Privacy policy

General

At Alpian SA, safeguarding your personal data and ensuring its confidentiality is a priority for us. We adhere to stringent data protection laws and regulations. By engaging with our services, website, or any form of interaction, you acknowledge and wholeheartedly consent to our responsible handling and processing of your personal data. This is in strict accordance with our Privacy Notice, which aligns with Swiss data protection laws and any other relevant regulations. Importantly, we are also compliant with the new Swiss Data Protection Act, ensuring the highest standard of data privacy and security for you.

Personal data

The personal data we process may include (i) personal details (e.g., name, place of birth, date of birth, citizenship, address, telephone numbers, email addresses, family details, other KYC information), (ii) identification data (e.g., copy of passport or identity card, social security number, tax identification number), (iii) tax information (e.g., tax domicile and other tax-related documents and information), (iv) professional information about you (e.g., job title, job experience), (v) financial information (e.g., financial and credit history information, transaction data, bank details), (vi) your investment profile and investment preferences, (vii) records of phone and video calls between you and Alpian SA, as well as any other communications between you and Alpian SA (viii) details of your use of our products and services, (ix) cookie information (e.g., cookies and similar technologies on websites and in emails) and thereby IP address, your geographic location as indicated by your IP address, the content you access, the website from which the request originates, the search terms you enter on our website, information about the type of device you use to access our website, the operating system and your browser type (please refer to our ”Cookies Policy” for additional information).

We collect and receive personal data (i) directly from you (e.g., when you are contacting us or sending us contractual documents or forms) or (ii) indirectly from third parties or publicly available sources (e.g., commercial register, sanctions lists, press, media, internet).

Subject to any obligation set forth in our contractual documentation, you are in general under no obligation to provide us with any personal data. However, if you do not provide the required information regarding certain use cases, we may not be able to process your corresponding request, get in contact with you or provide services to you. If you share with us personal data regarding any other individual (e.g., regarding your employer/employees, relatives, family members, colleagues, ultimate beneficial owners, etc.), we assume that this data is correct. By sharing such data with us, you confirm that you are authorized to do so and that you have informed the concerned individuals about this Privacy Notice and our processing of their personal data.

Purposes of processing

We process your personal data for the following purposes (the "Purposes"):

(a) for the performance of contractual obligations

We collect and process personal data as necessary for the performance of a contract to which you are a party, or to carry out pre-contractual measures that occur as part of a request, which includes in particular the following processing operations: (i) opening and management of an account and business relationship with us, (ii) the execution of transactions, (iii) the provision of investment advice as well as (iv) asset and portfolio management and the distribution of financial products.

(b) for compliance with a legal obligation or in the public interest

As a bank, we are subject to various legal obligations which require us to process and collect personal data, including in relation to accounting requirements, the provision of information about products and services, the prevention of money laundering activities, bribery, corruption, tax frauds as well as other frauds and crimes, the recording of phone and video conversations, the satisfaction of any requirements of cooperation with, or reporting to, any competent public prosecution, supervisory, administrative or tax authority or court, as well as the assessment and management of risks.

(c) for the purposes of safeguarding legitimate interests

When necessary, we process your personal data for the purpose of the legitimate interests pursued by us or a third party, if such processing does not unduly affect your interest or fundamental rights and freedoms. Examples include (a) the development of our business relationship with you, (b) the operation and improvement of our properties and systems, (c) the recording of phone and video conversations to verify instructions, improve the quality of our services or to safeguard our rights, (d) the exercise or defense of actual or potential legal claims, or the conduct of investigations or similar proceedings, (e) the compliance and improvement of our internal processes and organization, including for the purposes of compliance, risk management, corporate governance and business organization, (f) as otherwise specified hereinafter (e.g., the evaluation of certain characteristics of data subject on the basis of automatic processing of personal data (profiling)).

Profiling or automated decision making

In some cases, we process your personal data automatically with the aim of evaluating certain personal aspects (profiling), in particular to provide you with targeted information and advice on our products or services or those of our business partners. We may also use technologies that allow us to identify the level of risks linked to a data subject or to the activity on an account. As a rule, we do not make decisions based solely on automated processing in order to perform our services. Should we do so, we shall comply with applicable legal and regulatory requirements.

Recipients of personal data

Any unit within Alpian SA and affiliated company that requires your personal data to achieve the Purposes will have access to it.

If necessary or useful to perform our services and achieve the Purposes, we may disclose or transfer your personal data to the following categories of recipients which may be located in Switzerland or abroad: (i) third party service providers that process personal data on our behalf and/or to which we outsource certain tasks (e.g., marketing service, analytics, telecommunications and IT service providers), (ii) public or governmental authorities, administrations or courts (e.g., financial market supervisory authorities, tax authorities, anti-money laundering authorities), (iii) financial institutions (e.g., third party central depositories, brokers, exchanges, registers, third party banks, etc.), (iv) legal and professional advisors, including accountants and auditors, (v) transaction partners and advisors (e.g., in relation to mergers, acquisitions or other business transactions involving us or our affiliated companies) or (vi) other third parties if you consented to such disclosure (e.g., joint account holders of your account, your guarantor and any person with power of attorney over your affairs) or if such disclosure is necessary to comply with legal obligations or to establish, exercise or defend a right before a court or other competent foreign authority.

We may transfer your personal data to countries within the EEA or to the UK and to the following countries outside of Switzerland or the EEA/UK, provided that (a) such countries provide for an adequate level of data protection according to the assessment of the competent authority, or (b) we ensure an adequate level of data protection based on appropriate safeguards, such as the EU Standard Contractual Clauses ("EU-SCC") adapted to Swiss law to the extent required ("CH-SCC"), or (c) you have given your consent regarding such cross-border transfer or (d) such cross-border transfer is permitted by applicable law: Asia, including in particular India, Australia, Canada, Central America, Middle East, North Africa, South America and United States of America. For a copy of the EU-SCC / CH-SCC, please contact us as indicated below.

Storage period and erasure

We process and retain your personal data for as long as our processing purposes, the legal retention periods and our legitimate interests regarding documentation require it or for reasons of limited technical feasibility. Except in case of contrary legal or contractual obligations, we will erase or anonymize your personal data as reasonably practicable once the processing or storage period has expired.

The following examples illustrate how we generally retain your personal data in specific use cases:

  1. the data that is required to operate, provide and secure the website and the services provided thereon will be processed for as long as required to enable the requested access and secure the stability and integrity of the relevant systems;

  2. the data that is required for web analysis purposes will be stored for as long as required to perform the analysis and will thereafter be deleted or anonymized;

  3. cookies will be stored on your device for the time period required to achieve the related purpose and as further set out in the “Cookies Policy” and will thereafter be deleted by your browser;

  4. the data exchanged via any communication means will be deleted after responding to / completing your inquiry if and to the extent (a) we are not legally obliged to retain such data (e.g., for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for documentation, quality assurance or similar business purposes or for the assessment or exercise of, or defense against, legal claims

  5. (e) the data collected in connection with our services will generally be kept as long as you are accessing/receiving (or have the right to access/receive) our services, and such data will be deleted after termination of your contract and/or deletion of your account if and to the extent (a) we are not legally obliged to retain such data (e.g., for accounting or document retention purposes) and (b) we do not have an overriding legitimate interest to retain such data for documentation, quality assurance or similar business purposes or for the assessment or exercise of, or defense against, legal claims;

  6. the data collected in connection with the negotiation, conclusion and performance of a contract with us will generally be kept for the duration of the statute of limitations duration regarding contractual claims, as calculated from the end of the contractual relationship if and to the extent (a) we are not legally obliged to retain such Data (e.g. for accounting or document retention purposes) for a longer period and (b) we do not have an overriding legitimate interest to retain such Data for documentation, quality assurance or similar business purposes or for the assessment or exercise of, or defense against, legal claims;

  7. the data collected in connection with an application for a job vacancy will generally be kept for the duration of the application process and 3 months thereafter, unless you ask or allow us to retain your application for a longer time. We may retain such data for longer for the assessment or exercise of, or defense against, legal claims.

The data collected from employees, agency staff and secondees in relation to their employment relationship with us is further set out in a specific Employee Privacy Notice, which is communicated in an appropriate manner to the data subject and can be obtained at any time from the Data Protection Officer at the contact details provided below.

Your rights

You have the right to request information about your Data we process and further rights regarding such data processing. In particular, you have – or may have, depending on the circumstances – the right to

  1. information (i.e., to ask us whether we are processing your personal data, and if so, to provide you with further information related thereto);

  2. correction (i.e., to ask us to correct or complement your personal data if it is incorrect or incomplete);

  3. deletion (i.e., to delete your personal data (to the extent we are not under a legal obligation or have an overriding legitimate interest to retain such data);

  4. object (i.e., right to object to the processing of your personal data based on our legitimate interest by explaining your particular reasons and specific circumstances on which your objection is based, it being noted that regarding cookies through which certain personal data may be collected, you can block the setting of such cookies at any time by changing the settings in your browser accordingly, which may result in a limited user experience and you may not be able to use every function of our website or services or to access our services in an appropriate manner altogether)

  5. restrict processing (i.e., to ask us to temporarily restrict our processing of your personal data)

  6. data portability (i.e., to ask us to provide you in electronic form (to the extent technically feasible) the personal data you have provided to us;

  7. withdraw your consent (i.e., to withdraw your consent if and to the extent you have previously given your consent to any specific purpose of processing of your personal data, which will not affect the lawfulness of any processing carried out before you have withdrawn your consent (or any processing based on any legal basis other than your consent) and may mean that we will no longer be able to provide our services to you).

Before responding to your request, we may ask for proof of identity and/or any other measure that we may deem necessary to ensure that your personal data is not disclosed to any unauthorized person. Furthermore, if you believe that your rights granted by applicable data protection laws have been infringed, you may lodge a complaint with the competent data protection authority.

User Tracking and Marketing Measurement

Consent for Tracking and Marketing Measurement

To improve our services and provide you with a personalized experience, Alpian SA uses AppsFlyer for marketing measurement and analytics. We require your explicit consent to track and process your data for these purposes.

What Data is Collected and Why

AppsFlyer may collect data including your device identifier, IP address, geographic location, app usage data, and interactions within the app. This data helps us understand how you use our app, assess the effectiveness of our marketing campaigns, and improve our services.

Your Rights and Choices

Opt-In/Opt-Out: You will be prompted to provide consent for tracking when you first use our app. You can opt-in or opt-out at any time through the app settings.

Transparency: Our privacy policy details the data collected, the purpose of collection, and third-party sharing. AppsFlyer’s data practices are also outlined in their privacy policy, accessible here.

Control: You have the right to withdraw your consent for data processing at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Compliance with Data Protection Laws

Alpian SA complies with the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). We ensure that your data is processed lawfully, fairly, and transparently.

Changes to this privacy policy

We keep this Privacy Notice under regular review and may change it at any time. Your continued use of our services and/or of our website or further interactions with us is deemed as your acceptance with any such changes. The version published on our website is the version that currently applies.

Contact

Alpian SA is the entity responsible for the processing of your personal data. For any questions or queries that you may have in connection with the processing of your personal data, you may contact our Data Protection Officer at dpo@alpian.com or write to Alpian SA, chemin des Crêts 17, 1209 Geneva.

The data protection authority for Alpian SA is the Swiss Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Berne, Switzerland (https://www.edoeb.admin.ch).