DeEnFr
HomeAbout UsServicesPhilosophyContact Us
©2019 Aquila Wealth Management AG
Legal information / Data protection

Privacy statement of Aquila Wealth Management AG Website.

1. general
This Privacy Policy provides information on how the partner of Aquila AG ("Partner") obtains and processes personal data on its own responsibility in its function as a financial institution or within the framework of the Aquila Partner Model in joint responsibility with Aquila AG ("Aquila", together with the Partner "Joint Controller").

"Personal data" means all information relating to an identified or identifiable natural person. Processing" means any handling of personal data, irrespective of the means and procedures used, in particular the collection, storage, retention, use, alteration, disclosure, archiving, erasure or destruction of personal data.

It is possible that any other documents, such as conditions of participation or similar declarations, may contain specific data references. conditions of participation or similar declarations regulate specific data processing.

If the data subject provides the partner or co-responsible person with personal data of other persons (e.g. family members, work colleagues or employees), the data subject must ensure that these persons are aware of this privacy policy. Their personal data may only be disclosed to the controller if the data subject is authorized to do so and this personal data is correct.

2. controller and contact
The partner who has provided you with or brought to your attention this privacy policy in the context of an inquiry or correspondence, a customer relationship or other contractual relationship is generally responsible for the processing of your personal data. The Partner and Aquila may each be individually or jointly responsible for data processing. Aquila may also assume the role of data processor vis-à-vis the Partner.

Irrespective of whether the Partner is solely or jointly responsible for data processing with Aquila, you can contact the Partner with any data protection concerns:

Aquila Wealth Management AG
Summelenweg 91
8808 Pfäffikon SZ
044 231 65 34

3. collection and processing of personal data
The partner and the co-responsible persons primarily obtain and process personal data provided to them by the data subject, e.g. when opening business relationships, in the context of processing contracts, using products and services or on websites or other applications. They also process personal data that is generated in the context of the use of products or services and is transmitted to the partner or the co-responsible parties. The Partner and the Joint Controllers may, where permitted, obtain personal data from publicly accessible sources, authorities or other third parties.

4. categories of personal data
The partner and the co-responsible persons process various categories of personal data. The most important categories are as follows:

- Master and inventory data (e.g. name, address, nationality, date of birth, information regarding account, custody account, concluded transactions and contracts, information about third parties who are also affected by data processing, such as spouses, authorized representatives and advisors)
- Technical data (e.g. business numbers, IP addresses, internal and external identifiers, records of access)
- Transaction, order and risk management data (e.g. information on the beneficiaries of transfers, beneficiary bank, amount of transfers, information on investment products) - Transaction, order and risk management data (e.g. information on the beneficiaries of transfers, beneficiary bank, amount of transfers, information on investment products) - Technical data (e.g. business numbers, IP addresses, internal and external identifiers, records of access). information on the beneficiaries of transfers, beneficiary bank, amount of transfers, information on investment products)
- Financial data (e.g. creditworthiness data, information on assets, liabilities, risk and investment profile)
- Visitor and prospect data (e.g. users of the partner's websites)
- Marketing data (e.g. preferences, needs)
- Communication data (e.g. contact details such as email address, telephone number)
- Other data (e.g. video or audio recordings, access data)

The data subject discloses many of these data to the partner themselves. The categories of personal data that the Partner and the joint controllers receive from third parties include, in particular, information from public registers, information obtained in connection with official and court proceedings, credit information, information on compliance with legal requirements such as anti-fraud, anti-money laundering, anti-terrorism and export restrictions, information from banks, insurance companies and sales and other contractual partners of the Partner on the use or provision of services, information from the media and the Internet, address and, where applicable, interests and other socio-materials. interests and other socio-demographic data (in particular for marketing and research) and data in connection with the use of third-party websites and online offers, where this use can be attributed to the data subject.

5. purposes of processing
The partner processes personal data primarily to provide its own services, to process contracts with customers and business partners and to comply with legal obligations. Aquila supports the Partner within the framework of the Aquila Partner Model with central services in the areas of Legal, Compliance & Risk, Fiduciary & Accounting, as well as IT and Administration. As part of these services, Aquila processes personal data together with the Partner as joint controllers for the purpose of providing these management, coordination and control functions.

In addition, the Partner or the joint controllers process personal data to the extent permitted and indicated for the following purposes:

- Conclusion and fulfillment of contracts, execution, processing and administration of products and services (e.g. invoices, payments, financial planning, investments, pensions, insurance).
- Monitoring and management of risks (e.g. investment profiles, money laundering risks).
- Planning, business decisions (e.g. development of new or evaluation of existing services and products).
- Marketing, communication, information about and review of the range of services (e.g. advertising in print and online).e.g. advertising in print and online, customer, prospective customer or other events, determination of future customer needs).
- Fulfillment of legal or regulatory obligations to provide information, disclosure or reporting to courts and authorities, fulfillment of official orders (e.g. reporting obligations vis-à-vis the authorities).e.g. reporting obligations to FINMA and foreign supervisory authorities, orders from public prosecutors in connection with money laundering and terrorist financing).
- Prevention and investigation of criminal offenses or other misconduct (e.g. through internal investigations).
- Safeguarding the interests and securing the claims of the partner, if applicable of Aquila AG, e.g. in the event of claims against the partner or claims of the partner against third parties.
- Ensuring the operation, in particular of IT, the website and other platforms.
- Preparation and processing of transactions relating to the purchase or sale of companies or parts of companies or other transactions under company law.

If consent to the processing of personal data has been given for specific purposes (e.g. when registering for a newsletter), the personal data will be processed within the scope of and based on this consent, unless another legal basis is given and necessary. Consent that has been given can be withdrawn at any time, but this has no effect on data processing that has already taken place.

6. data security
The Partner undertakes to protect personal data for the data processing for which it is responsible in accordance with the applicable laws. Where Aquila shares responsibility, it shall ensure the protection of personal data together with the Partner. The protection of personal data includes appropriate technical and organizational security measures (e.g. access restrictions, firewalls, personalized passwords as well as encryption and authentication technologies, training of employees, etc.).

7. disclosure to third parties, categories of recipients
The Partner or the Joint Controllers disclose personal data to the following third parties (recipients) in the following cases:

- For outsourcing in accordance with section 7 and for the purpose of comprehensive client support to other service providers.
- For the execution of orders, i.e. when products or services are used (e.g. to Aquila Wealth Management AG as part of compliance reviews).
- Due to legal obligations, legal justification or official orders, e.g. to courts, supervisory authorities, data protection authorities or other authorities.e.g. to courts, supervisory authorities, tax authorities or other third parties.
- If necessary to safeguard the legitimate interests of the jointly responsible parties, e.g. in the event of legal action threatened or initiated by customers against Aquila or the partner company, in the event of public statements, to secure claims of Aquila or the partner company against customers or third parties, for the collection of receivables, etc.
- With the consent of the data subjects to other third parties.

Recipients of personal data are usually in Switzerland. In particular when using certain products or services of the joint controllers, personal data may also be disclosed to third parties outside Switzerland (e.g. Europe or the USA).

If a recipient is located in a country without an adequate level of data protection, the partner or the joint controllers shall contractually oblige the recipient to
comply with the applicable data protection law (e.g. with standard contractual clauses), unless the recipient is already subject to a legally recognized set of rules to ensure data protection or the joint controllers cannot rely on an exemption provision.

8. outsourcing of business areas or services (outsourcing)
The Partner and the Joint Controllers outsource certain business areas and services in whole or in part to third parties.

The service providers who process personal data for this purpose on behalf of the Partner or the Joint Controllers (so-called processors) are carefully selected. Whenever possible, the joint controllers use processors domiciled in Switzerland. The processors may be authorized to have certain services provided by third parties.

The processors may only process personal data received in the same way as the Partner as sole controller or the joint controllers themselves and are contractually obliged to guarantee the confidentiality and security of the data.

9. automated decisions in individual cases including profiling
The Partner and the joint controllers reserve the right to process personal data automatically in the future, in particular to identify key personal characteristics of the customer, predict developments and create customer profiles. This serves in particular to review and further develop offers and to optimize the provision of services.
Customer profiles may also lead to automated individual decisions in the future (e.g. automated acceptance and execution of customer orders in CRM). In such cases, it will be ensured that a contact person is available if a data subject wishes to express an opinion on an automated individual decision and such an opportunity to express an opinion is provided for by law.

‍10. Use of websites and cookie policy
When a person visits the partner's websites, the web server automatically registers details of their visit (e.g. the website from which the visit takes place, the visitor's IP address, the content of the website that is accessed, including the date and duration of the visit). Such tracking data is used to optimize the websites visited and provides information on how visitors find out about and use the products, services and offers. As a rule, however, it does not allow any conclusions to be drawn about the identity of the visitor. In this respect, no personal data is processed.

However, if the visitor provides personal data, e.g. by completing a registration form or message field for newsletters, etc., the partner may use this data in addition to the purposes stated under point 5. 5, the Partner may use this data for the following purposes in particular:

- for customer and user administration;
- to inform the visitor about services and products;
- for marketing purposes (e.g. sending newsletters);
- for technical hosting and further development of the websites.

When visiting the websites, the visitor's data is transmitted via the Internet, i.e. an open network that is accessible to everyone. Data transmitted via electronic media (including e-mail) cannot be effectively protected against access by third parties. Among other things, this entails the risk that the data may be disclosed or its content altered, that the identity of the sender (e.g. e-mail) and the content of the message may be faked or otherwise manipulated by unauthorized persons, that viruses may be released, that technical transmission errors, delays or interruptions may occur, that data may be transmitted abroad uncontrolled, where data protection requirements may be less stringent than in Switzerland, etc.

By using the websites, visitors confirm their express consent to this privacy policy and the aforementioned risks.

By using the partner's websites, visitors also consent to the use of cookies. Cookies are small files that are stored on the visitor's computer in order to track the corresponding website visit and navigation between different pages and/or to save settings (e.g. selected language). Cookies are used to collect statistical data on the frequency and time of visits to individual areas of the website and help to create customized, useful and user-friendly websites. The visitor can opt out of the use of cookies at any time by deleting the cookies set by the website. Deletion is possible via the settings in the visitor's Internet browser.

Occasionally, the partner uses third-party components (such as plug-ins) to improve the user experience and online advertising campaigns. These components may also use cookies for similar purposes. Neither these third parties nor the joint controllers have access to the data collected by the other using cookies. Finally, the partner also uses cookies in the context of advertisements on third-party websites with which the partner maintains marketing relationships. Where third parties collect anonymized information about the use of the websites and other websites, the Partner may use this anonymized data to improve the effectiveness of advertising.

This section of this Privacy Policy only applies to data that the Partner receives as a result of the use of its website. It does not apply to third-party websites, even if the visitor accesses them via links on one of the Partner's websites. Neither the Partner nor the joint controllers have any influence on the content and data protection practices of third-party websites and cannot accept any responsibility for them.

10. rights of data subjects
Anyone can request information from us as to whether personal data relating to them is being processed. There is a right to object, a right to restriction of processing and, where applicable, a right to data portability. Incorrect data can be corrected. In addition, the deletion of personal data can be requested, provided that there are no legal or regulatory provisions (e.g. statutory retention obligations for business-relevant data) or technical obstacles to the contrary. The deletion of data may mean that we can no longer provide certain services. In addition, where applicable, you have the right to lodge a complaint with a competent authority. Where we process personal data on the basis of consent, this consent can be withdrawn at any time. In order to assist us in responding to your request, we ask you to provide us with an appropriate and comprehensible message. We will review and respond to your request within a reasonable period of time.

‍11. Duration of storage
The duration of the storage of personal data depends on the purpose of the respective data processing and/or statutory storage and documentation obligations, which may be five, ten or more years, depending on the applicable legal basis. As soon as the personal data is no longer required for the above-mentioned purposes, it is generally deleted or anonymized as far as possible.

‍12. Rights of data subjects
‍Anybodycan request information from the partner as to whether personal data relating to them is being processed. There is a right to object, a right to restriction of processing and, where applicable, a right to data portability. Incorrect data can be corrected. Furthermore, the deletion of personal data can be requested, provided that there are no legal or regulatory provisions (e.g. statutory retention obligations for business-relevant data) or technical obstacles to the contrary. The deletion of data may mean that certain services can no longer be provided. In addition, where applicable, there is a right of appeal to a competent authority. Where the partner or joint controllers process personal data on the basis of consent, this consent can be withdrawn at any time. It should be noted that the partner or Aquila AG
reserve the right to assert the restrictions provided for by law, for example if they are obliged to store or process certain data, have an overriding interest in doing so (insofar as they are entitled to invoke this) or require it for the assertion of claims.

In order to assist the partner in responding to your request, please provide us with appropriate, comprehensible information. We will review and respond to your request within a reasonable period of time.

‍13. Changes
‍ThePartner alone as well as together with Aquila AG may amend this Privacy Policy at any time without prior notice. The current version published on the Partner's or Aquila AG's website shall apply.

→Contact