Privacy Policy

In connection with business relationships with clients or potential clients, the Bank processes data received directly from the data subject (e.g., clients). The Bank also obtains data from service providers (e.g., credit agencies, databases), public registers (e.g., commercial registers), and authorities (e.g., courts, prosecutors' offices) that the Bank requires to provide its services or for legal and regulatory reasons.

Related natural or legal persons include, in particular: authorized representatives, beneficial owners and controlling persons, payment recipients, and any other person with a relationship relevant to the client–Bank business relationship.

The categories of personal data processed include: personal information (e.g., name, date/place of birth, marital status, address, interests, family relationships, contact details), transaction data, financial circumstances, investment objectives, tax residency, US status, professional information, website usage data (e.g., IP address, cookies), and other information on powers of attorney, personal relationships, and log files.

In certain cases, the Bank may process special categories of personal data (e.g., biometric data, health data, criminal or administrative sanctions, ethnic origin, political views, religious beliefs) in connection with:

• Express consent from the data subject
• Assertion, exercise, or defense of legal claims
• Data that the data subject has made publicly available
• Compliance with legal or regulatory obligations

The Bank collects and processes only the personal data necessary to achieve a specific purpose. Data is processed in particular for the following purposes:

• Client business — providing products and services offered by the Bank
• Legal and regulatory compliance — e.g., Anti-Money Laundering Act, tax laws, disclosure obligations
• Marketing — improving products and services, direct marketing, newsletter distribution
• Legitimate interests — business and risk management, IT security, building security
• Administration — account/portfolio management for pension and vested benefits foundations

The Bank processes personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and the Data Protection Ordinance (DPO). The Bank ensures that personal data is processed lawfully, in good faith, and proportionately. Through appropriate technical and organizational measures, the Bank ensures that processed data is accessible only to authorized persons, available when needed, and cannot be altered without detection.

5.1 Overriding Public or Private Interest
The Bank processes personal data to initiate or conclude contracts, fulfill contractual obligations, analyze client behavior, and for direct marketing purposes.

5.2 Legal Basis
The Bank is obligated by various legal and regulatory provisions to process personal data, including the Financial Market Supervision Act, Banking Act, Anti-Money Laundering Act, and Financial Services Act.

5.3 Consent
Where consent is required, the Bank obtains it from the data subject. Consent may be revoked at any time. Revocation takes effect upon receipt by the Bank and does not affect the lawfulness of processing prior to revocation.

The Bank processes and retains personal data for as long as necessary to fulfill the purpose for which it was collected, or to comply with contractual or legal obligations. As a rule, this is 10 years after the service has been provided or the business relationship has ended.

Subject to legal obligations, data subjects have the following rights:

• Right to information about personal data
• Right to rectification of personal data
• Right to data portability
• Right to restrict processing
• Right to withdraw consent
• Right to erasure and objection

If providing information or transferring data involves disproportionate effort, the Bank may charge a cost contribution of up to CHF 300.

Personal data is only processed by those persons who need it to fulfill contractual or legal obligations. Where necessary, service providers and third parties (e.g., outsourcing partners) are granted access to data, while banking secrecy and other legal provisions are observed.

Data transfer abroad does not take place as a general rule. If personal data is transferred abroad, this is done in compliance with legally prescribed provisions and where necessary to fulfill the contract (e.g., international transactions or order execution at foreign trading venues).

The Bank processes personal data automatically in certain cases, for example in connection with its legal obligation to combat money laundering and terrorist financing through monitoring and evaluation of payment transactions.

The Bank's website uses cookies — small text files stored on your device — to make the website more attractive and enable certain functions. Some cookies are deleted after the browser session ends (session cookies), while others remain on the device (persistent cookies).

The website uses Google Analytics to analyze website usage. The information generated by cookies is transmitted to and stored on a Google server. The Bank has extended Google Analytics with the “AnonymizeIP” code to ensure anonymized collection of IP addresses.

The Bank reserves the right to amend this privacy policy at any time in compliance with data protection regulations. The current version is always available on the Bank's website.

The Bank is responsible for the processing of personal data. Inquiries related to data protection may be directed to: