This policy is aimed at describing the conditions under which CA Indosuez (Switzerland) SA (hereafter known as the "Bank") may collect and process, in the course of its activities, the personal data of any data subject, particularly its clients and users of this Site.
Learn more about important personal data protection concepts: click here
In the course of its activities, the Bank may process, whether automatically or not, personal data of natural persons: existing and potential clients, users of this Site (when they fill out online forms provided to them on this Site) and any other natural person (such as an agent, executive or beneficial owner), these people all being individually known below as the "Data Subject".
Personal data regarding Data Subjects which the Bank collects or processes, acting as controller or joint controller, is necessary for it to meet its legal or regulatory obligations, to enable the execution of pre-contractual measures or contracts to which the Data Subject is a party and/or to pursue the Bank's legitimate interests, while respecting the rights of the Data Subject. When such data is collected for other purposes, the Bank must first obtain the consent of the Data Subject.
With regard to Data Subjects who are clients, the Bank uses their personal data to offer them personalised offers and advice, higher-quality service and every element they need to help them make the best decisions.
In the absence of certain information regarding a client that is needed to perform a service, the Bank will not be able to provide him or her the benefit of the service for which that data has been required.
The clients of the Bank are requested to pass this policy, respectively the information it contains, to all the Data Subjects who are related to them (hereafter known as the “Related Persons”).
Purposes of personal data processing
The personal data of Data Subjects may be processed, primarily for the purposes mentioned below.
The Data Subject can, by clicking on each of the items below, access detailed information on how his or her personal data is used, both with respect to the purposes of the processing and the legal bases that enable the Bank to process his or her data.
Storing personal data
This personal data is processed and stored for as long as needed for the intended purpose, and no longer than for a period corresponding to the duration of the contractual or business relationship, plus whatever time is needed for the liquidation and consolidation of rights and for the statutes of limitations and legal remedies to lapse.
To meet its legal obligations or respond to requests from regulators and administrative authorities, as well as for the purposes of historical, statistical, or scientific research, the Bank may archive the data under the conditions set out by applicable regulations.
Rights of the Data Subject
The Data Subject, at all times, has the following rights, under the conditions and subject to the limitations set out by applicable regulations:
The Data Subject may also, at any time and without justification, oppose the use of his or her data for the purposes of commercial prospecting, including profiling1 when it is linked to that purpose, by the Bank or by third parties, or when the processing is legally based on consent, withdraw his or her consent, by writing a letter to the Data Protection Officer (see below the section entitled “Data Protection Officer”).
The Data Subject may exercise his or her rights by contacting the Data Protection Officer, whose contact information appears below in the section entitled "Data Protection Officer".
The Data Subject is informed that exercising some of the aforementioned rights may prevent the Bank from providing him or her with certain products or services in some cases.
Profiling and automated individual decisions
The Bank may evaluate certain characteristics of Data Subjects based on personal data processed automatically (profiling), in particular to provide the Data Subjects with personalised offers and advice or information on its products and services or those of its affiliates and commercial partners. The Bank may also use technologies allowing to identify the level of risks linked to a Data Subject or to the activity of a bank account.
Moreover, the Bank, in principle, does not resort to automated decision-making within the framework of its business relationships with the Data Subjects. Should the Bank do this, it would comply with applicable legal and regulatory requirements.
Data Protection Officer (DPO)
The Bank has designated a Data Protection Officer, whom the Data Subject may contact at the following address:
CA Indosuez (Switzerland) SA
Data Protection Officer
Quai Général-Guisan 4
Case Postale 5260
1211 Genève 11
Representative within the EU
The Bank has designated a Representative within the EU, whose address is the following:
CA Indosuez Wealth (Group)
Data Protection Officer
12 Place des Etats-Unis
92545 Montrouge CEDEX
Complaints to authorities
The Data Subject may, in the event of a dispute, file a complaint with the competent local authority.
Transferring personal data
Personal data collected by the Bank in accordance with the agreed purposes may, during various operations, be transferred outside of Switzerland.Whenever it is transferred to a country that does not appear on the list of the Federal Data Protection Commissioner and/or that has not received an adequacy decision from the Federal Council, safeguards are put in place to ensure the protection and security of that data.
Furthermore, the Data Subject is hereby informed that his or her personal data may be sent to the recipients mentioned below in the section entitled "Communication to third parties".
By contacting the DPO, the Data Subject may access detailed information on his or her rights and how his or her personal data is being used, in particular with respect to the purposes of processing, the legal bases that enable the Bank to process the data, its storage periods, its recipients and, if applicable, its transfers to countries outside of Switzerland as well as the safeguards implemented.
Banking and professional secrecy
The transactions and personal data of Data Subjects are covered by banking and professional secrecy, to which the Bank is bound in accordance with its legal and regulatory obligations.
This policy addresses how the Bank collects and processes the personal data of the Data Subjects. This policy is applicable in addition to the General Terms and Conditions. In case of contradictions, the General Terms and Conditions take precedence over this policy.
Communication to third parties
If it is necessary or useful to reach the purposes to be achieved, the Bank reserves the right to disclose or make accessible the personal data in particular to the following recipients, provided that this is authorised or required :
legally authorised judicial or administrative authorities (for example, financial supervisory authorities) or financial market participants (for example, third party or central depositaries, brokers, stock exchanges and registers).
The Bank reserves the right to transfer personal data to third parties other than those mentioned above, in particular if the transfer is required by the applicable law.
1"profiling": any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.