Vontobel Holding AG and any of its affiliates («Vontobel», «us» or «we») appreciates highly your interest in our products and services. Your privacy is important to us and we want you to feel comfortable using our products and services and visiting our website. It is a major concern for Vontobel that your personal data is treated in a responsible manner and in compliance with legal requirements. To this end, we take a number of precautions, such as implementing robust technical and organizational security measures (e.g., password encryptions, firewalls, authentication technologies, access management, employee awareness-raising and training, appointment of a Data Protection Officer (DPO)).
2.1 Categories of personal data
Vontobel processes different categories of personal data (such as data of clients, prospects, website users, supplier, vendors or other third parties), it limits its processing of these to a necessary minimum and in accordance with the applicable laws and regulations. This is understood as referring to the following:
2.2 Origin of personal data
In line with the purposes of paragraph 2.3, we may collect personal data – to the extent legally permit-ted – from the following sources, in particular:
2.3 Purpose and usage of data
We may process personal data as described above for the provision of our services and/or for our own legally prescribed purposes and to the extent legally permitted. This is understood as referring to the following, in particular:
In this connection, we wish to expressly point out that we (further) evaluate any non-anonymous per-sonal data submitted voluntarily by you and, in particular, can use this data to collect additional per-sonal information about you from publicly accessible sources or publicly accessible collections of data. You herewith give your express consent to this process. If you do not then please do not register for, or use any Vontobel Services and do not use our website.
However, personal data that is not anonymous, such as postal and e-mail addresses provided when submitting enquiries or requesting information, will be used primarily for the purpose of corresponding with you or sending you relevant information, e.g., where any kind of newsletter and/or an event registration has been requested.
Additionally, non-anonymous personal data are only made available to those employees or third par-ties who need to have knowledge of this information in order to provide products and services, or if we are required by law or regulatory provisions to disclose this information. To the extent permitted by law, we may also forward non-anonymous personal data for the purposes described above to companies that provide services on our behalf. The data collected may be disclosed to service providers outside the EU/EEA, Switzerland or outside the country in which the user is domiciled (see paragraph 5). These service providers are required to treat as confidential the information and all data collected and to use it exclusively for the purposes for which it is provided and are contractually bound by the applicable data privacy laws and regulations.
No personal data is sold to other parties for marketing or any other purposes.
2.4 Specific cases for automated individual decisions, including profiling
Vontobel reserves the right to analyze and evaluate your data (including data relating to affected third parties, see paragraph 2.1) in an automated manner in future so as to identify significant personal characteristics for you or to predict future developments and to create relevant profiles. These are used in particular for business-related checks, individual advisory services and the provision of offers and information that we and our group companies may make available to you.
Your profiles may in future lead to automated individual decisions, e.g., the receipt and execution of your orders within the app in an automated fashion. If you do not wish to have your data used in this way, you have the right to contact us so we do not further use such data for this purpose.
Vontobel ensures that a suitable contact person is available to you if you wish to express a view on any automated individual decision where such opportunity to express a view is required by law.
2.5 Potential recipients, guarantees and disclosure abroad
In the following cases we may give personal data to third parties or to other companies of Vontobel, to the extent legally permitted:
If personal data is transferred to other countries, we ensure that the applicable laws and regulations are complied with (paragraph 5). Depending on the kind of product or service that is used, personal data might also be disclosed to third parties domiciled in countries which in general may not have an appropriate or equivalent level of data protection. However, if data is transferred to such a country, we take ap-propriate measures so that personal data continues to receive appropriate and robust protection (e.g., by agreeing on standard contractual clauses for data transfers between EU and non-EU countries).
Certain countries may have more stringent data protection provisions which may not allow your non-anonymous personal data to be used in these countries to the extent described above. Such provisions may preclude, for example, the collection of additional personal data based on the provided information or the disclosure of your personal data to other parties or companies.
Vontobel may communicate with you via e-mail, app or physical newsletters containing and offering news, promotional offerings, event information or services («Newsletter Services») if you are a regis-tered user (i.e. if you create a user account with us) and opt in for receiving Newsletter Services. If you would rather not receive marketing communication or newsletters from us, you may «opt out» by following the «opt out» instructions in each e-mail footer or by contacting us.
The Newsletter Services may be offered in collaboration with service providers. The information you provide for this purpose may be processed and stored on cloud servers operated by the service pro-viders and located in data centers within Switzerland, the EU/EEA and the United States. Service providers are contractually bound to maintain confidentiality (e.g., by agreeing on standard contractual clauses for data transfers between EU and non-EU countries) and must report any breaches of data protection requirements as soon as identified, so that personal data continues to receive appropriate protection.
Please be advised that data transferred across national borders over the Internet may not be subject to any control while in transit even if the sender and recipient are both located in the same country.
We cannot guarantee the security of data transferred over the Internet and accept no liability in re-spect thereof. Any notices emailed to us by you may not be secure. If you email any confidential in-formation to us, you do so at your own risk. When contacting us, please send data via a secure mech-anism, where appropriate, instead of over the Internet.
The sender and recipient can still be identified even when the information transmitted is encrypted. As a result, a third party could – inadvertently or otherwise – infer that there is a commercial relationship between you and Vontobel. Therefore, we recommend avoiding the transmission of any strictly confidential information via open networks.
Vontobel is in certain circumstances bound to fully or partially outsource business areas and services to companies of Vontobel or service providers outside Vontobel (e.g., payment transactions, subscription and redemption of fund units, printing and dispatch of bank documents, Video identification, electronic certification for electronic signatures, IT systems and other support functions). We might also use such providers for services that are new and have not yet been provided by us.
In such cases, we generally use service providers domiciled in the EU/EEA and Switzerland and, where possible, give preference to our own group companies, so that we can guarantee compliance with corresponding laws and regulations. Where client data at outsourcing companies needs to be disclosed, the corresponding service providers are also required to comply with the provisions on bank-client confidentiality and further applicable rules and regulations. If, in exceptional cases, services are outsourced to a provider abroad, Vontobel will disclose this in accordance with applicable rules and regulations.
We have implemented appropriate and robust data security measures to ensure that this information is only accessible to a restricted number of authorized individuals and that it is protected against unauthorized access, misuse, loss or damage.
In general, any data that we collect in any country or by any company of Vontobel is transferred and stored by us within Switzerland, regardless of the country where the data is collected. Switzerland is recognized as a country that offers an appropriate level of data protection. However, an exception to this general rule applies to data collected in the context of the Newsletter Services (paragraph 3).
Even though the retention period for personal data depends on statutory retention provisions as well as on the applicable justification basis and the purpose of the data processing, Vontobel will only store your personal data for as long as necessary, taking into account our obligation to respond to requests or resolve problems, to provide improved and new services and to act in accordance with applicable laws and regulations.
In particular, this means that we are entitled to keep your personal data for a reasonable period of time after you last contacted us. If the personal data we collect is no longer needed in this way, we are obliged to delete it in a secure manner.
You have a right to be informed whether personal data in relation to you is being processed by us. On request, we will disclose you the personal data in our databases, including available details about the origin of the data, the purpose and, where appropriate, the legal basis for the processing and the categories of the processed personal data, the parties involved in the data collection and the data recipients.
You may withdraw your consent to the process of your personal data and/or may wish to opt out of the use of your information for advertising or marketing purposes at any time with future effect. You can exercise further rights, such as the right of rectification and you are also entitled to have any inaccuracies in your personal data corrected, or to have your data blocked or deleted, dependent on the lawful basis under which we are holding particular data.
Please let us also know, if we do not meet your expectations with respect to the processing of personal data or you wish to complain about our data protection practices; this gives us the opportunity to examine your issue and make improvements, where necessary.
In any of these cases, please send us a clear request in writing, together with a clearly legible copy of a valid official identification document (e.g., passport, ID card) so we can be sure as to your identity, to the entity named in paragraph 15 or by using the request form provided on our website. We will acknowledge receipt as soon as received, examine your issue and reply in good time. If a full response will extend beyond one month, taking into account the complexity and number of the requests, we will advise you of this.
Vontobel understands the importance of protecting children’s privacy, especially in an online envi-ronment. Therefore, our services are not directed to or intended for children under the age of 18 and we do not knowingly collect any personal information from such users.
We use web analysis tools to get information about how people use our sites, internet offerings and apps. These tools are usually provided by third parties. Typically, the information for this purpose is captured with cookies and sent to a third-party server. Depending on the provider, these servers are sometimes in other countries.
The transfer of information is done by using shortened IP addresses, which prevents the identification of individual end-user devices. Your IP address is not linked with other data from these third parties. Any onward transfer by third parties will only be based on legal regulations or as part of a data pro-cessing service agreement.
Our website/app and online Newsletter Services might use retargeting technologies, which we use to make our Internet presence more interesting for you. This technology makes it possible to show adver-tising on other websites to users that have already shown an interest in our products.
On our website/app, data may be collected by using cookie technology for use in optimizing our ad-vertising and our overall online offering. This data is not used to identify you personally, but is instead used solely for anonymously analyzing the use of our website. This technology allows us to show you advertising and/or highlight specific offers and services. Our goal here is to make our online presence as attractive for you as possible and to provide you with advertising that corresponds to your interests.
We may use so-called social plug-ins on our website that allow you to share the content of our website with other Internet users via these social media platforms or that enable you to link to our website on these platforms. The following information on the type and scope of the data collected is based on the notifications and information provided by the individual providers.
Our website might include plug-ins from the social network of Facebook Inc, 1601 South California Avenue, Palo Alto, CA 94304, USA (“Facebook”). Among other things, we use the Facebook “LIKE” button (also known as the “Like Me” button). A Facebook page plug-in is also integrated into our site, which integrates parts of the content of our Facebook page into our website. When you visit a website of ours that contains such a plug-in, your browser establishes a direct connection to a server on Facebook. The contents of the plug-ins are transmitted directly to your browser and integrated into the website. Data is automatically transferred to Facebook and stored on its servers. These transmitted data include connection data (such as your IP address, date and time, the URL called up) as well as the browser and operating system used. Your visit to our websites can be tracked by Facebook, even if you do not actively use the plug-in functions.
If you are logged in with your Facebook account while visiting our website, Facebook can directly associate the visit of our websites with your user account. If you want to prevent this immediate as-signment, you must log out of Facebook before visiting our website. Facebook decides at its own dis-cretion for what purposes and to what extent the transmitted data will be processed and used on its servers. Information on the purpose and scope of data collection and the further processing and use of the transmitted data by Facebook is contained in Facebook’s data protection guidelines. They also contain information about your rights and the possibilities of settings to protect your privacy. For fur-ther details, please consult Facebook’s specific data protection policy.
Our website might include plug-ins from Twitter, Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). We use Twitter buttons to access our Twitter account and Twitter share but-tons to share the content of our website via your Twitter account. We also use a Twitter widget to integrate the timeline of our latest tweets into our website and make it visible. When you visit our website, your browser establishes a direct connection to a Twitter server and the contents of the plug-ins are transmitted directly to your browser and integrated into the website. Certain data is automati-cally transferred to Twitter in the USA and stored there. This data includes connection data (your IP address, date and time, the URL called up), the browser type and the operating system.
Our website might include plug-ins of the Instagram service. These are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA (“Instagram”). We use the integrated Instagram buttons to link to our Instagram profile. A widget is also integrated, which enables us to display certain photos and videos of our Instagram profile on our website. When you visit a website that contains such a plug-in, your browser connects directly to an Instagram server. The contents of the plug-ins are transmitted directly to your browser and integrated into the website. Data is automatically transferred to Instagram and stored on its servers. These transmitted data include connection data (such as your IP address, date and time, the URL called up) as well as the browser and operating system used. This allows Instagram to track your visit to our site even if you are not actively using the plug-in features.
If you are logged into your Instagram account, you can link the contents of our websites to your In-stagram profile by clicking the Instagram button. This allows Instagram to associate the visit to our websites with your user account. If you wish to disable this immediate assignment, you must log out of Instagram before visiting our website. For further details, please consult Instagram’s specific data protection policy.
Our website might include plug-ins from the LinkedIn social network of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). For this purpose, we use the “in” button for sharing content and as a link to our LinkedIn profile. LinkedIn collects information that our corresponding pages have been loaded into your web browser using the LinkedIn plug-ins. LinkedIn also automatically receives the URL of the website from which you came or from the page to which you are redirected. LinkedIn also receives the IP address of your computer or proxy server from which you access the Internet, information about your computer’s operating system and web browser, your mobile device (including the mobile device identifier available through your mobile device’s operating system), your mobile device’s operating system (if you access LinkedIn from a mobile device), and the name of your Internet service or mobile service provider. LinkedIn may also receive location data transmitted from GPS-enabled devices you have enabled if you have not prevented LinkedIn from receiving location data in real time in your mobile device settings. Please note that SlideShare.net, Pulse.me and the Pulse app are part of the LinkedIn services and not part of our web-sites.
Information on the purpose and scope of data collection and the further processing and use of the transmitted data by using the LinkedIn plug-ins is contained in LinkedIn’s data protection declaration.
Despite careful content control, we assume no liability for the content of external links referring to third-party websites. The content of the linked third-party websites are the sole responsibility of their operators. We hereby expressly distance ourselves from all content of third-party websites linked to on our website, and do not adopt such content as our own.
Please let us know, if we do not meet your expectations with respect to the processing of personal data or you wish to complain about our data protection practices; this gives us the opportunity to examine your issue and make improvements, where necessary. In any of these cases, please send us a clear request in writing, to the entity or one of the Data Protection Officers named below:
Vontobel Holding AG
Phone: +41 58 283 59 00
Additionally you can contact our corporate Swiss, EU and/or Group Data Protection Officer (DPO):
In order to comply with other legislations, e.g., Directive 2014/65/EU of the European Parliament (MiFID II), we have to record certain telephone conversations in some of our legal entities with reference to operations concluded in the performance of our services. For further information about the treatment of your personal data in regard to this, please consult the information at vontobel.com/en-int/legal-notice/mifid/.