Privacy policy of the Bantleon Group for the processing of personal data in accordance with the revised Swiss Data Protection Act (revDSG)
In this privacy policy, we, the Bantleon Group [Bantleon AG, Bantleon GmbH, Bantleon Invest AG] (hereinafter referred to as the Bantleon Group, we or us), explain how we collect and otherwise process personal data. This is not an exhaustive description; other data protection declarations may regulate specific matters. Personal data means any information relating to an identified or identifiable individual.
If you provide us with personal data of other persons (e.g. family members, data of work colleagues), please make sure that these persons are aware of this privacy policy and only share their personal data with us if you are allowed to do so and if this personal data is correct.
This privacy statement is designed to meet the requirements of the revised Swiss Data Protection Act (revDSG). However, whether and to what extent this law is applicable depends on the individual case.
1. Responsible party
The responsible party for the data processing that we carry out here is the respective company of the Bantleon Group listed below with which you have a business or contractual relationship or whose business activity initiates the respective processing measure:
Bantleon AG
Claridenstrasse 35
8002 Zürich
Telephone: +41 41 728 77 30
E-Mail: legal(at)bantleon.com
Bantleon GmbH
An der Börse 7
30159 Hannover
Telephone: +49 511 288 798 20
E-Mail: datenschutz(at)bantleon.com
Bantleon Invest AG
An der Börse 7
30159 Hannover
Telephone: +49 511 123 540
E-Mail: investment(at)bantleon-invest-ag.de
2. Collection and processing of personal data
We primarily process the personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved or that we collect from their users in the course of operating our websites and other applications.
Where permitted, we also take certain data from publicly accessible sources (e.g. debt enforcement registers, land registers, commercial registers, press, internet) or receive such data from other companies within the Bantleon Group, from authorities and other third parties. In addition to the data about you that you give us directly, the categories of personal data that we receive about you from third parties include, in particular, information from public registers, information in connection with your professional functions and activities (so that we can, for example, conclude and process transactions with your employer with your help), information about you in correspondence and meetings with third parties, information about you from the media and the internet (insofar as this is appropriate in the specific case, e.g. in the context of a job application, press releases, internet, etc.). e.g. in the context of a job application, press review, marketing/sales, etc.), data in connection with the use of the website (e.g. IP address, MAC address of the smartphone or computer, details of your device and settings, cookies, date and time of visit, pages and content accessed, functions used, referring website, location details).
3. Purposes of data processing and legal basis
We use the personal data we collect primarily to conclude and process our contracts with our clients and business partners, in particular in the context of the management of our clients' collective investment schemes, in the context of the purchase of products, the use of services from our contractual partners and in order to comply with our legal obligations at home and abroad. If you work for such a client or business partner, your personal data may of course also be affected in this capacity.
In addition, we process personal data of you and other persons, to the extent permitted and deemed appropriate, also for the following purposes in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
- Offer and further development of our offers, services, websites and other platforms on which we are present;
- Communicating with third parties and processing their enquiries (e.g. applications);
- Examination and optimisation of procedures for needs analysis for the purpose of direct customer contact as well as collection of personal data from publicly accessible sources for the purpose of customer acquisition;
- Advertising and marketing (including the organisation of events), insofar as you have not objected to the use of your data (if we send you advertising as an existing customer of ours, you can object to this at any time and we will then put you on a blocking list against further advertising mailings);
- Market and opinion research, media monitoring;
- Assertion of legal claims and defence in connection with legal disputes and official proceedings;
- Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud, money laundering and terrorist financing);
- Ensuring our operations, in particular IT, our websites and other platforms;
- Video surveillance to maintain housekeeping rights and other measures for IT, building and facility security and protection of our employees and other persons and assets belonging to or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone records);
- Purchase and sale of business units, companies or parts of companies and other transactions under company law and the associated transfer of personal data as well as measures for business management and insofar as for compliance with legal and regulatory obligations as well as internal regulations of the Bantleon Group.
Insofar as you have given us consent to process your personal data for specific purposes (for example, when you register to receive newsletters or carry out a background check), we process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we require such a basis. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.
4. Cookies / Tracking and other technologies in connection with the use of our website
The Bantleon website uses cookies to provide you with an optimal user experience. Cookies are small text files that are stored on your terminal device when you visit our website. They are used to collect and store information about your interactions on our website in order to take your preferences into account and to provide you with personalised content and an improved user experience.
Types of cookies we use:
Necessary cookies
These cookies are essential to provide you with basic features of our website, such as access to protected areas. Without these cookies, the website would not function properly.
Functional cookies
These cookies allow us to store your preferences in order to provide you with advanced features and personalised content.
Analytics cookies
We use these cookies to collect information about how visitors use our website. This allows us to measure and improve the performance of our website. The data collected is anonymous and is used for statistical purposes only.
Furthermore, we use Matomo, an open source software for statistical analysis of visitor access to our website. Matomo uses cookies that are stored on your computer to enable the analysis of website usage. The information generated by the cookies about your use of this website is stored on our own server and is not transferred to third parties. In addition to Matomo, we may also use Google Analytics or comparable services for this purpose.
We also use Adobe Fonts (formerly Adobe Typekit), a service provided by Adobe Systems Incorporated, to ensure an aesthetically pleasing display of fonts on our website. Adobe Fonts allows us to display a variety of high quality fonts to enhance the visual appearance of our website. When you visit our website, fonts from Adobe Fonts are loaded via external Adobe servers. In the process, Adobe may collect information about your visit, such as your IP address, the page accessed, the browser used and the operating system. This data is used by Adobe to monitor licence compliance, optimise the performance of Adobe Fonts and identify potential security issues.
Furthermore, plugins and embedded codes from Vimeo are used on our pages. You can usually recognise the plugins by the respective logos. To ensure data protection on our website, we only use these plugins together with the so-called »ePrivacy Keeper solution«. This application prevents the plugins integrated on our website from transmitting data to the respective provider when you first enter the page. Only when you activate the respective plugin by clicking the associated button, a direct connection to the provider's server is established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account at the same time, the respective provider can assign the visit to our pages to your user account. You can revoke this consent at any time with effect for the future. The content on our pages can also be shared in social networks such as Facebook, Twitter or Google+ in accordance with data protection regulations. This page uses the sharing function of ePrivacy Keeper for this purpose. This tool only establishes direct contact between the networks and users when the user actively clicks on one of these buttons. Clicking on the button constitutes consent. This consent can be revoked at any time with effect for the future. This tool does not automatically transfer user data to the operators of these platforms. If the user is registered with one of the social networks, an information window appears when using the social buttons of Facebook, Google+1, Twitter & Co. in which the user can confirm the text before sending it.
We also include links in some of our newsletters and other marketing emails, where permitted, that allow us to determine if and when you have opened our website or email by retrieving them from our servers so that we can measure and better understand how you use our offers and tailor them to you. You can block this in your email program; most are pre-set to do this.
By using our website and agreeing to receive newsletters and other marketing emails, you consent to the use of these techniques. If you do not wish to do so, you must set your browser or email programme accordingly.
If you use our contact form, your details from the enquiry form will be processed by us for the purpose of processing the enquiry and in the event of follow-up questions.
5. Data disclosure and data transfer abroad
In the course of our business activities and for the purposes set out in section 3, we also disclose data to third parties, where permitted and where we consider it appropriate, either because they process it for us or because they want to use it for their own purposes. This applies in particular to the following parties:
- Service providers of ours (within the Bantleon Group, including order processors (such as IT providers);
- Subcontractors and other business partners;
- customers;
- domestic and foreign authorities, official agencies or courts;
- acquirers or parties interested in acquiring business divisions, companies or other parts of the Bantleon Group;
- other parties to potential or actual legal proceedings;
- all joint recipients.
These recipients are partly domestic, but can be anywhere in the world. In particular, you must expect the transfer of your data to all countries in which the Bantleon Group is represented by group companies, branches or other offices (https://www.bantleon.com/en/contact) as well as to other countries where the service providers we use are located (such as Microsoft).
If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with the applicable data protection law, unless the recipient is already subject to a legally recognised set of rules to ensure data protection and we cannot rely on an exemption provision. An exception may apply in particular in the case of legal proceedings abroad, but also in cases of overriding public interests or if the performance of a contract requires such disclosure, if you have given your consent or if the data in question has been made generally accessible by you and you have not objected to its processing.
6. Duration of storage of personal data
We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations. In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so or legitimate business interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as a matter of principle and as far as possible. For operational data (e.g. system logs, logs), other retention periods may apply.
7. Data protection
We take appropriate technical and organisational precautions to protect your personal data from unauthorised access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, and supervision.
8. Obligation to provide personal data
In the context of our business relationship, you must provide such personal data as is necessary for the establishment and performance of a business relationship and the fulfilment of the associated contractual obligations. Without this data, we will generally not be able to enter into or perform a contract with you (or the entity or person you represent). Also, the website cannot be used if certain information to secure traffic (such as IP address) is not disclosed.
9. Profiling and automated decision making
We process your personal data partly automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in particular due to legal and regulatory requirements with regard to combating money laundering, terrorist financing and asset-endangering offences in order to carry out data evaluations (including transactions). We may also analyse your data to determine your potential interest in our products and services. This evaluation is carried out using statistical methods based on current and past customer data. We use the results to address you in a more demand- and target-oriented manner.
As a matter of principle, we do not use fully automated decision making for the establishment and implementation of the business relationship or in any other way. Should we use such procedures in individual cases, we will inform you separately about this, insofar as this is required by law, and inform you about the associated rights.
10. Rights of the affected person
Within the framework of the revDSG, you have the right to information, correction and deletion as well as to the release of certain personal data for the purpose of transfer to another body (so-called data portability). Please note, however, that we reserve the right to enforce the restrictions provided for by law, for example if we are obliged to retain or process certain data, have an overriding interest in doing so (insofar as we are entitled to rely on this) or require it for the assertion of claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of revoking your consent in section 3. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or costs. We will inform you in advance if this is not already contractually regulated.
The exercise of such rights usually requires that you clearly prove your identity (e.g. by a copy of your ID card where your identity is otherwise not clear or cannot be verified). To exercise your rights, you can contact us at the address given in section 1.
In addition, every affected person has the right to enforce his or her claims in court or to complain to the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
11. Privacy policy for the application process
Responsible for the processing of personal data in the application process is the respective company of the Bantleon Group listed under point 1, whose business activity initiates the respective processing measure.
The Bantleon Group and its affiliates process your data as part of the application process in accordance with the applicable legal regulations.
Origin and purpose of data processing
Any personal data including all attachments (hereinafter referred to as »data«) that you or third parties (e.g. information from your references or a recruiter) provided to us as part of the application process will be collected, processed and used for the purpose of reviewing and deciding on your application.
In the event of your employment, data already collected may be further processed and used for the purpose of implementing the employment relationship.
Recipients
In accordance with legal requirements, your data will be treated as strictly confidential and will only be accessible to the persons responsible for the selection. Furthermore, the data may be processed and used with all companies of the Bantleon Group for the purpose of examining and deciding on your application. In doing so, it is ensured that the state in question has appropriate data protection or that appropriate data protection is contractually guaranteed.
Duration of storage of personal data
If you do not request the deletion of your data, your data will generally be stored for the duration of the application process and deleted after a period of 6 months.
Data protection and rights of the affected person
With regard to data protection and your rights, please refer to the lists in section 7 and section 10 above.
12. Changes
We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply.