Privacy policy
1. What is this privacy policy about?

The Zacharias AG (hereinafter also “we“, “us“) obtains and processes personal data[1] , which concerns you or also other persons (so-called “third parties“). In this privacy policy, we describe what we do with your data when you use https://zacharias.swiss (hereinafter “website”), obtain our services or products, otherwise deal with us under a contract, communicate with us or otherwise deal with us.

If you transmit or disclose data to us about other persons, such as family members, we assume that you are authorised to do so, and that this data is correct. By submitting data about third parties, you confirm this. Please also ensure that these third parties have been informed about this privacy policy.

2. Who is responsible for processing your data?

We are responsible for the data processing described in this privacy policy. You can contact us for your data protection concerns and to exercise your rights pursuant to para. 11. as follows:
Zacharias AG
Spluegenstrasse 6, Switzerland
office@zacharias.swiss
+41 43 344 40 30
responsible person: Agne Mild

3. What data do we process?

We process different categories of data about you. The main categories are as follows:

  • Master and portfolio data such as name, address, date of birth, contract number and duration, documents to establish the customer’s identity, information on the account, custody account, concluded transactions or on third parties such as life partners, authorised representatives and advisors who are also affected by data processing.
  • Residence for tax purposes and any other documents and information relevant for tax purposes.
  • Transaction or order and risk management data such as beneficiary details, mandate details where applicable, details of your assets, investment products, risk and investment profile, fraud.
  • Records of telephone calls between you and us, if applicable.
  • Marketing data such as needs, wants, preferences.
4. For what purposes do we process your data?

We process your data for the following purposes (in addition to those we notify you of separately):

  • Communication with you
  • Contract conclusion/processing with you, your employer and customers
  • Operation of the infrastructure, website, app
  • Marketing (e.g. mailings, with unsubscribe link/option, occasions), relationship management
  • Market analyses, planning, development of products & services, R&D
  • Compliance (adherence to laws, industry standards, directives etc.)
  • Legal procedures, investigations
  • Safeguarding security, access control
  • Management, Risk Management
  • Corporate transactions (e.g. M&A)
  • Media relations, PR, publications
  • Shareholder Services, Investor Relations
  • Training, instruction, further education
  • Fighting crime and fraud
5. On what basis do we process your data?

Depending on the products and services we may provide to you or the purpose for which the personal data is processed, the data processing is based on the following:

  • Entering into, concluding or performing a contract or business relationship with you or for the performance of our obligations under such contract or business relationship.
  • To safeguard our legitimate interests, e.g. statistics, planning or product development, business decisions; monitoring and controlling risks, business auditing; marketing, market research, comprehensive support, advice and information on the range of services, preparation and provision of tailor-made services – insofar as no objection has been made; safeguarding our interests and securing the claims of our company, customers and employees.
  • To fulfil legal or regulatory obligations of our company or the performance of tasks in the public interest.
  • Based on your consent.
6. Who do we disclose your data to?

In connection with our contracts, the website, our services and products, our legal obligations or otherwise to protect our legitimate interests, we also transfer your personal data to third parties, in particular to the following categories of recipients:

  • Service providers (who process your data partly on our behalf, e.g. IT providers, partly on their own responsibility, e.g. banks)
  • Authorities at home and, if applicable, abroad
  • Business partners such as suppliers,
  • Customers, marketing and project partners

[1] Your personal data is any information that relates to you and can identify you directly or indirectly (e.g. via the internet) (e.g. name, email address, telephone number, picture, depending on your profile.

7. Google Fonts

We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.

You do not have to log in or enter a password to use Google Fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account information, while using Google Fonts, will be transmitted to Google. Google records the usage of CSS (Cascading Style Sheets) and the fonts used and stores this data securely.

Google Fonts (formerly Google Web Fonts) is an interactive directory of more than 800 fonts provided by Google LLC for free use. With Google Fonts, we can use fonts on our own website and not have to upload them to our own server. Google Fonts is an important component to keep the quality of our website high. All Google Fonts are automatically optimized for the web and this saves data volume and is a big advantage especially for mobile use. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes visually distort texts or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).

We therefore use the Google Fonts so that we can present our entire online service as beautifully and consistently as possible. According to the Art. 6 para. 1 f lit. f FDPR, this already constitutes a “legitimate interest” in the processing of personal data. “Legitimate interest” in this case means both legal and economic or ideal interests recognized by the legal system.

8. Does your personal data also end up abroad?

Yes, this is possible, to the EEA, but exceptionally to any country in the world (conceivable especially for online services that we use). If this is a country without sufficient data protection, we conclude contracts (so-called EU SCC), but may also rely on consent or transfer data abroad on a case-by-case basis, because it is necessary for the processing of a contract, where it concerns data published by you or it is necessary for legal proceedings abroad.

9. How long do we process your data?

The duration of the storage of personal data is determined by legal retention obligations or the purpose of the respective data processing. As a rule, we store personal data for the duration of the business relationship or the duration of the contract and then for a further five, ten or more years (depending on the applicable legal basis).

10. How do we protect your data?

We take reasonable security measures to maintain the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and to protect against the risks of loss, accidental alteration, unauthorised disclosure or access.

11. What rights do you have?

You have the right to information, correction, deletion, restriction, objection and – if applicable – the right to data portability. Furthermore, you have the right to lodge a complaint with a competent data protection supervisory authority. If you wish to exercise the above rights against us, please contact us in writing, at our premises or, unless otherwise stated or agreed, by e-mail. You will find our contact details in para. 2. In order for us to be able to exclude misuse, we must identify you (e.g. with a copy of your ID card, unless otherwise possible).

Every data subject also has the right to enforce his or her claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

12. Business Transfers

If we, or substantially all of its assets, were acquired, or in the unlikely event that we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us may continue to use your personal information as set forth in this policy.

13. EU General Data Protection Regulation

If the EU General Data Protection Regulation (“GDPR”) is applicable, this should exceptionally be the case for certain data processing activities exclusively for the purposes of the GDPR and the data processing subject to this policy.

14. Can this privacy policy be changed?

This privacy policy does not form part of any contract with you. We may amend this privacy policy at any time. The version published on this website is the current version.

Last updated: 31.08.2023

Menu