other members of our group of companies so we can provide the best service across our group. They are bound to keep your information in accordance with this Privacy Policy;
  • We may also share your information with certain contractors or service providers. They may process your Personal Data for us, for example, if we use a marketing agency. Other recipients/service providers include advertising agencies, IT specialists, database providers, backup and disaster recovery specialists, email providers or outsourced call centres. Our suppliers and service providers will be required to meet our standards on processing information and security. The information we provide them, including your information, will only be provided in connection with the performance of their function;
  • We may also share your information with certain other third parties. We will do this either when we receive your consent or because we need them to see your information to provide products or services to you. These include credit reference agencies, anti-fraud databases, screening agencies and other partners we do business with.
  • We may share your information to improve and develop our business, including without limitation to optimise our websites/portals, products and services. This may include using information you insert into forms but do not submit to us, for example by using that information to optimise our website(s) and contacting you for customer services purposes in relation to that form. We can also use your personal information to develop and test new products and services.

Your Personal Data may be transferred to other third party organisations in certain scenarios:

  • If we're discussing selling or transferring part or all of our business – the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
  • If we are reorganised or sold, information may be transferred to a buyer who can continue to provide services to you;
  • If we're required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority – for example the Police;
  • If we are defending a legal claim your information may be transferred as required in connection with defending such claim.
  • To comply with local and national laws;
  • To send marketing messages, to provide you with the information on products and services you have requested or we think may be of interest to you; to obtain your views on our goods, services and our website(s); in respect of marketing, market research and similar activities, we may use your personal information for such purposes whether or not you are accepted as or continue to receive SAM Services. If you no longer wish to receive marketing or promotional information from SAM, you can always stop it;
  • to manage and mitigate our credit risks. if you apply for one of our financial products we will assess your financial position (and / or of your business), to the extent this is provided for in the applicable Terms of Use. This credit check will also affect any linked parties such as directors, shareholders and principals. We can do so by receiving and sharing information from and with credit reference agencies and fraud prevention agencies. This credit check will affect also anyone with whom you have a joint account or similar financial association. If it is a joint application, and such link does not already exist, then one may be created. These links will remain until you file a “notice of disassociation” at the credit reference agencies. For your information, the agencies will record our enquiries which may be seen by other companies who make their own credit enquiries; and a “footprint” may be placed on your credit file, whether or not you are accepted as our customer. If you are a director, we will seek confirmation from credit reference agencies that the residential address that you provide is the same as that held by the relevant companies’ registry (where applicable). In addition, where you take services from us, we will give information on how you manage your accounts to the credit reference agencies. If you do not repay any monies in full and on time, credit reference agencies will record the outstanding debt and may share this information with other organization that perform checks similar to ours. Records remain on file at such agencies for 6 years after they are closed, whether settled by you or defaulted. If you would like further information on our use of credit reference agencies, please contact us;
  • To prevent, detect and prosecute fraud or crime, SAM may participate in anti-fraud initiatives, which involve assessing you (and/or your customers) and monitoring your transactions and/or locations, to detect patterns requiring investigations or otherwise profile and assess the likelihood of fraud occurring. We can do so utilizing products and services from third parties. Besides, if you give us false or inaccurate information about you, or we identify or suspect a fraud or a crime, we may pass your information to fraud prevention agencies and to law enforcement agencies, and we may decide to take legal action against you;
  • To prevent or mitigate information security risk;
  • To manage and enforce our rights, terms of use or any other contracts with you (and/or your business), including to manage any circumstances where transactions, rewards or points are disputed; manage, investigate and resolve complaints; or recover debt or in relation to your insolvency;

Your Personal Data may be shared if it is made anonymous and aggregated, as in such circumstances the information will cease to be Personal Data.

Your information will not be sold, exchanged, or shared with any third parties without your consent, except to provide SAM Services or as required by law.

The third-party service providers of SAM are contractually bound to protect and use such information only for the purposes for which it was disclosed, except as otherwise required or permitted by law. We ensure that such third parties will be bound by terms complying with DPL.

Specifically, Your Personal Data may be transferred to the following third party organisations in certain scenarios:

GlobalPass analyses ID documents, and other AML-KYC related documents and information to assist us in satisfying our KYC obligations. Globalpass processes and stores data in ISO 27001-certified datacentres worldwide. Learn more about how GlobalPass processes data.

When you top-up through the Platform by wire transfer or credit card, your Personal Data is shared with Bitnuk AG, where Quantum Coins are purchased. Bitnuk AG processes and stores data in ISO 27001-certified datacentres worldwide. Learn more about how Bitnuk processes data.

When you hold, buy, sell or transfer cryptocurrency through the Platform, your Personal Data is shared with Bitnuk AG. Bitnuk AG processes and stores data in ISO 27001-certified datacentres worldwide. Learn more about how Bitnuk processes data.

When you hold, buy, sell or transfer cryptocurrency through the Platform, your Personal Data is shared with Bank Frick. Bank Frick processes and stores data in ISO 27001-certified datacentres worldwide. Learn more about how Bank Frick processes data.

When you apply for a debit card through the Platform, Your Personal Data is shared with UAB Creditco for the approval process. UAB Creditco is an official Lithuanian representative of Wirecard Card Solutions Limited. UAB Creditco processes and stores data in ISO 27001-certified datacentres worldwide. Learn more about how UAB Creditco processes data.

When you apply for an IBAN/bank account through the Platform, Your Personal KYC Data is shared with the relevant bank/service provider, depending on which jurisdiction/bank you choose for the approval process. The banks/service providers we work with process and store your data as follows:

B. Disclosures to Legal Authorities

SAM may be required by law to pass information about you to regulatory authorities and law enforcement bodies worldwide, or we may otherwise determine that it is appropriate or necessary to do so. Such disclosures may also include requests from governmental or public authorities, or with commercial organizations with whom you may have had dealings and whom are seeking to mitigate fraud risk, or for the purposes of litigation or legal process, national security or where we deem it in the national or public interest or otherwise lawful to do so. As such, we may share your Personal Data with law enforcement, data protection authorities, government officials, and other authorities when:

  • Compelled by court order, or other legal procedure.
  • Disclosure is necessary to report suspected illegal activity.
  • Disclosure is necessary to investigate violations of this Privacy Policy or our Terms of Use.

C. International Transfers of Personal Data

We store and process your Personal Data in data centers around the world, wherever SAM facilities or service providers are located. As such, we may transfer your Personal Data outside of Switzerland and the European Union. Some of the countries to which your Personal DatHYPERLINK "https://www.aki.ee/en"ses that are located outside the EU do not benefit from an adequacy decision issued by the EU Commission regarding protection afforded to Personal Data in that country. Details of these specific countries can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en. Such transfers are undertaken in accordance with our legal and regulatory obligations and appropriate safeguards under DPL will be implemented, such as standard data protection clauses with data recipients or processors approved by competent authorities. A copy may be requested at the address set out in the Contact Us section.

YOUR STATUTORY RIGHTS

You have many rights concerning your Personal Data under DPL as mentioned below, and can exercise them by emailing us at [email protected]

Access: you are entitled to ask us if we are processing your information and, if we are, you can request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold about you and certain other information about it to check that we are lawfully processing it. We process a large quantity of information, and can thus request, in accordance with the DPL, that before the information is delivered, you specify the information or processing activities to which your request relates.

Correction: you are entitled to request that any incomplete or inaccurate Personal Data we hold about you is corrected.

Erasure: you are entitled to ask us to delete or remove Personal Data in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the Personal Data is required for compliance with law or in connection with claims.

Restriction: you are entitled to ask us to suspend the processing of certain of your Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.

Transfer: you may request the transfer of certain of your Personal Data to another party.

Objection: where we are processing your Personal Data based on a legitimate interests (or those of a third party) you may challenge this. However we may be entitled to continue processing your information based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your Personal Data for direct marketing purposes.

Automated decisions: you may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.

Please consider that, depending on the country from where you use the SAM Services, not all the above rights may be available to you. Also, there might be cases where these rights cannot be enforced: for example, you cannot object to us using your information when it is required by the law, or to manage a complaint; similarly you cannot ask us to delete your information if you want to continue using the SAM Services.

SECURITY OF PERSONAL DATA

We use a variety of security measures to ensure the confidentiality of your Personal Data, and to protect your Personal Data from loss, theft, unauthorised access, misuse, alteration or destruction. These security measures include, but are not limited to:

  • Password protected directories and databases;
  • Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely;
  • PCI Scanning to actively protect our servers from hackers and other vulnerabilities.

All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database. Only authorised SAM personnel are permitted access to your Personal Data, and these personnel are required to treat the information as highly confidential. The security measures will be reviewed regularly in light of new and relevant legal and technical developments.

We do not ask for financial or payment information, such as your credit card number, passcode, account number or pin number, in an e-mail, text or any other communication that we send to you. Please always check that any website on which you are asked for financial or payment information in relation to our reservations or services is operated by SAM. If you do receive a suspicious request, do not provide your information and report it by contacting one our member service representatives as set in this Privacy Policy.

You are responsible for keeping your account passcode, membership numbers and pin numbers safe and secure. Do not share those with anyone. If there is an unauthorised use or any other breach of security involving your information, you must notify us below as soon as possible.

Please note, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site, unless you are communicating with us through a secure channel that we have provided. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

RETENTION OF PERSONAL DATA

We retain Personal Data for as long as necessary to fulfill purposes described in this Privacy Policy, subject to our own legal and regulatory obligations. The criteria we may use to determine the retention period for certain categories of data includes:

  • How long you have been a SAM member;
  • whether there are contractual or legal obligations that exist that require us to retain the data for a certain period of time;
  • whether there is any ongoing legal or financial claim that relates to your relationship with us;
  • whether any applicable law, statute, or regulation allows for a specific retention period; and
  • what the expectation for retention was at the time the data was provided to us.

While you use the SAM Services, we will retain your personal information as long as necessary to provide you with the services of your choice. That would generally mean we retain your personal information as long as you are our customer and for a period of time afterwards. When our relationship with you ends, we still need to retain certain of your personal information for a time that depends on the legal and regulatory requirements of the country where you are located. For example, we will retain your information for the time allowed by the local laws to start a legal claim (so called “statute of limitation”), or for as long as we are ordered pursuant to on an order from the courts, or by law enforcement agencies or our regulators. In accordance with our record keeping obligations, we will retain Account and other Personal Data for at least five years (and some up to ten years, as required by applicable law) after an Account is closed.

UPDATES TO THIS PRIVACY POLICY

This Privacy Policy was last revised effective as of the notice at the beginning of this policy page. We may change this Privacy Policy from time to time, so it is advisable to review it frequently. Changes to this Privacy Policy will be announced on our website or through similar means for a reasonable length of time prior to and following the change taking effect.

Definitions

Account. The contractual arrangement wherein a SAM member has accepted our Terms of Use and Privacy Policy, and received approval to use the SAM Services, including the purchase and sale of Bitcoins and to perform associated Transactions;

SAM Platform. Hardware and software technologies used by SAM to provide the SAM Service as set out in our Terms of Use;

DPL means data protection law applicable to SAM, including the Swiss Data Protection Act and the EU General Data Protection Regulation 2016/679, their successors or implementing texts as well as equivalent legislation, which is applied to the processing of Personal Data by SAM.

Personal Data. Information that identifies an individual, such as name, address, e-mail address, trading information, and banking details. Personal Data does not include anonymised and/or aggregated data that does not identify a specific user;

Service(s). The technological platform, functional rules and market managed by SAM to permit Sellers and Buyers to perform purchase and sale transactions of Bitcoins and/or other Cryptocurrencies.

Transaction. Includes the following:

  • The action between the Member to Buy and/or Sell cryptocurrencies through the Service for currencies at the market rate.
  • The transfer of cryptocurrencies between Members ("Transfer Transaction");
  • The transfer of currencies among Members ("Currency Transfer Transaction"); and
  • SAM may not offer all these transaction types at this time.

Global Notice

This notice is global in scope, but is not intended to override any legal rights or prohibitions in any territory where such rights or prohibitions prevail. In such event, the rights and obligations set out in this notice will apply, subject only to amendment under any applicable local law having precedence.

Contact Us

If you have questions or concerns regarding this Privacy Policy, or if you have a complaint, please contact us via the contact form on the Contact Us page of our website, or by writing to us at the following address:

Swiss Asset Management AG

Attn: Data Protection Officer

Bahnhofstrasse 32

6300 Zug

Switzerland.

You may also contact us at: +41 43 508 0222.

Complaints

You can also complain about our processing of your personal information to the relevant data protection authority. You can complain in the EU member state where you live or work, or in the place where the alleged breach of data protection law has taken place. In Switzerland, The Federal Data Protection and Information Commissioner (FDPIC) is the competent authority for data processing by federal bodies and private persons, including enterprises. As far as data processing in Europe, the competent body is the European Data protection Supervisor. As far as data processing by cantonal or communal authorities is concerned, the supervision is up to the cantonal and communal data protection commissioners. You can find all contact information here.