Privacy Statement

Privacy Statement (update May, 2018)

The protection of any data provided via our inquiry/subscription forms and our Client Portal registration forms is very important to MAM. We collect and process personal data carefully, only for the purposes described in the Data Protection Declaration below and only to the extent necessary as defined therein, within the scope of the applicable legal regulations. We only store your personal data to the extent and as long as it is required for the performance of our services and/or as legally obligated.

DATA PROTECTION DECLARATION
1.General

This data protection declaration explains how MAM will process personal data. “Personal data“ means all details related to a specific or identifiable natural or legal person. “Processing“ means all ways of dealing with personal data, irrespective of the means and procedures used, in particular procuring, storing, using, revising, disclosing, archiving and destroying of personal data. In connection with specific kinds of data processing, e.g. the entry into contracts, additional provisions might apply.  Such provisions are available in the respective contracts.

2. Data security

We protect your personal data by means of appropriate technical and most modern security measures and store it solely on our secure proprietary servers. The websites have state of the art protection against loss, destruction and manipulation by unauthorised persons. Especially sensitive data (e.g. access data for your profile account) is encrypted during transmission via the internet (SSL) and also stored encrypted in our database.

However, MAM does not assume any guarantee for the security of your data. It is your responsibility to make an up-to-date back-up of the transferred data at all times and store it separately from the website. Clients with access to our Client Portal are responsible for creating a secure password, keeping it safe and additionally applying the mandatory and safest possible method of multi-factor authentication.

3. Use of the website and cookies

You can visit the website and obtain information about our products and services without disclosing personal data. We only request personal data where required for the performance of our own services and for the processing of requests that you make via this website.
Once a visitor of this website decides to proceed with an account opening registration via our Client Portal, we require more personal data in order to comply with Anti Money Laundering legislation. Matterhorn Asset Management is regulated under Swiss law.
When you access our websites, our system automatically records technical information about the computer accessing it. The data collected is information about the browser type and the version used, the operating system, the internet provider and the IP address of the user, the date and time of access, the websites from which the user’s system obtains access to our website, and the websites accessed by the user’s system via our website. MAM also uses so-called browser cookies to make it easier and quicker to use the GoldSwitzerland.com website. These cookies are anonymous and only reside on visitor side without any reference to personal data. Cookies are browser dependent and can be easily deleted at all times.

4. Storage of customer data

For compliance reasons, MAM is required to securely store personal data collected from customers for 10 years after the last processing operation. We store other data as long as is necessary for the execution of a contract and to safeguard your and our rights.

4.1.Categories of personal data

We can process the following categories of personal data while limiting the processing to the necessary minimum.

Client data such as:

  • Master data and data on holdings (e.g. name, address, nationality, date of birth, information about accounts, custody accounts, concluded transactions and contracts, information about third parties who are also affected by the data processing, such as spouses, authorized representatives and advisors)
  • Transaction data, order data, and risk management data (e.g. data regarding beneficiaries of payments, the beneficiary’s bank, the amount of payments, data on risk and investment profiles, investment products)
  • Technical data (e.g. business numbers, IP addresses, internal and external identifiers, records of access).
  • Marketing data (e.g. preferences, needs)

Data of interested parties and visitors (i.e. our visitors or visitors of our website) such as:

  • Master data and data on holdings (e.g.name, address, date of birth)
  • Technical data (e.g. IP addresses,internal and external identifiers, records of access)
  • Marketing data (e.g. preferences, needs)

Supplier data such as:

  • Symbol;Master data and data on holdings (e.g. name, address, date of birth, concluded transactions and contracts)
  • Technical data (e.g. IP addresses,internal and external identifiers, records of access)

4.2 Origin of personal data

For the purposes of paragraph 4.3, we can collect personal data from the following sources:

  • Personal data given to us, e.g. for the entering into a business relationship, the execution of contracts, or our products and services
  • Personal data necessary for the use of products or services and transmitted to us via the technical infrastructure or complex processes
  • Personal data from third parties, e.g.authorities or UNO/EU sanction lists

4.3 Purposes of data processing

We can process personal data for the provision of own services and for own or legally prescribed purposes. In particular, the purposes of our data processing are the following:

  • Entering into and executing of contracts, processing and managing products and services (e.g. payments, investments)
  • Monitoring and managing risks (e.g. investment profiles, combating of money laundering, limits, market risks)
  • Planning, business decisions (e.g. developing of new or assessing of existing services and products)
  • Marketing, communication, information about and review of the range of services (e.g. advertisements in print and online; events for clients and interested parties as well as other events,determination of future client needs)
  • Compliance with legal or regulatory disclosure, notification or reporting obligations to courts and authorities, fulfilment of official orders (e.g. reporting obligations towards FINMA and foreign supervisory authorities, orders of prosecution departments in connection with money laundering and terrorist financing)
  • Protecting our interests and securing our rights in case of claims against us or own claims against third parties

5. Disclosure to third parties, categories of recipients

We may disclose client data to the following third parties in the following cases:

  • For outsourcing activities according to section 7 and for the purpose of comprehensive customer service to third party service providers
  • For the execution of orders, i.e. when using third party products and services (e.g. to PwC in connection with compliance reviews)
  • Based on legal obligations, legal justifications or official orders, e.g. to courts, supervisory authorities, tax authorities, or other third parties
  • Where necessary, to protect our legitimate interests, e.g. with respect to any legal action threatened or initiated against us by clients, in case of public statements, to safeguard our claims against clients or third parties, or for debt collection proceedings
  • With the consent of the person concerned, to other third parties. In particular in connection with certain products or services, personal data must also be disclosed to third parties domiciled in countries which do not have an appropriate level of data protection (e.g. the United States). If data has to be transferred to such a country, we will take measures for a continuous appropriate protection of personal data

6. Outsourcing of business units or services

We may outsource certain business requirements and services, such as accounting, web engineering and the newsletter service, wholly or partially, to third parties. We carefully select any contractors who process personal data on our behalf. Our services providers are not entitled to outsource or share data of certain services to other third parties without our specific identification and approval.

The services providers are only permitted to process the data received to the extent that we do ourselves. Additionally, they are contractually required to guarantee the confidentiality and the security of personal data

7. Duration of storage

The duration of storage for personal data depends on the purpose of the data processing and/or statutory storage provisions (depending on the applicable legal basis 6 months or less, 2 years, five, ten or more years).

8. Rights of the affected persons

You have the right to information, correction, deletion and transfer of your data. Furthermore, you have the right to restrict processing subject to legal data processing requirements.

Prior to an account being funded you have the right to object to the processing of your personal data. The erasure of your personal data may lead to the result that we cannot provide certain services any longer. An objection only has future effect and does not affect previous processing. Agreements already entered into by a client remain in force.

If MAM does not comply with the applicable data protection law, you have the right to file a complaint directed at the competent regulatory authority.

9. Contact

If you have questions about the Data Protection at MAM, please follow this Link.