In this Data Privacy Statement, Privatbank Bellerive AG (“PBB”) provides information on how it processes personal data and what rights persons whose personal data is processed (“data subjects”) have under the Data Protection Act. Personal data is any data relating to an identified or identifiable natural person. PBB defines processing as the handling of personal data, regardless of the means and procedures used, in particular the acquisition, storage, retention, use, modification, disclosure, archiving, deletion and destruction of data.
Responsible for data processing:
Privatbank Bellerive AG
Telephone: +41 44 388 6464
Responsible for exercising the rights under the Data Protection Act:
Privatbank Bellerive AG
Legal, Compliance & Risk
PO Box, 8034 Zurich
Telephone: +41 44 388 6467
Basic provisions on data protection are also contained in PBB’s General Terms and Conditions. These govern the mutual relationship between PBB and the contracting party.
PBB processes personal data from the following sources:
The specific personal data that PBB processes depends in particular on the products and services that data subjects use. Customer data is divided into the following categories:
PBB processes data of interested parties and visitors with regard to a possible conclusion of a product or service contract. In particular, the following personal data is processed:
Personal data of business partners, their employees and agents are processed within the framework of the contractual business relationship. This includes in particular the following personal data:
PBB may record telephone calls to the extent provided for by law or for training and quality assurance or evidentiary purposes. Video recordings are made for security reasons and for the purpose of investigating possible criminal acts, in particular in the area of the bank building and the bank facilities.
PBB processes personal data in accordance with the applicable data protection provisions:
PBB may also collect personal data from publicly available sources for the purpose of customer acquisition:
Within PBB, access to personal data is granted to persons who need it to fulfil legal and contractual obligations. For this purpose, third parties employed by PBB (order processors) may also receive and process data. These include companies in the categories of banking services, marketing, IT services, logistics, printing services, telecommunications, sales. The involvement of third parties is subject to careful review and compliance with banking and data protection regulations. Whoever processes personal data is obliged, among others, to maintain banking secrecy, insofar as bank client data is concerned, and data protection.
PBB only passes on personal data to third parties if there is a legal basis for doing so, if the data subject consents (e.g. in order to be able to carry out a financial transaction) or if PBB is obliged or authorized to provide the information. Under these conditions, recipients of personal data may include:
A data transfer to parties in countries outside of Switzerland (third countries) takes place as far as this:
The recipients of personal data mentioned in Section 4 may be located in Switzerland, but also abroad. Personal data may be processed anywhere in the world. If a recipient is located in a country without adequate data protection (e.g. USA), PBB shall oblige the recipient to comply with adequate data protection by completing recognized standard contractual clauses (e.g. consent, completing or performance of a contract, protection of overriding public interests, enforcement of legal claims or if the data is generally accessible and the data subject has not objected to its processing).
PBB processes personal data for as long as is necessary for the fulfilment of its legal and contractual obligations, taking into account the fact that the business relationship with a data subject is usually a continuing obligation lasting several years. If the data are no longer required for the fulfilment of the obligations, they are – as far as technically possible – regularly deleted, unless their temporary further processing is required for the following purposes:
PBB uses appropriate technical and organizational measures to protect personal data. These include the use of authentication and encryption technologies, firewalls, anti-virus protection, physical and technical access restrictions, security controls for internal and external IT services, and training and awareness-raising for employees and service providers.
Every data subject has the right to information, correction, deletion, restriction of processing, revocation and the right to data portability with regard to the personal data concerning him or her within the scope of the applicable data protection law. In addition, the data subject has a right of appeal to the competent data protection supervisory authority.
The data subject may revoke the consent to the processing of personal data at any time vis-à-vis PBB. The revocation is effective for the future and does not affect the legality of the data processed prior to the revocation. Upon revocation, the personal data of the data subject will no longer be processed for the relevant purpose, unless overriding private or public interests or the law permit further processing. The same applies if the data subject objects to data processing.
The data subject may exercise the rights by e-mail or letter, enclosing a copy of the ID or passport, to the office mentioned above. These rights are subject to legal requirements and restrictions (e.g. personal data cannot be deleted if there is a duty to retain it). PBB will inform the data subject of any restrictions.
Personal data required for the establishment and fulfilment of the business relationship must be provided. Without this personal data, PBB cannot conclude a contract with the data subject, provide the requested service or make products available. Furthermore, PBB may be required by law to collect personal data. In particular, PBB must comply with money laundering regulations, identify the data subject by means of an identification document prior to the establishment of the business relationship and collect and record details such as name, place of birth, date of birth, nationality, address and identification data. To enable PBB to comply with these legal obligations, the person concerned must provide PBB with the necessary information and documents in accordance with the Anti-Money Laundering Act and notify PBB immediately of any changes during the course of the business relationship. If the person concerned does not provide the documents and information, PBB cannot enter into or continue the business relationship.
As a matter of principle, PBB does not make any individual decisions that are based exclusively on the automated processing of personal data and that entail a legal consequence for the data subject or significantly affect him. Otherwise, PBB will inform the data subject in accordance with the legal requirements and grant the corresponding rights. Specifically, the data subject may then state his or her position and request that the decision be reviewed by a natural person.
PBB processes personal data automatically in individual cases in order to evaluate certain personal aspects of the customer (profiling). For example, we use profiling in the following cases:
PBB only uses technically necessary cookies to ensure that the Bank’s website is available in full.
Zurich, September 1, 2023
Privatbank Bellerive AG
Tel. +41 44 388 64 64
Fax +41 44 388 64 00
How we think.
Who we are.
What we do.
How to contact us.
© 2023. Privatbank Bellerive AG