PATRIMONY NOTIFICATION TO CLIENTS AND PROSPECTIVE CLIENTS
Patrimony 1873 SA (“Patrimony” or “we”), as the EFG Group, are committed to protect your Personal Data by complying with bank-client confidentiality as well as data protection laws and regulations.
This Privacy Notice shall provide current and potential clients of Patrimony with an overview of how we process your Personal Data.
This Privacy Notice applies to all clients and prospective clients as well as all counterparties and prospective counterparties of Patrimony and/or legal representatives, beneficial owners, control’s holder, directors, signatories and/or employees of clients and prospective clients as well as all counterparties and prospective counterparties of Patrimony (“you”), who are subject to the provisions of any applicable data protection legislation. This Privacy Notice covers Personal Data that is held electronically and also applies to paper-based filling systems.
(a) Explanation of terms used in this Privacy Notice
Personal Data means information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Special Category Personal Data means information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, biometric or genetic data.
EFG Group means the group of companies composed of EFG International AG and its affiliates (where an “affiliate” of, or a person “affiliated” with, a person is a person that directly, or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with, the person specified and “control,” including the terms “controlling,” “controlled by” and “under common control with,” means the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a person, whether through the ownership of voting shares, by contract, or otherwise).
2. Information and Data Security
It is our policy to protect your right to privacy. We will take all reasonable steps to ensure that adequate technical and operational security measures, confidentiality obligations and compliance procedures are in place to prevent inappropriate access to, disclosure, alteration or deletion of, Personal Data.
In addition, we limit access to your Personal Data to those employees, agents and contractors who have a business need to know. Our agents and contractors will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
3. Types of Personal Data collected
In the course of providing services to you, we may process Personal Data and Special Category Personal Data. This typically includes the following information relating to you:
- Personal contact details such as name, title, addressed, telephone numbers and personal email addresses.
- Date of birth and place of birth.
- Marital status, dependants (name and age) and relations.
- Copies of identification documents, such as passports and driving licenses.
- National Insurance number, social security number or other national/ tax identifier.
- Nationality, tax residence and country of residence.
- Employment details, income and source of wealth.
- Details of investments and assets owned and liabilities.
- Knowledge of and experience in investment matters.
- Personal details of any agent or attorney.
- Credit references.
- Publicly available information on business and personal associates and assets owned.
- Other information from third-party sources, such as wealth screening services, fraud prevention agencies, intermediaries.
- Account numbers.
- Investment holdings.
- Transaction data.
- Records of phone calls.
- Reports and statements.
(a) Information received from you, including:
(b) Information received from third parties, including:
(c) Information specific to our services, including:
(d) Special Category Personal Data
In some cases (where permitted by law), special categories of personal data, such as your political opinions or affiliations, health information, racial or ethnic origin, religious or philosophical beliefs, and, to the extent legally possible, information relating to criminal convictions or offences.
If relevant to the services we provide to you, information about your additional card holders or account holders, business partners (including other shareholders or beneficial owners), dependants or family members, representatives, and agents. Before providing us with this information, you should provide a copy of this notice to those individuals.
4. How we collect your Personal Data
We collect your Personal Data:
- when you seek, or are provided with, information on our services;
- when you apply for our services; and/ or
- throughout your relationship with us.
5. Sources of Personal Data
We collect your Personal Data:
- directly from you, e.g. in application forms and through information provided during the onboarding process, including background and reference checks;
- when it is provided to us by a third party, e.g. credit reference agencies, providers of enhanced due diligence reports and financial intermediaries; and
- when information is created as a result of generally providing services to you.
6. How we use Personal Data
We are a data controller which means that we are responsible for deciding how we hold and use Personal Data about you. We may use your Personal Data before, during and after our relationship ends with you.
- Where we need to perform the contract we have entered into with you or in order to take steps at your request prior to entering into any such contract;
- Where we need to comply with a legal obligation; and
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to protect your interests (or someone else’s interests);
- Where it is needed in the public interest; and
- Where you have given your consent.
- To confirm and verify your identity and credit status in relation to your application or account and, where applicable, conduct an appropriateness assessment.
- To open, administer and operate your account and manage our relationship with you and to provide products or services to you (including carrying out or facilitating any transactions).
- To monitor and analyze the contract for your accounts and relationship with us, to ensure compliance with our internal policies and/ or procedures and to be able to monitor risks and report them.
- To carry out business, operational and administrative activities, including record keeping and audits.
- To carry out other activities, like Risk Management Reports, Corporate finance services, and/or other family office services.
- To assess any credit limit or other credit decision (as well as the interest rate, fees and other changers to be applied to your account).
- To carry out statistical and other analysis (including behavioral analysis).
- To comply with any applicable laws and regulations and /or any voluntary code or industry best practice we reasonably decide to adopt.
- To comply with the request or requirement of any court of any relevant jurisdiction or any relevant tribunal, mediator, arbitrator, ombudsman, taxation authority or regulatory or governmental authority.
- To carry out the detection, investigation and prevention of fraud, tax evasion, money laundering, bribery, corruption, terrorist financing and other crime or malpractice and oversee and report on such detection, investigation and prevention activities.
- For use in connection with any legal proceedings or regulatory action (including prospective legal proceedings/ regulatory action) and for obtaining legal advice or for establishing, exercising or defending legal rights.
- To give you information and marketing (by post, telephone, email or other medium using the contract details you have given us) about events, products and services offered by us which we believe may be of interest to you.
(a) Legal basis for using your Personal Data
We will only use your Personal Data when the law allows us to. Most commonly and depending on the situation in which we will use your Personal Data (see paragraph b below), we will use your Personal Data in the following circumstances:
We may also use your Personal Data in the following situations, which are likely to be rare:
(b) Situations in which we will use your Personal Data
The situations in which we will process your Personal Data are listed below.
(c) If you fail to provide Personal Data
If you fail to provide certain information when requested, we may not be able to enter into a contract with you/ perform the contract we have entered into with you, or we may be prevented from complying with our legal obligations (such as to complete our “know your client” checks). Please note that Patrimony may still process any available Personal Data.
7. Recipients of your Personal Data
We (and those parties to whom Personal Data is disclosed) may disclose Personal Data in the situations described above:
- To any other companies which are at the time of disclosure in the EFG Group;
- To third parties who provide services to us or that act as our agents (or prospective third party service providers or prospective agents). Such service providers and/ or agents may also disclose such information to their service providers or agents. We, or the relevant member of the EFG Group, will take all reasonable steps to ensure that the service provider or agent is subject to appropriate data processing requirements and that they impose such requirements on any of their service providers or agents;
- To third parties in connection with a reorganization (including investment), amalgamation, merger or transfer or sale of all or part of our business, including to any insurers and professional advisors, and any third parties to whom we assign, transfer or charge our interest in any financial product or service provided to you;
- To any court of any relevant jurisdiction or any relevant tribunal, mediator, arbitrator, ombudsman, taxation authority or regulatory or governmental authority;
- To public authorities, regulators or governmental bodies, when required by law or regulation;
- To other financial institutions or organizations, payment recipients, clearing houses, clearing and settlement systems, stock exchanges, credit card associations etc, as the case might be;
- To any guarantor, where your account is backed by a guarantee;
- To our agents, auditors, service providers, and professional advisors (and those agents, auditors, service providers and professional advisors of other companies in the EFG Group) to enable them to process the information in the situations described above as a data processor on behalf of us and/ or as a data controller and to enable them to perform their obligations;
- To insurers and information providers; or
- Otherwise if you consent to such disclosure.
8. Overseas transfers
The Recipients referred to in section 7 above can be located outside of Switzerland and the European Economic Area. In those cases, except where the relevant country has been determined to provide an adequate level of protection, we require such recipients to comply with appropriate measures designed to protect personal data.
9. Retention of Personal Data
We will retain Personal Data for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory, accounting, reporting or internal policy requirements. To determine the appropriate retention period for Personal Data, we consider the applicable legal requirements, as well as the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means.
Further information on the retention periods of Personal Data can be requested from your Client Relationship Officer and/or Data Protection Officer.
10. Your rights and duties
- Request access to your Persona Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
- Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes by writing to your Client Relationship Officer or using any opt-out facility specified by us in the relevant marketing communication.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Data to another party (also known as “data portability”).
- Where we process your personal data on the basis of your consent, withdraw that consent at any time. Please also note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
- In certain circumstances, request not to be subject to automated decision-making, including profiling.
(a) You duty to inform us of changes
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.
(b) Your rights in connection with Personal Data
Under certain circumstances, and subject to applicable law, you have the right to:
If you want to exercise your rights, as per above, please contact your Client Relationship Officer and/ or Data Protection Officer by sending a letter. The exercise of some of these rights may result in Patrimony no longer being able to provide a product or service to you.
Finally, you have the right to lodge a complaint with a supervisory authority.
(c) No fee usually required
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
(d) What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
(e) Queries relating to the processing of your Personal Data
If you have a query regarding the processing of your Personal Data please contact your Client Relationship Officer and/ or the Data Protection Officer.
11. Changes to this Privacy Notice
We reserve the right to update this Privacy Notice at any time, and we will notify you either in writing or by updating this Privacy Notice on our website at: www.patrimony1873.com. We may also notify you in other ways from time to time about the processing of your Personal Data.