The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the applicable country-specific data protection provisions. By means of this data protection declaration, Cape Capital AG informs about the type, scope and purpose of the personal data collected, used, and processed. Furthermore, data subjects are informed of their rights by means of this data protection declaration.
Cape Capital AG’s data protection declaration is meant to be easy to read and to understand for the public as well as for our clients and business partners. Therefore, please read as following the explain the terms used:
2.1. Personal data
Any information relating to an identified or identifiable natural person.
2.2. Person concerned
Natural person about whom personal data is processed.
Any handling of personal data, regardless of the means and procedures used, the acquisition, storage, retention, use, modification, disclosure, archiving, deletion or destruction of data.
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, to analyze or predict aspects relating to that natural person’s job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.
Private person or federal body that alone or together with others decides on the purpose and means of processing.
2.6. Order processor
Private persons or federal bodies that process personal data on behalf of the data controller.
3. Name and address of the responsible person
The responsible person is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. The responsible person within the meaning of the Swiss Federal Act on Data Protection (FADP) is:
Cape Capital AG
4. Data processing framework
4.1. Categories of data processed and origin
Cape Capital AG collects and processes personal data that is received during our business relationship with our clients. In principle, as little personal data as possible is processed. Depending on the groups of persons, the data processed may differ. Personal data can be collected or (further) processed in every phase of a business relationship, from the initiation of the business to the termination of the business relationship.
In addition to customer data, Cape Capital AG may also process personal data of other third parties involved in the business relationship.
By personal data the following categories of data are meant:
- Identity information (e.g. name, nationality, place of birth, date of birth, gender)
- Contact information (e.g. e-mail address, company, phone number)
- Tax information (e.g. tax identification number, tax status)
- Information on family situation (e.g. marital status, number of children);
- Legitimation data and authentication data (e.g. ID card or passport)
- Data from the fulfillment of contractual obligations
- Information about the financial situation and professional background
- Technical data (e.g. IP address)
Cape Capital AG processes personal data from the following sources:
- Personal data that Cape Capital AG receives from a client or business partner by means of submitted contracts, forms, correspondence, or other documents.
- Personal data that is generated or transmitted because of the use of products or services.
- Personal data that is permissibly transferred to us by third parties, by public bodies (e.g. sanctions lists of Switzerland, the UN and the EU) or by other companies (e.g. for the execution of orders or the fulfillment of contracts).
- Personal data – to the extent necessary to provide the service – that Cape Capital AG has permissibly obtained from publicly available sources or other sources, such as databases used to verify and monitor business relationships (e.g., judicial, regulatory, or administrative actions, memberships and offices).
4.2. Legal bases and processing purposes of personal data – if legal bases are required under the FADP:
- In contrast to the General Data Protection Regulation (GDPR) in the European Union (EU), no legal basis is required according to the FADP for the processing of personal data, if the data is processed in accordance with data protection principles. In the case that da-ta protection principles are not applied or if personal data is processed against the will of the data subject or if third parties are provided with particularly sensitive personal data, a so-called justification is required.
- For the processing of personal data to fulfil a contract (such as the provision of financial services) to which the data subject is a party. The same applies to such processing opera-tions that are necessary for the performance of pre-contractual measures, such as in cas-es of inquiries about our services.
- For the legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax, supervisory or money laundering obligations.
- Processing operations not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of Cape Capital AG or a third party, provided that the interests, fundamental rights and freedoms of the client or business partner are not overridden. Such legitimate interests include the following processing activities:
- Adverising measures
- Transmission of data for internal administrative purposes
Cape Capital AG also collects personal data from publicly available sources for the purposes of customer acquisition and money laundering prevention.
In some cases, the legal basis for processing operations is consent for a specific processing purpose.
4.3. Use and storage of personal data
4.3.1 Data sharing
Access to data may be granted both to bodies within and outside Cape Capital AG. Within Cape Capital AG, only offices or employees may process your data if they need it to fulfill our contractual, legal and supervisory obligations and to protect legitimate interests.
If business areas and services are outsourced in whole or in part to service providers outside Cape Capital AG or if they provide services (such as printing and dispatch of documents, IT systems and other support functions), this is done in accordance with the applicable legal provisions. All external service providers or vicarious agents to whom personal data is transferred are contractually obligated to maintain data protection, to process your data only in the context of providing the service, and to comply with data protection instructions and legal requirements. Order processors may be companies in the categories of banking services, sales agreements, IT services, logistics, printing services, telecommunications, debt collection, consulting and advisory services, and sales and marketing.
4.3.2 Data deletion and storage
We process and store your personal data for the duration of the entire business relationship, i.e. from the initial initiation to the termination of the contract. After termination of a contract and thus with the discontinuation of the purpose of storage, the duration of storage is determined based on statutory retention and documentation obligations such as the 10-year retention obligation for financially relevant accounting records and related business correspondence.
4.3.3 Automated decision making including profiling
As a matter of principle, Cape Capital AG’s decisions are not based exclusively on automated processing of personal data. Cape Capital AG does not use automated decision-making for the establishment and implementation of the business relationship nor does Cape Capital AG use profiling measures.
5. Rights and duties
5.1. Available privacy rights
5.1.1. Right to confirmation
The client and/or business partner has the right to request confirmation as to whether personal data relating to the client and/or business partner is being processed. If the client and/or business partner wishes to exercise this right of confirmation, please contact us.
5.1.2. Right to information
The client and/or business partner has the right to obtain information about the personal data stored and a copy of this information. This right to information includes the following information:
- the identity and contact details of the person
- the processed personal data as such
- the processing purpose
- the retention period of the personal data or, if this is not possible, the criteria for determining this period
- the available information on the origin of the personal data, insofar as it has not been obtained from the data subject
- where applicable, the existence of an automated individual decision and the logic on which the decision is based
- if applicable, the recipients or categories of recipients to whom personal data are disclosed, as well as information if personal data are processed by a processor.
Furthermore, the client and/or business partner has the right to be informed whether personal data has been transferred to a third country or to an international organization. If this is the case, the client and/or business partner has also the right to obtain information about the appropriate safeguards in connection with the transfer.
5.1.3. Right to data portability
The client and/or business partner has the right to receive the personal data concerning the client and/or business partner provided in a structured and machine-readable format. The client and/or business partner has the right to have this data transferred to another responsible person by the responsible person to whom the personal data has been provided, provided that the processing is based on consent or on a contract and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible person.
5.1.4 Other rights
In addition to the right to information and the right to data portability, the client and/or business partner has the right to request the correction, destruction or restriction of the processing of personal data as well as to object to the processing of personal data. If the processing of personal data is based on consent, the client and/or business partner can revoke this consent at any time.
5.2. Exercise of rights
Cape Capital AG accepts requests for information in writing, together with a clearly legible copy of a valid official form of identification (e.g. passport, identity card, driver’s license).
The client and/or business partner can exercise other rights, such as the right to rectification, the right to erasure, the right to restriction of processing, and – where applicable – the right to data portability, by sending Cape Capital AG a notification to this effect.
6. Right of complaint to the supervisory authority
The client and/or business partner has the right to file a complaint with a supervisory authority, in particular at the clients and/or business partners place of residence, place of work or at the place of the alleged violation of the data protection provisions.
Competent supervisory authority for Switzerland:
Federal Public Information and Data Protection Commissioner, FDPIC
Phone: +41 58 462 43 95
7. Obligation to provide personal data
Cape Capital AG informs the client and/or business partner that the provision of personal data is partly required by law (e.g. tax regulations, money laundering prevention, etc.) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, to conclude a contract, it may be necessary for the client and/or business partner to provide Cape Capital AG with personal data that must subsequently be processed by Cape Capital AG. For example, the client and/or business partner is obliged to provide Cape Capital AG with personal data if Cape Capital AG concludes a contract with the client and/or business partner. Failure to provide the personal data would mean that the contract could not be concluded.
The client and/or business partner are not obliged to give consent to data processing with regard to data that is not relevant for the performance of the contract or not required by law and/or regulation.
8. Contact form and contact via e-mail
The website of Cape Capital AG contains information that enables a quick electronic contact to Cape Capital AG as well as an immediate communication with Cape Capital AG, which also includes a general address of the so-called electronic mail (e-mail address). If the client and/or business partner contacts Cape Capital AG by e-mail or via a contact form, the personal data the client and/or business partner provides will be stored automatically. Such personal data transmitted on a voluntary basis will be stored for the purpose of processing or contacting the client and/or business partner. This personal data will not be passed on to third parties.
9.1. Why are cookies used?
9.2. What are cookies?
Cookies are text files that are stored on the client and/or business partners electronic device to track use of the Electronic Services and preference settings as the client and/or business partner navigates between web pages and, if necessary, to remember settings between the client and/or business partners visits. Cookies help the developers of the Electronic Services compile statistical information about the frequency of visits to certain areas of the Website and help them make the Electronic Services more useful and user-friendly. A cookie contains a characteristic string of characters that allows the browser to be uniquely identified when you return to the website.
9.3. What categories of cookies are used?
9.3.1. Technically necessary cookies
These cookies are necessary for our website to function properly. They allow you to browse our website and use its features. Our website cannot function properly without these cookies.
9.3.2. Analysis / performance cookies
These cookies help us to understand how visitors behave on our website by providing us with information about which areas have been visited, how long someone has stayed in that area, and what problems have occurred. This helps us to improve the performance of our website.
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics sets several cookies to limit the request rate as well as to register a unique ID that is used to generate statistical data on how the visitor uses the website. The client and/or business partner can prevent the transmission of the data generated by the cookie and related to the use of the website to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. In addition, you can manage your browser settings (see below).
9.4. How to manage cookie settings
Although this may change in the near future, please note that most Internet browsers automatically accept cookies. The client and/or business partner can configure the browser that no cookies are stored on the electronic device, cookies can only be accepted by certain websites or there is always a notice before the receipt of a new cookie. If cookies are deactivated for Cape Capital AG’s website, it may no longer be possible to fully use all the functions of the website.
This privacy statement may be amended over time as Cape Capital AG’s changes data processing practices or new legislation becomes applicable.