Privacy Policy

Privacy Policy of Conscious Capital

1. Overview and scope

This Privacy Policy provides information on how and for what purposes Conscious Capital AG (hereinafter “Conscious Capital” or “we“) processes the personal data that you disclose to us or that we collect from you. This Privacy Policy is not exhaustive; in particular, our contracts (e.g., our Terms and Conditions) and other legal documents may provide additional information on processing your personal data. “Personal Data” means any data and information relating to an identified or identifiable natural person.

2. Data controller

The name and address of the data controller are as follows:

Conscious Capital AG
Kreuzplatz 2
8032 Zurich
Switzerland

E-Mail:    [email protected]

3. Data origin and data categories

As a matter of principle, we only process the Personal Data that we receive or collect from our customers, interested parties, investors, business partners, event visitors and website visitors in the course of our business activities. Where permitted, we also obtain certain data from publicly accessible sources (e.g. debt collection register, commercial register, press, internet) or receive such data from other Conscious Capital group companies, authorities or other third parties. If you provide us with the Personal Data of other persons, we ask you to ensure that these persons are aware of this Privacy Policy and only share their Personal Data with us if you have been authorised to do so and if the corresponding Personal Data is correct.

The Personal Data or categories of Personal Data processed by us include, depending on the case, in particular personal details and contact data (e.g. name, address, gender, date of birth, telephone number and e-mail address); identification and background information (e.g. social security number, specimen signatures, language); contract data that we receive or collect in connection with the initiation, conclusion and execution of contracts with you (e.g. services used or requested by you as well as associated behavioral and transaction data, financial data for payment purposes such as bank account details); transaction data (e.g. payment transaction data, details of your payment order and details of the payee or beneficiary and the purpose of the payment); financial data (e.g. information about your assets and their origin, liabilities, income, revenue and investments (incl. investment experience and risk tolerance) and data relating to your securities and other financial instruments); employment details (e.g. job title, employment relationship, income); pension details (e.g. retirement assets, lump-sum withdrawals, purchases); communication data (e.g. content of emails, written correspondence, chat messages, social media posts, comments on websites, telephone conversations, video conferences, proof of identity, marginal data); documentation data or data from your contacts with third parties (e.g. consultation or meeting minutes (namely with investors), file notes, references); preference and marketing data (e.g. data about the use of our website or other digital offers, data in connection with the marketing of services, documents received and special activities, personal preferences and interests); public data that can be obtained about you (e.g. commercial register data, data from the media and the press); data in connection with proceedings or investigations by authorities, official bodies, courts, organizations or other bodies; data to comply with legal requirements, such as in connection with the fight against money laundering; image and sound recordings (e.g. photos, videos and sound recordings, recordings of video surveillance systems and recordings of telephone and video conference calls) and technical data (e.g. IP address and other device IDs, identification numbers assigned to your device by cookies and similar technologies).

4. Processing purposes and legal bases
   • General in the context of our business activities

We process your Personal Data primarily for those processing purposes necessary in connection with our business activities and the provision of our services. In particular, we may process your Personal Data for the following purposes:

• to communicate with you, in particular, to provide you with information or process your requests, to authenticate and identify you, for customer service and customer care;
• for the performance of contracts, in particular in connection with the initiation, conclusion and execution of contractual relationships. This includes all data processing that is necessary or expedient to conclude, execute and, if necessary, enforce a contract, such as processing to decide whether and how (e.g. with which payment options) we enter into a contract with you (including credit checks), to provide contractually agreed services, to invoice our services and generally for accounting, processing job applications (e.g. managing and evaluating job applications, conducting interviews incl. creating personality profiles, obtaining reference information), enforcing legal claims arising from contracts (debt collection, legal proceedings, etc.);
• to provide you with our services (e.g. preparation of investment marketing materials, financial preparation, scientific analysis, market analysis and connectivity) and our digital offerings (e.g. website) and to evaluate and improve them;
• to be able to organise events and retreats to which we invite you;
• to inform you about new developments or to provide you with other information about our services or potential investments;
• for customer care and marketing purposes, g. to send you written and electronic messages and offers and to carry out marketing campaigns;
• in connection with accounting, data archiving and the management of our archives;
• for training and education: We may process your Personal Data to conduct internal training courses and to train and develop our employees;

 

• when selling receivables, e.g. if we provide the purchaser with information about the reason for and amount of the receivable and, if applicable, the creditworthiness and behaviour of the debtor;
• for security measures, in particular for IT and building security (such as visitor lists, prevention, defence against and clarification of cyber-attacks and malware attacks, network and mail scanners, video surveillance, and telephone recordings), as well as for the prevention and clarification of criminal offences and other misconduct or to carry out internal investigations, protection against misuse, evidence purposes, data analysis to combat fraud, evaluation of system-side recordings of the use of our systems (log data);
• in connection with restructuring or other acts under company law (e.g. due diligence, M&A, keeping share registers, etc.);
• for the assertion of legal claims and defence in connection with legal disputes and official proceedings in Switzerland and abroad, including the clarification of litigation prospects and other legal, economic and other issues;
• to comply with our legal, regulatory (including self-regulatory) and internal requirements and rules in Switzerland and abroad, including compliance with orders from a court or authority;
• other purposes: we may process your Personal Data for other purposes necessary to protect our legitimate interests.

We process your Personal Data for the purposes mentioned above, depending on the situation, in particular on the following legal bases:

• the processing of Personal Data is necessary for the fulfilment of a contract with you or pre-contractual measures;
• you have given your consent to the processing of your Personal Data;
• the processing of Personal Data is necessary for compliance with a legal obligation;
• the processing is necessary to protect the vital interests of the data subject or another natural person or
• we have a legitimate interest in processing the Personal Data. Our legitimate interests may include, in particular, the following interests – interest in providing good customer service, keeping in touch and communicating with customers outside of a contract; advertising and marketing activities; improving (products and) services and developing new ones; combating fraud and preventing and investigating crime; protecting customers, employees and others and our data, trade secrets and assets; ensuring adequate security (both physical and digital); ensuring and organising business operations, including the operation and further development of websites and other systems; management and development; the sale or purchase of companies, parts of companies and other assets; the enforcement or defence of legal claims; compliance with Swiss and foreign law and other rules applicable to us.
  • When visiting our website

Our website collects a range of user information each time it is accessed, stored in the server log files. The information collected includes the IP address, the date and time of access, the time zone difference to the GMT zone, the name and URL of the file accessed, the website from which access is made, the browser used and the operating system used. Collecting this information or data is technically necessary to display our website to you and ensure its stability and security. This information is also collected to improve the website and analyse its use.

• E-mail, phone calls and video conferences

You can contact us via the e-mail address and phone number provided. The Personal Data you send us will be stored by us and processed to deal with your request. The legal basis for this Personal Data processing is your consent and our legitimate interest in processing your request.

If you contact us by e-mail, you authorise us to reply to you via the same channel. Please note that unencrypted e-mails are transmitted via the open internet, so it cannot be ruled out that they can be viewed, accessed and manipulated by third parties. We exclude – to the extent permitted by law – any liability that you may incur, in particular, due to incorrect transmission, falsification of content or disruption to the network (interruptions, overloading, unlawful interventions, blocking).

Phone and video conference calls with us may be recorded; we will inform you of this at the beginning of each call. If you do not want us to record such conversations, you can terminate the conversation at any time and contact us by other means (e.g., by e-mail).

• Cookies and other third-party services/plug-ins

Our website may use so-called Cookies and other third-party services (e.g. plug-ins). Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system or mobile device. The Cookie contains a characteristic string of characters that enables the browser or mobile device to be uniquely identified when the website is called up again.

On the one hand, the purpose of using Cookies is to enable and simplify the use of our website for you. Some functions of our website cannot be offered without using cookies (so-called technically necessary Cookies). On the other hand, we also use Cookies/Tools to analyse user behaviour on our website, namely for range measurement and marketing purposes.

• Technically Necessary Cookies

Technically necessary Cookies are required for our website to function. Therefore, these Cookies cannot be switched off in our systems. As a rule, they record important actions, such as the number of requests made, editing your data protection settings, or completing forms. You can block these Cookies in your browser, but some parts of our website may no longer work.

The legal basis for data processing when using technically necessary Cookies is our legitimate interest, which lies primarily in ensuring the functionality and improvement of our website.

• Analytical and Marketing Cookies and other third-party services/plug-ins

Analytical Cookies allow us to analyse visitor behaviour and traffic sources to measure our website’s performance and improve the user experience. They help us recognise which pages are popular and show how visitors move around our website. There are also other third-party services that make it possible to determine the location of the website visitor (e.g. Switzerland or USA) so that the correct website (e.g. .ch or .us) is visited.

Marketing Cookies allow us to provide you with advertising that is relevant to you. These cookies can remember that you have visited our website and shared this information with other companies, including other advertisers.

In particular, we may use the following Cookies or other third-party services:

• Geo IP Redirection of GeoTargetly, s.r.o., based in Obchodná 2, 811 06 Bratislava, Slovakia. The privacy policy for Geo IP Redirection can be found here: https://geotargetly.com/privacy-policy.
• Google Fonts of Google Inc. The Google US-Headquarter is located on 1600 Amphitheatre Parkway, Mountain View, California 94043, USA; and the European Headquarter is located on Gordon House, Barrow Street, Dublin 4, Ireland. The privacy policy for Google Fonts can be found here: https://policies.google.com/privacy.

You can object to the use of Cookies, for example, (i) by selecting the appropriate settings in your browser or (ii) by using appropriate cookie blocker software (e.g. ghostery). The legal basis for processing your data in connection with analytical and marketing Cookies is our legitimate interest, which lies primarily in the improvement of our website and also your consent.

• Job applications

You can submit your job application for a position with us by post or e-mail. The application documents and all Personal Data disclosed to us will be treated confidentially and processed to process your employment application. Without your consent to the contrary, your application dossier will either be returned to you or deleted/destroyed after the application process has been completed unless it is subject to a statutory retention obligation. The legal basis for processing your data is your consent, the fulfilment of the contract with you and our legitimate interests.

5. Disclosure of Personal Data to recipients and abroad
   • Disclosure of Personal Data to Recipients

In addition to the data transfers to recipients expressly mentioned in this Privacy Policy, we may disclose Personal Data to the following categories of recipients to the extent permitted:

• other affiliates or group companies of the Conscious Capital group (e.g. Conscious Capital, Inc., 405 Lexington Avenue, Floor 26, New York, NY 10174, Conscious Giving, Inc., 2929 Arch Street, Suite 1700, Philadelphia, PA 19104);
• providers to whom we have outsourced certain services (e.g. IT and hosting providers, external accounting, debt collection services, photographers, banks, etc.) as well as other suppliers and subcontractors;
• investors;
• (other) customers;
• (other) event visitors;
• third parties who collect data about you via websites;
• authorised representative;
• insurance, social security;
• credit reference agencies, which store this data for credit rating information;
• prospective buyers or investors in the event of restructuring or other corporate actions;
• auditors;
• parties in potential or actual legal proceedings or disputes;
• domestic and foreign authorities, official bodies or courts.
  • Disclosure of Personal Data Abroad

In principle, we process your Personal Data in Switzerland. However, in exceptional cases (e.g. when using certain service providers or software applications), your Personal Data may also be transferred abroad, primarily to the European Union and EFTA member states, but in some cases also to other countries worldwide (namely the USA).

If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection as provided for by law by using appropriate contracts (namely based on the so-called standard contractual clauses of the European Commission) or rely on the legal exceptions of consent, contract execution, the establishment, exercise or enforcement of legal claims, overriding public interests, published Personal Data or because it is necessary to protect the integrity of the data subjects. Nevertheless, we would like to point out that data transmitted abroad is no longer protected by Swiss law and that foreign laws and official orders may require this data to be passed on to authorities and other third parties.

6. Retention period

We process and store your Personal Data for as long as it is necessary to fulfil our contractual and legal obligations or otherwise for the purposes pursued with the processing or if there is another legal basis (e.g. statutory retention periods). We retain Personal Data that we hold based on a contractual relationship with you for at least as long as the contractual relationship exists and limitation periods for possible claims by us run or contractual retention obligations exist. As soon as your Personal Data is no longer required for the abovementioned purposes, it will generally and as far as possible be passively set, deleted or anonymised.

7. Your rights

You have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing as well as to the disclosure of certain Personal Data for the purpose of transfer to another body (so-called data portability) within the scope of the data protection law applicable to you and insofar as provided therein. Please note, however, that we reserve the right to assert the restrictions provided for by law, for example, if we are obliged to store or process specific data, have an overriding interest in doing so (insofar as we are entitled to invoke this) or require it for the assertion of claims. If you incur costs, we will inform you in advance.

If data processing is based on your consent, you can withdraw your consent at any time with effect in the future. However, this does not affect the lawfulness of the processing carried out based on your consent until withdrawal.

The exercise of such rights generally requires that you prove your identity (e.g. using a copy of your ID if your identity is otherwise unclear or cannot be verified). To exercise your rights, you can contact us using the contact details provided in section 2 of this Privacy Policy (by post or e-mail).

Data subjects also have the right to enforce their court claims or lodge a complaint with the competent data protection authority. Switzerland’s competent data protection authority is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

8. Data security

We take appropriate security measures of a technical and organisational nature to protect the security of your Personal Data, in particular, to protect it against unauthorised or unlawful processing and to counteract the risk of loss, unintentional modification, unwanted disclosure or unauthorised access. Like all companies, however, we cannot rule out data security breaches with absolute certainty, as certain residual risks are unavoidable. As part of our security measures, we use firewalls, logging and encryption in particular, have authorisation concepts and have implemented other protective measures to ensure that Personal Data is protected as completely as possible.

9. Amendments of this Privacy Policy

We expressly reserve the right to amend this Privacy Policy at any time. We will immediately publish the amended Privacy Policy on our website if such changes are made. The Privacy Policy published on our website shall apply in each case.

February 2024