Data Protection Notice from Prestinvest SA

Prestinvest SA is firmly committed to protecting its clients’ personal data and to collecting and processing such data transparently and in compliance with the Swiss Federal Act on Data Protection (the “Act”). For the purposes of this notice, the term “client” also includes prospects whose personal data we process.

This notice describes the Client’s data-protection rights and informs them of the types of personal data processed by Prestinvest SA, how we use them and the legal basis of such use.

1.      Types of personal data

The term “personal data” refers to all information relating to an identified or identifiable person. In the course of its business, Prestinvest SA must collect and process personal data on the client and related persons, such as the legal representative of a legal entity, a trustee, a beneficial owner or the holder of a power of attorney over one of the client’s account.

Depending on the particular service provided, Prestinvest SA may be required to process the following types of personal data:

-          identification information (e.g. full name, ID card and passport numbers, nationality, place and date of birth, gender, photograph);

-          contact information (e.g. address, email address and phone number);

-          family situation (e.g. marital status, number of children);

-          tax status (e.g. tax ID);

-          employment-related information (e.g. profession, job title, employer’s name and work experience);

-          banking, financial and transactional data related to investments made through our services (e.g. bank account details, transfer of assets, source of wealth);

-          data from your electronic, voice and visual interactions with us (e.g. our meetings, calls, chats, emails, phone conversations, and documents exchanged);

-          background checks.

Prestinvest SA will never ask for sensitive data without your express consent, in particular data related to your racial or ethnic origins, political opinions, religious beliefs, data relating to criminal convictions and offences, unless it is required by law.

2.      Personal data processing by Prestinvest SA: legal basis & purposes

2.1  To comply with legal and regulatory obligations

Prestinvest SA processes client’s personal data to comply with legal and regulatory obligations (including any legal and regulatory guidance, codes or opinions) and to comply with other legal process and law enforcement requirements, which may include laws outside the country you are located in, including to:

-          comply with regulations dealing with prevention of money-laundering, financial crime, financing of terrorism and market abuse;

-          comply with regulations relating to sanctions and embargoes;

-          comply with our prudential obligations (particularly in terms of risk management)

-          identify and manage risks (e.g. risk of concentration and cyber risks)

-          reply to an official request from an administrative or judicial authority which may include authorities outside your country of residence;

-          fight against tax fraud and comply with applicable tax supervision and reporting obligations (such as FATCA obligations).

2.2   To perform our contract with clients

Prestinvest SA will use a client’s personal data to perform its contracts, including to:

-          fulfill its obligations with respect to the services we provide;

-          enforce applicable terms of contracts;

-          process subscription and redemption requests in investment funds;

-          evaluate whether we can offer a service or a product and the associated conditions.

2.3   To pursue our legitimate interest

Prestinvest SA will use a client’s personal data in order to deploy our services, to improve our risk management, to defend our legal rights including:

-          to prevent, detect and investigate fraud;

-          to develop our business relationship and improve the quality of our services;

-          to establish, exercise and/or defend actual or potential legal claims; investigations or similar proceedings.

3.      Disclosure of personal data

3.1   Disclosure to third parties

Personal data may be disclosed to third parties in connection with the services we are providing, including to:

-          third parties involved in a transaction such a correspondent bank or an issuer;

-          external service providers, such as for IT services and hosting;

-          providers of audit services.

3.2   Disclosure to authorities

Personal data may be disclosed to public, judicial, or administrative authorities or to regulatory and governmental bodies (such as supervisory authorities), upon their request. Personal data may also be disclosed to these entities so that Prestinvest SA can determine facts, exercise its rights or defend itself from a current or future claim, or respond to an investigation carried out by a public authority in Switzerland or abroad.

3.3  Cross-border disclosure

Although Prestinvest SA mainly processes personal data in Switzerland, it may also have reason to disclose personal data outside of Switzerland to the providers mentioned in section 3.1 above, and it complies with Swiss law in this regard. If Prestinvest SA must exceptionally disclose personal data in a country that cannot guarantee adequate protection as set out in the Act, Prestinvest SA will implement appropriate contractual, technical safeguards to protect the personal data.

With respect to the disclosure of personal data to authorities outside of Switzerland, Prestinvest SA complies with the applicable legal provisions on international judicial assistance and with FINMA’s provisions on the direct transmission of non-public information to foreign authorities.

4.      Storage period

Prestinvest SA will retain personal data for the longer of the purpose for which they are intended and the period required by applicable law or contractual obligations and/or for the period necessary to protect our legitimate interests (such as satisfying legal claims or responding to requests from regulatory authorities).

5.      Client’s rights in relation to their personal data

Depending on the data protection laws applying to their situation, clients have the following rights:

-          to access their personal data;

-          to have them corrected if they are inaccurate or incomplete;

-          to request their deletion, to the extent permitted by law;

-          to oppose and/or request to limit their processing;

-          to withdraw their consent when they have given their explicit consent to certain processing;

Even when a client objects to the processing of their personal data, Prestinvest SA is nevertheless permitted to continue that processing if it is (i) legally mandatory, (ii) necessary for the performance of a contract to which the client is a party, or (iii) necessary for the purpose of the legitimate interests we pursue, including the establishment, exercise or defence of legal claims.

6.      Amendments

Prestinvest SA reserves the right to amend this notice at any time, including in the case of a change in data protection legislation or in Prestinvest SA’s personal data processing practices.