Data Protection Declaration

1. Scope of Data Protection Declaration

This data protection declaration applies to the users of the services of our website www.truewealth.ch in accordance with the terms of use and for you as a client if you have concluded an asset management agreement with us.

Depending on the processing of personal data, in addition to the applicable Swiss law (Federal Act on Data Protection (DSG) of 19 June 1992, SR 235.1), European data protection law (Ordinance (EU) 2016/679 (Basic Ordinance on Data Protection)) may also apply, in particular with regard to services with points of contact within the EU (Art. 3 para. 2 lit. a DSGVO).

The use of the services of this website as well as our asset management offer is aimed solely at persons aged 18 and more.

This data protection declaration does not apply in relation to our employees. The data protection with regard to these persons is regulated by the respective employment contract and in accordance with the applicable local laws.

2. Contact Details of the Data Controller and the Data Protection Advisor

See Impressum.

3. Processing of your Personal Data

We process your personal data:

As a customer (cf. para. 4):

  • When opening an online test account and customer accounts
  • For the fulfilment of the contract
  • For advertising purposes

As a user of the website (cf. para. 5):

  • To optimise our website
  • To contact us (E-Mail)
  • To subscribe to a newsletter

4. Processing for Customers

4.1. When Opening a Test Account and Registering for a Customer Account

You can register for our services or set up a password-protected test account to create a virtual portfolio for the purpose of illustrating our services and gaining an insight into asset management. The personal data you enter will be stored and processed. This serves the purpose of providing you with the service you have requested.

To create a password-protected test account, please provide us with the following information:

  • Title, first name, last name
  • Valid e-mail-address
  • Telephone number (voluntarily)

To create a password-protected customer account, provide us with the following information:

  • Title, first name, last name
  • Address
  • Valid e-mail-address
  • Telephone number
  • Citizenship, date of birth and country of birth
  • Information of a personal and financial nature
  • Risk propensity and risk tolerance
  • Bank details
  • Selfie and photo of your identification document

You will also need to enter a password of your choice to set up an account. Together with your e-mail address, this will give you access to your account. To create your (virtual) portfolio, you will need to answer questions about your risk tolerance and investment preferences. The information you provide is stored and processed. On the basis of the evaluation, a proposal is made by the asset management company, which serves as the basis for further personalization. In your test account, you can view and change the personal data kept about you at any time.

The test account can also be set up without specifying the telephone number. This information is voluntary and would only be useful for quicker clarification of any queries or for updates to your virtual test account.

We store and process your personal data and personal information on the basis of Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 lit. b DSGVO and Art. 6 para. 1 sentence 1 lit. a DSGVO. Our legitimate interest derives from the purpose of fulfilling the contract, managing your asset portfolio and servicing customer accounts and potential customers. Personal data that is evaluated for statistics is anonymized and serves to optimize customer service, product improvement and adaptation, market research, etc.

After deletion of your test account, your personal data will be automatically deleted for further use unless you become a customer.

4.2. For the Fulfilment of the Contract

In order to comply with our contractual obligations under the asset management agreement, you must provide us with the following personal data, which go beyond the opening of the account in accordance with 4.1, e.g:

  • Information on the beneficial owners
  • Information on the origin of the asset values to be contributed
  • Information on your tax status
  • Information on external bank relationships
  • Information on your investment preferences

The above-mentioned personal data will be processed by the data controller for the following purposes:

  • To fulfil the asset management mandate

Insofar as this is permitted by law pursuant to Art. 13 para. 2 lit. a DSG or Art. 6 para. 1 sentence 1 lit. b DSGVO and is necessary for the execution of contractual relationships with you, your personal data will be passed on to third parties. This includes, in particular, transmission to the hosting provider of our website software, payment data to payment service providers and to the account-holding bank, Schweizerische Post AG.

The personal data disclosed may be used by the aforementioned third party exclusively for the purposes stated.

4.3. For Advertising Purposes

We send our newsletters and print advertising to specific customer groups. You can unsubscribe from our newsletters and print products at any time. Necessary information from you in this connection are:

  • first name, last name
  • address
  • e-mail-address

The above-mentioned personal data will be processed by the data controller for the following purposes:

  • marketing
  • customer information

Personal data processing is carried out on the basis of an overriding legitimate interest (Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 lit. b DSGVO).

5. Processing for Internet Users

5.1. When using the Information of the Website

When you visit our website, information is temporarily stored in so-called log files on our server. This is information that the browser of your terminal device automatically sends. Namely:

  • IP-Address of the contacting device
  • Date and time of the visit
  • URL of the requested page
  • Referrer URL
  • Browser and other device information

The personal data mentioned will be processed by us for the following purposes:

  • Smooth connection setup of the website
  • Comfortable use of our websites
  • Ensuring system security and stability
  • Evaluations for statistical purposes for the marketing of the products
  • For optimal answering and processing of your inquiries and requested services
  • To improve professional competence and services

The legal basis for data processing is based on Art. 13 para. 1 DSG Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest derives from the intention to guarantee functionality with regard to our services, to operate our website in a user-friendly manner, to keep information constantly updated and to meet the needs of our customers and website visitors.

Under no circumstances do we use the collected personal data for the purpose of drawing conclusions about your person.

5.2. Job Application Process

Our website gives you the opportunity to apply for a job. For this purpose, you submit your application dossier and the following personal data:

  • Title, first name, second name
  • E-mail-address
  • Telephone-number
  • Your preferred job or position
  • Work permit, salary presentation, availability

We process this personal data exclusively for the purpose of assessing your suitability for the advertised position or for handling the application process. If an employee is hired, his or her personal data is transferred to the HR department and stored in his or her personnel file. Personal data processing is regulated in this respect within the framework of the respective employment relationship.

If there is no employment, the transmitted personal data will automatically be deleted irrevocably after 6 months after the announcement of the deletion. Should another applicant cancel in the meantime, we reserve the right to contact you again. If you expressly agree to retention in our database, we will delete the personal data later at an agreed time.

This processing is necessary in order to carry out the application process and is based on pre-contractual measures pursuant to Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 letter b DSGVO.

5.3. E-mail Communication

If you contact us by email, we will only use your voluntarily provided contact information such as name and e-mail address to respond to your inquiry. Please refer to our Terms of Use for e-mail communication.

The provision of this information and the establishment of contact by e-mail is always voluntary.

This processing is carried out in order to communicate with you and is based on Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 letter b DSGVO.

5.4. Newsletter

For the provision of our newsletter we use the so-called Double-Opt-In procedure, i.e. we only send you a newsletter by e-mail if you have expressly confirmed this to us beforehand. You will receive a notification e-mail asking you to confirm the link contained in the e-mail. Only then you have given us your consent to send the newsletter.

  • First name, second name
  • Address
  • E-mail-Address

The above-mentioned personal data will be processed by the data controller for the following purposes:

  • Marketing

The personal data will be processed on the basis of your consent in accordance with Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 lit. a DSGVO.

The personal data stored for the purpose of the newsletter subscription will be stored by us until you unsubscribe from the newsletter. After you have unsubscribed from the newsletter, your personal data will be deleted from our systems. Personal Data stored by us for other purposes (e.g. e-mail addresses for events or course registrations, etc.) remain unaffected by this.

5.5. Cookies

We use cookies defined below on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site. A cookie does not always mean that we can identify you.

Functional Cookies

Name Issuer Purpose Duration
connect.sid www.truewealth.ch Session cookie 1 Stunde
SESSION_ID app.truewealth.ch Session cookie Session

Personalized Cookies

These cookies enable the provision of enhanced functionality and personalization, such as videos and live chat. They may be set by us or by third parties whose services we use on our sites.

Name Issuer Purpose Duration
tw_cookie_consent www.truewealth.ch To document your consent to the cookie statement 3650 Days
_twfeatures app.truewealth.ch For switching on individual features Session
disable_demo_tour www.truewealth.ch To determine whether to play a demo Unlimited
tour_current_step www.truewealth.ch To determine the time of the demo tour Unlimited
tour_end www.truewealth.ch To determine if the demo tour is finished. Unlimited

Analyzing Cookies

These cookies are used for analysis purposes.

Name Issuer Purpose Duration
_gat truewealth.ch Google Analytics 1 Minute
_ga truewealth.ch Google Analytics 2 Years
_gid truewealth.ch Google Analytics 1 Day

The legal basis for personal data processing is predominant legitimate interest pursuant to Art. 13 Para. 1 DSG and Art. 6 Para. 1 S. 1 lit. f DSGVO. Our legitimate interest is to optimize and ensure the security of the use of our website and to make our services more attractive, effective and user-friendly.

By continuing to use our website and/or by agreeing to this Data Protection Declaration, you consent to our use of cookies and to the collection, storage and use of personal data even after your browser session has ended. You can revoke this consent at any time by activating the standard browser setting to reject third party cookies.

Most Internet browsers are set to accept cookies automatically. If you do not want our website to store cookies on your device, you can set your browser to warn you before certain cookies are stored before you set your browser. You can also adjust your settings so that your browser rejects most of our cookies or only rejects certain cookies or deactivates them completely. You can also revoke your consent to cookies by deleting the cookies that have already been saved. See the instructions of the search engine operator:

Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

Mozilla Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored

Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en

Safari: https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Please note that if you limit or disable cookies, certain features of the website may no longer be available to you. If you disable cookies completely, you may not be able to use all the features of our website.

6. Analysis-Tools

6.1. Google Analytics

Our website uses the web analysis service Google Analytics from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies (see Cookies). These enable Google to analyze the use of our website offer including IP addresses in the USA. We would like to point out that on this website Google Analytics was extended by the code "gat._anonymizeIp();" in order to guarantee an anonymous recording of IP addresses (so-called IP masking). If anonymization is active, Google shortens IP addresses within Switzerland and member states of the European Union or other states party to the Agreement on the European Economic Area, which means that no conclusions can be drawn about your identity. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. Google complies with the data protection provisions of the "Swiss-USA Privacy Shield" agreement and therefore has an adequate level of data protection. Google uses the collected information to evaluate the use of our websites for us, to write reports for us in this regard and to provide us with other relevant services. You can find out more at https://support.google.com/analytics/answer/6004245?hl=en, in particular, about the possibility of deactivating Google Analytics at http://tools.google.com/dlpage/gaoptout?hl=en.

The legal basis for personal data processing is predominant legitimate interest pursuant to Art. 13 Para. 1 DSG and Art. 6 Para. 1 S. 1 lit. f DSGVO. Our legitimate interest lies in the fact that our websites are designed and constantly updated to meet the needs of our customers and website visitors and that the use of our website is statistically recorded and evaluated in order to optimize our services.

For more information about Google Analytics, please see the provider's Data Protection Declaration.

https://www.google.com/ (opt-out)

https://analytics.google.com

7. Social media and marketing

We can use the following social plug-ins on our website to make our company better known. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of Art. 13 para. 1 DSG or Art. 6 para. 1 lit. f DSGVO. In addition, we would like to offer the user of our website a user-friendly version in which the connection with friends and colleagues is simple.

The responsibility for data protection-compliant operation is to be guaranteed by their respective providers. Personal data processing in connection with these plug-ins takes place with your consent when you use these plug-ins in accordance with Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 lit. a DSGVO.

If you use the services of these social networks independently or in connection with our website, the social networks will evaluate your use of the plug-in. In this case, information about the plug-in is forwarded to the social networks.

You control the privacy settings of each social network and the permissions we have to access any personal data you provide to us when granting access to your personal data stored on that social network.

7.1. Facebook

Plug-ins of the social network Facebook, which is offered by Facebook Inc., can be used on our website. The Facebook plug-ins are marked with a Facebook logo or the addition "Like" or "Share". An overview of the Facebook plug-ins and their appearance can be found at https://developers.facebook.com/docs/plugins.

When you access a page on our website that contains such a plug-in, your browser establishes a direct connection to Facebook's servers. The content of the plug-in is transmitted directly from Facebook to your browser and integrated into the page.

This integration provides Facebook with the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not logged on to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook profile. If you interact with the plug-ins, for example by pressing the "Like" button, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.

The purpose and scope of the personal data collection and the further processing and use of the personal data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Facebook's personal data protection information:

https://www.facebook.com/about/privacy

7.2. Twitter

Plug-ins from the Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA short message network can be integrated on our website. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter. This enables Twitter to assign visits to our pages to your user account. Further information on this can be found in Twitter's Data Protection Declaration at https://twitter.com/en/privacy.

You can change your privacy settings on Twitter in your account settings at: http://twitter.com/account/settings.

General information about privacy on Twitter https://help.twitter.com/en/twitter-for-websites-ads-info-and-privacy.

We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the data transmitted or its use by Twitter.

7.3. LinkedIn

Plug-ins from the social network LinkedIn Inc LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland can be used on our website. These plug-ins are a quick way to integrate the LinkedIn functionality into your website.

Please note that when you visit our website, the plug-in establishes a connection between your browser and the LinkedIn server. LinkedIn is thus informed that our website has been visited with your IP address. If you click on the "Recommend" button of LinkedIn and are logged into your account at LinkedIn, you have the possibility to link content from our website to your profile page at LinkedIn-Profil. In doing so, you enable LinkedIn to assign your visit to our website to your user account.

You can find more information about this in LinkedIn's Data Protection Declaration at: https://www.linkedin.com/legal/privacy-policy

You can find an overview of the LinkedIn plug-ins and their appearance here: https://developer.linkedin.com/plugins

If you visit a page on our website that contains such a plug-in, your browser establishes a direct connection to the LinkedIn servers. LinkedIn sends the content of the plug-in directly to your browser and integrates it into the page.

We would like to point out that as the provider of the pages, we are not aware of the content of the data transmitted to linkedIn and its use by linkedIn.

7.4. Google+

Plug-ins of the social network Google Plus, which is offered by Google Inc., can be used on our website. The plug-ins can be recognized, for example, by buttons with the character "+1" on a white or colored background. An overview of the Google plug-ins and their appearance can be found here: https://developers.google.com/+/plugins

If you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to Google's servers. The content of the plug-in is transmitted by Google directly to your browser and integrated into the page. Through the integration, Google receives the information that your browser has called up the corresponding page of our website, even if you do not have a profile on Google Plus or are not currently logged in to Google Plus. This information (including your IP address) is transmitted directly from your browser to a Google server in the USA and stored there. If you are logged in to Google Plus, Google can assign your visit to our website directly to your Google Plus profile.

If you interact with the plug-ins, for example by pressing the "+1" button, the corresponding information is also transmitted directly to a Google server and stored there. The information is also published on Google Plus and displayed to your contacts there.

The purpose and scope of the personal data collection and the further processing and use of the personal data by Google as well as your rights in this regard and setting options to protect your privacy can be found in Google's personal data protection information.

7.5. Google Ad Manager

Google Ad Manager is used on our website. In order to increase the success of advertising measures, Google collects information about the surfing behaviour of Internet users. Google uses cookies to optimize advertising. Cookies are often used to deliver ads relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once.

Cookies do not contain any personal data. Depending on the Publisher's and User's preferences, the User's Google Account may store personal data from cookies that are used for advertising purposes.

For more information: https://support.google.com/dfp_premium/answer/2839090?hl=en

Opt-out: https://adssettings.google.com/anonymous?sig=ACi0TCiPXXaTyyjg_3V-gtghLjWDEX9qhXhGO23H5-pZcWRKbKKN9izLHVUaEPRgXwbY-bzdICt3Xxmg116iWgcMjWwh0HNazkFdn61wld7eLVIQGudldTQ&hl=en

8. Disclosure of Personal Data to Third Parties

Your personal data will not be passed on to third parties for purposes other than those listed.

Your personal data will be passed on to the following categories of third parties:

  • Custodian Bank
  • Search engine operators
  • Hosting service provider
  • Financial accounting
  • Service providers in connection with the Act on Combating Money Laundering and Terrorist Financing
  • Analytical tools
  • Other service providers (such as: postal services, website developers, support operators, marketing providers, financial service providers, etc.)
  • Third parties due to legal obligations towards the Anti-Money Laundering Act, supervisory authorities, official audits, etc.

The personal data will only be passed on for the purposes mentioned in this data protection declaration and for reasons of justification stated herein.

The legal basis for personal data processing through access to your personal data by these third parties is based on our legitimate interest pursuant to Art. 13 para. 1 DSG and Art. 6 para. 1 sentence 1 lit. f DSGVO, as well as your consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO. The legitimacy is given, since legal obligations exist, as well as your personal data and information are used and if necessary passed on, in order to optimally support you in asset management, to answer your questions satisfactorily and to process your requested service in time and in your interest. This also helps us to continually optimize our service and customer care.

9. Cross-Border Disclosure in Third Countries without an Adequate Level of Data Protection

No processing in or from a third country without an adequate level of data protection takes place in connection with the processing activities relating to the website.

Otherwise, no personal data will be transferred to third countries without an adequate level of personal data protection or corresponding contractual guarantees or equivalent protection mechanisms or legal requirements.

10. Your Rights

The rights of the data subjects shall be governed by the applicable national and international law.

Depending on the applicable law, the data subjects may assert the following rights:

  • To request information about your personal data processed by us. In particular, information pursuant to Art. 8 DSG or Art. 15 DSGVO may contain information:
    • the purposes of the processing,
    • the category of personal data,
    • the categories of recipients to whom your information has been or will be disclosed,
    • the planned storage period,
    • the existence of a right of rectification, erasure, limitation or opposition,
    • the existence of a right of complaint,
    • the origin of your personal data, if it has not been collected by us,
    • and the existence of automated decision making, including profiling and, where appropriate, meaningful information on its details.

In the event of a disproportionately high expense, we reserve the right to demand from you in advance an identity card as well as the assumption of the actual costs.

  • Immediately request the correction of incorrect or incomplete personal data retained by us (Art. 5 para. 2 DSG and Art. 16 DSGVO).
  • To request the deletion of your personal data retained by us, unless processing is necessary for the exercise of the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art. 15 DSG and Art. 17 DSGVO)
  • To demand the restriction of the processing of your personal data if the accuracy of the personal data is disputed by you, the processing is unlawful, but you refuse its deletion and we no longer need the personal data, but you need it to assert, exercise or defend legal claims or you have lodged an objection against the processing pursuant to Art. 21 DSGVO (Art. 15 DSG and Art. 18 DSGVO).
  • To receive your personal data, which you have provided to us, in a structured, common and machine-readable format or to request the transfer to another responsible person (Art. 20 DSGVO).
  • To revoke your consent once given to us at any time. As a result, we may no longer continue the personal data processing based on this consent in the future (Art. 7 para. 3 DSGVO).
  • To complain to a supervisory authority (see above) (Art. 77 DSGVO)
  • Parents (or legal guardians) of persons under the age of 16 can request cancellation or deregistration at any time.

11. Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO if there are reasons for doing so which arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without stating a particular situation.

12. Data Security

We have technical and organizational security procedures in place to safeguard the security of your personal data and to protect your session and personal data against unauthorized or unlawful processing and/or accidental loss, alteration, disclosure or access.

However, you should always be aware that the transmission of personal data via the Internet and other electronic means involves certain security risks and that we cannot guarantee the security of information transmitted in this way.

Your personal data in connection with our website will be transmitted from this website to us SSL-encrypted. We take technical and organizational measures to protect our website from unauthorized access.

If you notice any incidents in connection with our website that appear unusual to you, we would be very grateful if you would notify us immediately.

13. Data Retention Periods

We keep your personal data for as long as the following period:

  • Personal data that we process by law is retained for the statutory period of retention, for example if required by labor, social security or tax law or the Ordinance on Account Books.
  • Personal data that we need to fulfil a contract will be retained for at least the duration of the contract and for a maximum of 10 years thereafter, unless we need the personal data to assert our rights.
  • Personal data that we process to protect our prevailing legitimate interests will be retained for a maximum of 10 years after the end of the contractual relationship, unless we need the personal data to assert our rights.
  • Personal data that we no longer need, will be deleted or destroyed if the purpose of the processing and the processing basis become invalid, unless there is a legal obligation to retain.
  • Parents (or legal guardians) of persons under the age of 16 can request cancellation or deregistration at any time.

14. Timeliness and change of this data protection declaration

We reserve the right to change this Data Protection Declaration at any time or to adapt it to new processing methods. The current data protection declaration can be accessed at any time on the aforementioned websites. Older versions of the data protection declaration are also available here.

Previous Versions:

Zurich, 30 November 2018, Version 1.1