1. Name and address of the data controller
The controller within the meaning of the Swiss Federal Act on Data Protection (“FADP”) and/or the EU General Data Protection Regulation (“GDPR”) is:
For data privacy:
2. General information on data processing
2.1 Scope of the processing of personal data
Fides Treasury Services AG (hereinafter referred to as “Fides” or “we”) only collects and uses personal data of the users of this website (hereinafter “you”) insofar as this is necessary for the provision of a functional website as well as for the provision of the relevant content and services of FIDES.
Data we process about you may include: Your IP-address, indications on the devices you use (if available) and/or name and contact details (for example name, address, phone number or email address) if you contact us via contact request form or per e-mail.
We use your personal data:
- to provide and improve our websites, including monitoring and evaluating its use (see below for more detailed information);
- to promote our services, including by sending alerts, updates, event invitations and/or marketing messages to you;
- to comply with our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims.
2.2 Who we may share your personal data with
We may share your personal data with trusted third parties. For the purposes set out and where necessary, we may share personal data with courts, regulatory authorities, government agencies and law enforcement agencies. While it is unlikely, we may be required to disclose your information to comply with legal or regulatory requirements. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so.
2.3 Countries we transfer your personal data to
We may transfer your personal data to recipients abroad, including in countries that do not provide the same level of protection as your jurisdiction. Before we do so we will implement appropriate measures to protect your personal data, for example by requiring the recipient to agree to data processing agreements (if you would like to receive a copy of these agreements, please contact us at the address indicated above. These agreements are usually based on the EU standard clauses, which you may review here). We may also transfer personal data with your explicit consent and in certain other situations as permitted by applicable law. Your personal data is resp. may be stored in the following territories: Switzerland, European Union, India.
2.4 How we protect your personal data
We use various technical and organizational measures to help protect your personal data from unauthorized access, use, disclosure, alteration or destruction.
2.5 Legal basis for the processing of personal data
In General the processing of personal data has its legal basis in the relevant law applicable, i.e. either the FADP and/or the GDPR.
If and to the extent that the FADP is applicable, the basis of our processing activities is Art. 4 FADP (Art. 6 of the revised FADP, entry into force September 2023), i.e., our processing is made transparent before collecting and processing your data and will only be conducted in line with the principles established such as lawful data collection, proportionality and purpose limitation. If and to the extent required, our data processing activities are further legitimate since (i) required for the execution of a contract (provision of services), (ii) you may have given your consent to it from time to time and (iii) we may have legitimate interests in the processing of your data.
If and to the extent that the GDPR is applicable: Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para 1 lit. a GDPR provides the legal basis for the processing of personal data. Art. 6 para. 1 lit. b GDPR provides the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary in order to carry out pre-contractual measures. Insofar as the processing of personal data is required in order to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR provides the legal basis. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR provides the legal basis. If processing is necessary in order to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR provides the legal basis for processing.
2.6 Data erasure and storage period
The personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to exist, subject to statutory retention periods under applicable law. Furthermore, data may be stored if provided under Swiss law to which the controller is subject. The data will also be erased or deleted if a statutory retention period prescribed expires, unless there is a further need for the continued storage of the data (e.g. for the conclusion or fulfilment of a new contract or other statutory obligations under Swiss Law).
3. Provision of the website and creation of log files
3.1 Description and scope of the data processing
We or vendors on our behalf also collect certain information by automated means when you visit the Websites. The personal information collected may include usage information, such as the numbers and frequency of users to the Websites, pages visited, social networking activities; device information, such as operating system, browser type, and IP address; and similar data.
The data is also stored in the log files of our system. The legal basis for the temporary storage of the data and the log files is Art. 45c of the Swiss Federal Act on Telecommunications (“FAT”), Art. 4 and Art. 12 FADP (Art. 6 and Art. 30 of the revised FADP, entry into force September 2023) and, if and to the extent applicable, Art. 6 para. 1 lit. f GDPR.
3.2 Purpose of data processing
The temporary storage of the IP address by the system is necessary in order to enable the website to be delivered to the user’s computer. For this reason the IP address of the user must remain stored for the duration of the session.
The data is stored in log files in order to ensure the functionality of the website. In addition, the data help us to optimize the website and to ensure the security of our information technology systems. Data collected in this way will not be evaluated for marketing purposes. These purposes can also be considered our legitimate interest in data processing according to Art. 12 FADP (Art. 30 of the revised FADP, entry into force September 2023) and, if and to the extent applicable, Art. 6 para. 1 lit. f. GDPR.
3.3 Duration of storage
The data will be erased as soon as they are no longer required in order to achieve the purpose for which they were collected. Where data is collected for the provision of the website, this occurs when the respective session ends.
3.4 Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely essential for operation of the website. The user consequently has no right to object.
4.1 Description and extent of the data processing
4.2 Purpose of the data processing
Technically necessary cookies are used in order to make it easier for the user to browse the website. Some of the functions of our web pages may not be available unless cookies are used. For these functions it is essential that the browser is detected again after the user has visited another page.
We need cookies for the following purposes:
(1) Applying language settings
(2) Storing search terms
The user data collected by technically necessary cookies will not be used in order to create user profiles.
4.3 Duration of storage, right of objection and removal
The transmission of flash cookies cannot be disabled by settings on the browser, but may be disabled by changes to the Flash Player settings.
5. Contact forms and email contact
5.1 Description and extent of the data processing
Our website provides for contact forms that can be used to make contact electronically with us. If a user makes use of this option, the data entered in the input screen will be transmitted to us and stored.
The following data will also be saved at the time the message is sent:
(1) The IP address of the user;
(2) The date and time of registration;
(3) The input at Google ReCaptcha.
Alternatively, you can make contact using the email addresses provided by us, namely: firstname.lastname@example.org. In this case the user’s personal data provided with the email will be stored in our systems.
Data provided in this context will not be forwarded to third parties but will only be used for the purposes of processing the conversation.
The legal basis for the processing of the data is Art. 4 FADP (Art. 6 of the revised FADP, entry into force September 2023) and/or Art. 12 FADP (Art. 30 of the revised FADP, entry into force September 2023) and, if and to the extent applicable, 6 para. 1 lit. a GDPR, if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
5.2 Purpose of the data processing
We process the personal data provided by you in the input screen solely in order to handle the contact request. In the case of contact by email, this also establishes the necessary legitimate interest for us in processing the data. The other personal data processed during the send process is used to prevent any misuse of the contact form and ensure the security of our information technology systems.
5.3 Duration of storage
The data will be erased as soon as they are no longer required in order to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and the personal data that was sent by email, this is the case when the respective conversation with the user has ended. The conversation has ended if the circumstances suggest that the relevant matters have been finally clarified.
5.4 Possibility of objection and removal
The user has the possibility at any time to withdraw its consent to the processing of its personal data. If the user makes contact with Fides by email, he may at any time object to the storage of its personal data. In such a case the conversation cannot be continued.
The notice of objection must be sent to email@example.com. In this case personal data stored in the course of contacting us will be erased.
6. Web-tracking services
6.1 Description and extent of the data processing
We are constantly aiming at enhancing our website. For this reason, we collect information through the website in an anonymised form, i.e. domain name, tracking the pages you visit and the time spent on pages. Among others, Google Analytics supports us in this regard. They collect and process information through your browser when visiting this website. The user usually consents when visiting our website by accepting our Cookie Banner. The information generated by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there. We use the version of Google Analytics 4 where IP-addresses of users are anonymized by default. Data transfers to Google in the USA are based on the standard contractual clauses of the EU Commission. Details can be found here: https://business.safety.google/compliance/. Further information about Google’s use of your anonymized IP-addresses can be found here: https://support.google.com/analytics/answer/6004245?hl=en.
6.2 Purpose of the data processing
The respective information is used for statistical and marketing purposes only and is not disclosed to third parties (except Google Inc.).
6.3 Duration of storage
The data will be erased as soon as it is no longer required in order to achieve the purpose for which they were collected. The data may also be stored without timely limitation, if it is only stored in an anonymized manner.
6.4 Possibility of objection and removal
7.1 Description and extent of the data processing
Our website uses social media plugins (“plugins”) from social networking sites such as Linkedin, XING etc. If you access our website using such a plugin, your browser will contact the server of the underlying social networking site, load the visual presentation of the plugin, and present it to you. While this is happening, the social networking site receives information concerning your visit to our website, as well as further data such as your IP address.
We have no influence on the amount of data that social networking sites collect via an active plugin. For more information, please consult the relevant data privacy notice under the following hyperlinks:
7.2 Purpose of the data processing
The respective plugins are provided in order for visitors of this website to voluntarily follow us on the respective social networks. The legal basis for the processing of data after consent of the user is Art. 4 and/or 12 FADP (Art. 6 and/or 30 of the revised FADP, entry into force September 2023) and, if and to the extent applicable, Art. 6 para. 1 lit. a. GDPR.
7.3 Duration of storage
For the duration of storage of the data processed via the social media plugins please refer to the data privacy notices of the respective social media providers above. We do not process such data itself.
7.4 Possibility of objection and removal
As to the possibility of objection and removal please refer to the data privacy notices of the respective social media providers above. We do not process such data itself.
For online marketing activities, we use HubSpot. This is an integrated software solution with which we cover various aspects of our online marketing, including Content management (website and blog), Email marketing (newsletters and automated mailings, for example for the provision of downloads), Reports and Analytics, Contact management (CRM), Landing pages and contact forms.
The legal basis of our processing activity is Art. 4 and 12 FADP (Art. 6 and 30 of the revised FADP, entry into force September 2023). We have a legitimate interest in the most efficient user communication possible. To the extent applicable, our use of HubSpot is also based on Art. 6 para. 1 lit. f GDPR. If a corresponding consent was requested, the processing is based on Art. 6 para. 1 lit. a GDPR, insofar as the consent includes the storage of cookies or access to information in the user’s device. The consent can be revoked at any time.
9. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the FADP and/or the GDPR and you have the following rights granted by the GDPR vis-à-vis the controller:
- right of information on your data stored by us and the processing thereof, Art. 8 FADP (Art. 25 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 15 GDPR;
- right of access, especially regarding the existence of automated individual decision-making including profiling in accordance with Art. 14 FADP (Art. 19 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 22 para. 1 and para. 4 GDPR;
- right to rectification of inaccurate personal data, Art. 5 and Art 15 FADP (Art. 6 para. 5 and Art. 32 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 16 GDPR;
- right to deletion of your data stored by us, Art. 4 and Art. 15 FADP (Art. 6 and Art. 32 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 16 GDPR;
- right to restriction of the processing, provided that we may not delete your data due to legal obligations, Art. 15 FADP (Art. 32 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 18 GDPR;
- right to objection to the processing of your data with us, Art. 15 FADP (Art. 32 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 21 GDPR;
- right to revoke your consent on data processing at any time, Art. 12 FADP (Art. 30 of the revised FADP, entry into force September 2023) and/or, if and to the extent applicable, Art. 7 and 13 GDPR; and
- data portability, provided that you have consented to the data processing or have entered into a contract with us, Art. 28 of the revised FADP (entry into force September 2023) and/or, if and to the extent applicable, Art. 20 GDPR.
10. Right to lodge a complaint with a supervisory authority
In Switzerland, you have the right to notify a supervisory authority on our data processing activities. The supervisory authority in Switzerland is:
Office of the Federal Data Protection and Information Commissioner (FDPIC)
CH – 3003 Berne
Phone: +41 (0)58 462 43 95 (mon.-fri., 10-12 am)
Fax: +41 (0)58 465 99 96
The EDÖB has no direct judicial or enforcement powers, but he may inquire and assess data processing activities, give recommendations to us and/or seek enforcement via the judicial court path.
Should you be a resident in an EU-Member State, you have the right to lodge a complaint with a supervisory authority, in particular in the EU-Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
In such a case, the supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
11. Disclaimer, links to third-party websites
This Privacy Statement applies only to website owned and controlled by us and not to websites owned by third parties.
Our website contains links to third-party websites (so-called “external links”), over whose content we have no influence. For this reason we cannot accept any liability for the content and privacy standards of these websites. External links are provided solely as a service to you. We endeavor to ensure that such websites meet the highest standards. The respective provider or operator of the websites is always responsible for the content and the privacy standards of the linked websites. The inclusion of external links does not imply that we adopt the content behind the external link as our own. The use of external links is at your own risk.
12. Updates and Versions