Swiss Association of Trust Companies (“SATC”)
Thank you for visiting the SATC website and your interest in our association. The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified.
1. What personal data do we collect and process?
Personal data is collected and processed when you use this website. This is data transmitted voluntarily or generated automatically by the server, such as log files with IP addresses. Below, you will find an overview of the different types of data collection on our website:
Voluntarily submitted data
We collect information that you voluntarily provide to us when, for example, you (a) communicate with us via e-mail or other communication channels; (b) ask us to send you notices or other information; (c) register for an event; and (d) purchase documents through our website (e) submit a membership application. This includes personal data such as first name, last name, postal address, e-mail address, telephone number, language preference, job title and business address of you and your employees and agents.
Correspondence data (by e-mail or other communication channels)
If you contact us by e-mail or other communication channels, the data you provide will be used to process your request. Correspondence data may include the content of your message and personal data associated with the communication.
The provision of your data is necessary to process and respond to your enquiry. Without this data, we cannot process your enquiry or can only process it to a limited extent.
Correspondence data is processed based on our legitimate interests, namely the proper website administration and our association and communication with you. Correspondence data may be processed to communicate with you, recording logs or processing orders.
Please note that internet-based data transmissions generally have security gaps; therefore, absolute protection cannot be guaranteed.
Subscription data for the e-mail newsletter/newsflash
With our e-mail newsletter, you will receive information about our association and current topics. For this purpose, we need your name and e-mail address.
When registering for the newsletter, these data must be entered, after which you will receive an e-mail from us to the e-mail address you provided. In this e-mail, you will receive a confirmation link, which you must click to confirm and verify your e-mail address.
We will only use and store your data to send the newsletter.
You can unsubscribe from the newsletter at any time (unsubscribe link at the end of the newsletter), thus withdrawing us from further use of your data.
Automatically collected server log files
Our server automatically stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
Internet pages often use so-called cookies. Cookies are small text files stored on your computer and saved by your browser; they do not cause any damage to your computer and do not contain viruses but make our offer more user-friendly, effective and secure.
Most cookies we use are so-called “session cookies”, which are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognise your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
Functional cookies – always active
These cookies are necessary for essential functions and are automatically stored when you access our websites. These cookies store your preferences when you use our websites. Consent is not required to use functional cookies, which enable the website’s essential functions.
2. For what purpose do we obtain and process personal data?
- First and foremost, we collect personal data in connection with our association activities. In addition, we process your personal data to (a) send you information for events, (b) send newsletters (Newsflash) and other information, and (c) for invoicing.
- To effectively and efficiently manage the association, promote the purpose of the association and any corporate transactions and associated transfer of personal data, and comply with legal and regulatory obligations.
- Offer and further development of our offers, services and website:
- Communicating with third parties and processing their enquiries (e.g. media enquiries, potential new members);
- Submission of legal claims and defence in connection with legal disputes and official procedures;
- Preventing fraudulent activity or abuse on or in connection with the website;
- To comply with the requirements of applicable laws, to protect the safety of an individual and the rights and property of SATC, and to prevent deception or security or technical problems;
3. Who do we disclose this personal information to?
- Staff and consultants authorised to administer the website and provide related services;
- Third-party companies (e.g. IT service providers, hosting providers, etc.) to whom SATC has outsourced processing operations under a contract processing arrangement;
4. Disclosure of personal data abroad
In connection with this website, personal data is not disclosed to third countries with inadequate data protection.
5. Retention, deletion and destruction requirements
All personal data we collect will be anonymised or deleted as soon as it is no longer necessary for processing.
By legal requirements in Switzerland, data is generally retained for ten years, according to Art. 957 et seq. of the Swiss Code of Obligations (OR) for business records, whereby the retention period begins at the end of the financial year.
6. Measures to ensure data security
SATC or its contracted data processor shall ensure that the confidentiality of personal data is guaranteed through access, access and user controls.
Furthermore, the integrity of personal data is ensured via controls on data carriers, storage and transport. The data can be quickly restored, even in a technical or physical incident.
Our systems and application programmes are up to date with the latest security standards and all known critical gaps – OWASP Top 10 – have been closed.
As far as traceability is concerned, these are documented via input and disclosure logs, data security breaches are detected, and the resulting consequences are mitigated and/or eliminated.
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the browser’s address line changing from “http://” to “https://” and by the lock symbol in your browser line.
However, we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
7. Obligation to report data security breaches
All breaches of data security that result in a high risk to the personality or fundamental rights of the data subject will be reported by us to the Federal Data Protection and Information Commissioner (FDPIC).
Have you noticed a data security breach? Please contact us immediately at email@example.com.
8. Data subjects’ rights
Would you like to know if we are processing personal data about you? You have provided us with personal data and would like to correct, delete or destroy it, or object to its disclosure?
Contact us via firstname.lastname@example.org.
9. Links to other websites