Privacy Policy

With the following information, Globalance Bank Ltd. (“The Bank”) provides the data subject with an overview of and details on how personal data is processed, and the associated privacy rights. Processing personal data includes every activity involved, such as collecting, recording, storing, organising, arranging, using, disclosing through transmission, linking and erasing such data. In this respect, the Bank complies with the applicable data protection legislation and only processes personal data insofar as it is necessary and legally permissible to do so.

1 Data controller

Globalance Bank Ltd.
Gartenstrasse 16
CH-8002 Zurich

The data subject can direct any questions concerning this Privacy Policy to Globalance Bank Ltd.’s Data Protection Officer:

Globalance Bank Ltd.
Data Protection Officer
Gartenstrasse 16
CH-8002 Zurich
E-mail: [email protected]

2 Data subject

A data subject is any natural person whose personal data is processed by the Bank. So, a data subject generally contacts the Bank in some way, for instance as a:

  • customer
  • interested party or other third party
  • authorised representative/agent of the customer or customer adviser
  • parent or legal guardian of the customer
  • beneficial owner of the customer
  • contractual partner of the customer

3 Personal data

The Bank defines personal data as any information which relates directly to the data subject, including in particular:

  • authentication and contact details (e.g. first and last name, date of birth, place of birth, address, nationality, e-mail address, telephone number);
  • order and sales data (e.g. account number, securities account number, IBAN, deposit and withdrawal, transfer);
  • financial situation (e.g. origin and value of assets, creditworthiness data, payment history, income, expenditure, insurance cover, shares in companies, information on properties);
  • other socio-demographic characteristics (e.g. marital status, profession, education, relatives);
  • tax data (e.g. tax reference number, taxpayer identification number, allowances, tax residence);
  • activities (e.g. hobbies, interests, memberships)

The Bank only processes special categories of personal data if this is permissible and necessary by way of exception, i.e. primarily video recordings on the Bank’s premises for security reasons, voice recordings made during telephone conversations for documentation required by law and the status of politically exposed persons (PEP) to prevent money laundering.

4 Data sources

The Bank mainly processes data it receives directly from the data subject arising from the business relationship which is required for this purpose. In addition, the necessary data is also obtained from other financial institutions, external asset managers, intermediaries, family members (relatives) and publicly accessible sources, in particular debtors’ lists, land registers and commercial registers.

5 Processing purpose and legal bases

Data is always processed in accordance with the provisions of applicable data protection legislation, first and foremost in order to meet the contractual and statutory obligations governing the provision of the relevant financial services and the performance of other banking transactions. In this regard, the Bank follows the principle of data minimisation in particular, so that only the data specifically required for the banking transaction in question is processed. This also includes needs analyses and product optimisation in the context of the business relationship.

a) The data subject’s consent for the processing of personal data for specific purposes can be withdrawn at any time with effect for the future. This also applies to consent granted to the Bank before the General Data Protection Regulation (GDPR) came into force, i.e. before 25 May 2018. However, withdrawing consent does not affect the legality of the data processing before such withdrawal or further processing on another legal basis.

b) For the fulfilment of contractual obligations and the initiation of contracts at the request of the data subject, the following data is needed, for example:

  • authentication and contact details, in order to contact the data subject;
  • order and sales data, in order to manage the account;
  • financial situation, in order to check whether and which product or service can be offered (e.g. when purchasing financial instruments);
  • other socio-demographic characteristics, in order to conduct needs analyses;
  • tax data, in order to pay the tax owed to the tax office in the context of the tax deduction

c) Data processing is often based on a statutory or regulatory obligation. These include, for example, the statutory requirements set forth in the Anti-Money Laundering Act. In this regard, the Bank needs the data, e.g. to confirm identity, to meet the control and reporting obligations under applicable tax laws, to prevent fraud and money laundering and to assess and manage risk.

d) Some processing circumstances come about due to the performance of tasks which are in the public interest. These include, in particular, the control and reporting obligations under applicable tax laws as well as combating money laundering and the financing of terrorism.

e) If necessary from the Bank’s point of view, it processes personal data even beyond the extent actually required to meet contractual obligations, in order to safeguard its legitimate interests or those of third parties. However, this only occurs if, after said interests have been weighed against the conflicting interests of the data subject, the former override the latter. As a rule, the Bank acts on the basis of its own economic interests.

f) Personal data from special categories is only processed in exceptional cases. Voice recordings are made provided that they are stipulated by law and are therefore intended to offer the possibility of establishing, exercising or defending legal claims. Video recordings serve as a means of preventing and prosecuting any criminal offences. Processing the data of those with the status of a politically exposed person constitutes a significant public interest for the purpose of combatting money laundering and is therefore stipulated in the Anti-Money Laundering Act.

6 Passing on data to third parties

Within the Bank, only those divisions have access to your data which require it to perform their duties.

Furthermore, service providers and vicarious agents of the Bank receive personal data for the aforementioned processing purposes if they maintain banking secrecy and if the passing on of said data is also based on one of the above-mentioned legal bases. The Bank engages service providers, some intermittently and some on a long-term basis, for payment services, securities services, IT services, logistics, print services, telecommunications, consulting, sales, marketing and much more besides. In all cases, the service providers and vicarious agents engaged only have access to the data which is necessary to perform individual duties.

Data is transferred to offices outside Switzerland, the EU and the EEA (so-called third countries) only if this is

  • necessary for the orders of the data subject to be executed,
  • required by law, or
  • the data subject has given their consent.

7 Duration of data storage

The storage of personal data is a processing activity which likewise complies with the applicable contractual and statutory requirements. As soon as the stored data is no longer needed for the underlying processing purposes, it has to be erased. As a rule, however, the Bank has an obligation, extending beyond the end of the contractual relationship, to retain personal data for reasons relating to commercial law, tax law and other laws. This retention period can be up to ten years. Please consult the relevant laws.

Insofar as the Bank needs data and documentation relating to the data subject as evidence for establishing, exercising or defending legal claims, the Bank will refrain from erasing them – primarily in accordance with the relevant statutes of limitations. In special cases, the relevant documents and data will also be retained as evidence for longer periods based on current case law, with due consideration given to legitimate concerns.

8 Rights of the data subject

The data subject has many different rights, in particular the right to receive information from the Bank on the relevant personal data, the right to rectification, erasure, restriction on processing, data portability, and the right to object to processing. Furthermore, the data subject has the right to lodge a complaint with the competent data protection supervisory authority.

9 Obligations of the data subject

The data subject is obliged to disclose any personal data the Bank is legally obliged to process and which is required to commence and conduct the contractual relationships. Without the personal data to be processed, the Bank will regularly not be in a position to conclude a typical bank contract with the data subject and to meet the contractual and statutory obligations.

For instance, anti-money laundering legislation stipulates that the Bank has to identify the other contractual party, and where applicable any persons acting on their behalf and beneficial owners, before establishing the business relationship or performing a transaction. If any changes occur during the business relationship, the data subject must report them to the Bank immediately. Otherwise, the Bank is not allowed to commence or continue the desired business relationship.

10 Right of objection

The data subject can assert their right to object against the processing of their personal data, and against the processing of their personal data for the purpose of direct marketing. The data subject can contact the Bank.

The objection to data processing and the withdrawal of consent (cf. subsection 5 a)) apply simultaneously. In the event of an objection, the relevant personal data will generally no longer be processed by the Bank. By way of exception, the data will nevertheless continue to be processed if compelling legitimate grounds can be demonstrated that override the interests, rights and freedoms of the data subject, or if such processing serves the establishment, exercise or defence of legal claims.

Copyright © 2022 Globalance Bank AG – All rights reserved.