Version dated 25 May 2018
Data protection is important to Allgemeines Treuunternehmen and accordingly, in this privacy policy we explain how we collect and process what personal data (i.e. data that refers to a specific or determinable person such as name, address, nationality, E-mail address, interests and hobbies, user behaviour on websites). This privacy policy is based on the General Data Protection Regulation of the European Union (GDPR).
1 Controller, data protection officer and representative
(1) Allgemeines Treuunternehmen, Aeulestrasse 5, 9490 Vaduz, is the controller.
(2) The contact information of the data protection officer is as follows: datenschutzbeauftragter@atu.li, +423 237 34 34.
2 Collection of personal data and purposes of the processing
(1) We restrict the processing of personal data primarily to personal data that we receive in connection with our services and products from our clients, our collaboration partners or other persons involved, or which we collect on our website or applications from the users.
(2) In particular, we collect the following personal data from you on a case-specific basis and depending on the purpose (see below):
- Salutation/title
- Given name, family name
- Address
- E-mail address
- Telephone number(s)
- Date of birth
- Nationality
- Hobbies/personal interests
- Tax identification number
- Bank data
- Family circumstances
(3) In addition, if permitted and appropriate, we obtain and process other data from publicly accessible sources (e.g. land register, commercial register, the media, the Internet, World-Check database) on a case-specific basis, or receive such data from other Group companies (e.g. banks, asset managers or auditors), from authorities and institutions, from your personal environment such as family, legal advisors or other third parties.
(4) We require this data, in particular, to serve the following purposes:
- to identify you as a client or collaboration partner or user of our website
- to correspond with you
- to carry out our due diligence obligations
- to comply with other legal provisions
- to conclude and process service agreements, e.g. instructions regarding formation, mandate agreement, asset management agreement
- to conclude and process purchase and sale agreements, e.g. for the purchase of products from suppliers or sale to interested parties
- to render invoices
- to provide other services from our company or, if applicable, in collaboration with third parties
- to provide you with the best possible and customised services, and to further develop our service and product offers
- to communicate with third parties
- to evaluate and respond to applications
- to promote and market our services and products (provided you have not indicated that you object to the use of your data for this purpose)
- to enforce our legal claims or generally defend our position
- to ensure our operation generally (e.g. IT, website, apps)
- to conduct video monitoring as a security component for access management (including visitor lists or other access controls)
- to ensure additional security aspects
(5) We only process your personal data if we have a legal (e.g. due diligence obligation) or contractual (e.g. instructions regarding formation) basis to do so, or the data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. We only process data apart from this if you have given your consent and have not withdrawn such consent or if a legitimate interest on our part takes precedence (e.g. continuing to send newsletters to existing clients provided that here too, consent has not been withdrawn). Consent may be withdrawn at any time.
(6) Your data is not subject to an automated evaluation process pursuant to Art. 22 GDPR. If such a process should be used in an individual case, we shall inform the person affected to the degree provided by law.
3 Recipients of personal data and data transmission abroad
(1) We only transfer your personal data to recipients or third parties in line with the above-described purposes, insofar as permitted and appropriate. Third parties may, in particular, include:
- Group companies
- Service providers such as banks, asset management companies, insurance companies, IT providers, printing companies
- Suppliers, distributors, transport companies, subcontractors or other collaboration partners
- Authorities, government institutions, courts
- Associations, public interest institutions
(2) Any such data transfer is based on either a legal obligation (e.g. data transmission in the course of the automatic exchange of information), performance of a contract (e.g. asset manager abroad), your consent, a public interest or on the basis of a legitimate interest on our part, unless your interests or fundamental rights and freedoms in relation to the protection of personal data take precedence.
(3) Recipients may be at home or abroad. In particular, we would like to point out to you that we may exchange personal data within our Group companies or transmit personal data to countries in which service providers are located from which we obtain services (e.g. Microsoft).
In case of recipients outside our company in the EU/EEA or in countries which are recognised as having adequate data protection (e.g. Switzerland), we ensure data protection by concluding, if necessary and appropriate, contract data processing agreements. If we transmit personal data to third countries without adequate legal data protection, we ensure, in accordance with legal requirements, an adequate level of protection based on, for example, EU standard contractual clauses or other instruments (e.g. binding corporate rules, US Privacy Shield Framework).
4 Use of our website
In addition to the above stated, we inform you as follows on the use of cookies, analytics/tracking or other technologies in connection with the use of our website:
(1) If the website is used for merely informational purposes (i.e. if you do not log in, register or otherwise transmit information), we do not collect any personal data with the exception of data that your browser transmits to enable you to use the website. This may include, in particular, the following data:
- IP address
- Date and time of the query
- Time zone difference relative to Greenwich Mean Time (GMT)
- Contents of the request (specific page)
- Status of access/HTTP status code
- Volume of data transferred each time
- Website from which the request is made
- Browser used
- Operating system and its interface
- Language and version of browser software
(2) Our website uses cookies. These are small text files that are stored on your terminal with the help of the browser. Cookies do not cause any damage.
We simply use them to make our offers more user-friendly. Some cookies remain stored on your terminal until you delete them. They enable us to recognise your browser when you next visit.
If you do not wish this, you may set your browser to notify you on the placement of any cookies and to enable you to accept them on a case-by-case basis only. However, we would like to point out that in this case, you may potentially not be able to use all of the functions of our website.
(3) On our website, we use Google Analytics. Google Analytics is a web analysis service provided by Google Inc. in the USA and it uses cookies. Web analysis entails eliciting, collecting and evaluating data on the behaviour of users on websites. A web analysis service records data such as which website a data subject accessed before moving to another, which subpages of the website were accessed, and how often and for what length of time a subpage was viewed. A web analysis is used mainly to optimise a website and for a cost-benefit analysis of Internet advertising.
The purpose of Google Analytics is to analyse the stream of visitors on our website. Among other things, Google uses the data and information collected to evaluate the use of our website, to compile online reports for us which show the activities on our website and to provide additional services in connection with the use of our website. Google may combine your behaviour with other websites visited by you. If you are a registered customer of Google, Google will recognise you accordingly. Google’s privacy policy will apply for any further processing of personal data. Personal information such as time of access, location from which access was made and the frequency of visits to our website by the data subject is stored using cookies. On every visit to our website, this personal data, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the USA. Under certain circumstances, Google forwards this personal data, collected through the technical process, to third parties.
As mentioned above, the data subject can prevent the placement of cookies through our website at any time by using a corresponding setting in the Internet browser used, and thereby permanently object to the placement of cookies. Any such setting in the Internet browser used may also prevent Google from placing a cookie on your device (e.g. computer, notebook, tablet). In addition, a cookie already placed by Google Analytics may be erased at any time using the Internet browser or other software programmes.
For more information, please go directly to Google, in particular to the following links:
(4) If you complete a contact form or send us an email or another type of electronic message, your information will be used solely for the processing of your enquiry and any possible further associated questions and saved and processed only within the framework of the enquiry. Once your enquiry has been dealt with, we will delete your email address.
5 Data protection in the case of applications and in the application process
(1) We collect and process personal data from applicants for the purpose of carrying out the application process. Processing may be made on paper or also electronically by e-mail. If the process results in conclusion of an employment contract with an applicant, the personal data received to conclude the employment relationship will be processed in compliance with the legal requirements. Otherwise, the application documents will be erased three months following a rejection, unless there are legitimate interests on our part for not erasing the documents, such as in connection with a burden of proof in relation to equal treatment.
(2) By transmitting your application documents to us, you agree that your personal data, such as name, title, address, telephone number, date of birth, education, professional experience, salary expectations as well as any data and images that may be included in your covering letter, CV, your letter of application, your references or other documents and certificates sent to us, will be processed for the purposes of our personnel selection.
(3) Your data is not forwarded to third parties without your consent. No automated decision making is carried out pursuant to Art. 22 GDPR. The data processing is carried out on the basis of the statutory provisions of Art. 6 para. 1 (a) (consent) and (b) (required to fulfill the contract) GDPR.
6 Storage period
As a general rule, we store your personal data for only as long as it is necessary for the purposes for which it was collected in accordance with this privacy policy. However, there may be cases where we are required by law or for evidence purposes within the framework of the statute of limitation to store certain data for a longer period of time. In such cases, we ensure that your personal data is handled in accordance with this privacy policy throughout the entire period. Once the business relationship has come to an end, this data is stored on the basis of the statutory provisions (PGR, SPG) for at least 10 years.
7 Your rights
(1) You have the right to request information from us at any time and free of charge about your personal data stored with us, as well as its origin, recipients or categories of recipients to which this personal data is forwarded, and the purpose of its storage.
(2) You further have the right to request at any time that we rectify, erase – to the extent permissible by law –, or restrict the processing of your personal data. You also have the right to data portability.
(3) In addition, you have the right to object at any time to the processing of your personal data by us.
(4) If you have given us your consent to use your personal data, you may withdraw this consent at any time without having to provide reasons.
(5) You also have the right to directly submit a complaint to the Federal Data Protection and Information Commissioner (FDPIC – https://www.edoeb.admin.ch/edoeb/en/home.html).
(6) If you would like to assert the above rights, please contact the address indicated in paragraph 1.
8 Data security
We provide for the latest technical measures to ensure data security, in particular to protect your personal data against risks in the case of data transmission and against the risk of third parties gaining knowledge of your personal data. These measures are continuously adapted to correspond to state-of-the-art technology.
9 Amendments
As part of the technical development of our range of services and the legal framework, we will amend our privacy policy on a regular basis. Amendments to the privacy policy will be published on our website. Therefore, please periodically read the most recent version of this privacy policy. Subject to the applicable legislation, all amendments to the privacy policy enter into effect as soon as the updated privacy policy is published. If we have already recorded data about you and/or are subject to a legal duty to provide information, we will notify you, in addition, about any major changes to our privacy policy and ask for your consent if this is required by law.