PRIVACY POLICY
This Privacy Policy was last updated on January 22, 2022.
ACOLIN Fund Services AG aims to protect the privacy of every current, prospective, and former client as far as possible. This Privacy and Cookies Policy (the “Policy”) describes the type of personal data we may collect, the purposes for which we use the personal data, the circumstances in which we may share the personal data and the steps we take to safeguard the personal data to protect your privacy.
I. Data Controller:
ACOLIN Fund Services AG (Fundbase or Controller), Leutschenbachstrasse 50, 8050 Zurich, Switzerland, fundbase@acolin.com
EU representative: ACOLIN (Slovakia), s.r.o., Mlynské nivy 5, 821 09 Bratislava, Slovakia, fundbase@acolin.com
II. What categories of Personal Data do we process?
Fundbase processes the following categories of Data Subjects‘ data (including but not limited to): Basic Personal Data including Contact Details (e.g. name, address, email, phone number); Financial Details (e.g. bank account); Identification and Background Checks (e.g. IP address); Business Activities; (Personal Data).
Fundbase may obtain personal data from you in the context of our business relationship. We also process personal data that we obtain from publicly accessible sources where it is necessary to provide our services (e.g. commercial registers, internet) or from other third parties.
III. What are the purposes of the processing?
Fundbase processes Personal Data for the following intended purposes:
- Entering into agreement and performance thereof (e.g. provision of the services, communication, processing of payments, handling your requests); Pre-contract relations;
- Marketing;
- Accounting;
- Fulfilment of other Fundbase’ statutory duties (e.g. towards tax office);
- Litigation (in the case of a trial);
- Prevention, detection and investigation of illegal activities.
Fundbase.com uses cookies. For more information see Cookies policy.
IV. Legal basis for processing
Fundbase is entitled to process Personal data when the laws so provide. In this case, Fundbase doesn’t need your consent to the processing and you are obliged to disclose them to Fundbase. In case of non-provision of such data, Fundbase won’t enter into a contract with you.
Fundbase processes personal data in order to enter into a contract with you and execute thereof. If you refuse to provide such data Fundbase won’t enter into a contract with you or won’t be able to fulfil its obligations.
Fundbase processes personal data in furtherance of its legitimate interests in operating its services, websites and business. Some personal data may be processed upon your consent. Where the data is processed on the consent basis you are entitled to withdraw your consent at any time, without affecting the lawfulness of the processing prior to its withdrawal.
You can find more details on the legal basis for processing in Annex A.
V. Categories of designated data recipients
Fundbase may disclose Personal Data to the following recipients for the abovementioned purposes insofar as it is legally permissible or necessary to do so, and to the extent that disclosure is required or legal:
- employees, contractors, consultants,
- other companies within Fundbase Group (“Group companies”)
- public authorities (e.g. FINMA, Tax Office),
- other services providers, sub-processors,
- other third parties.
For more details see Annex A.
Fundbase also discloses some Personal Data to Fundbase Platform Registered Users upon data subject explicit consent based on Terms of use, Listing Policy and Reverse Solicitation Policy.
VI. Data transfer to recipients outside of Switzerland
Personal Data may be transferred to member states of the European Union (EU) or the European Economic Area (EEA) or other countries which ensure an adequate level of protection. Fundbase may transfer personal data to recipients in other countries which must provide appropriate safeguards and under the condition that enforceable data subjects rights and effective legal remedies for data subjects are available. Fundbase intends to transfer data to the recipients in the following countries:
- Slovakia – Outsourcing partners, Service providers, Public Authorities (e.g. Office for Personal Data Protection of Slovak republic)
- Ireland – Service or SW Providers;
- USA – Service or SW Providers;
For more details see Annex A.
Fundbase also discloses specific data to Fundbase Platform Registered Users, who may be located in the third countries not ensuring adequate protection of Personal Data, upon data subject-specific consent based on Terms of use, Listing Policy and Reverse Solicitation Policy.
VII. Data retention periods
Fundbase will store Personal Data as long as reasonably necessary for the above-mentioned purposes. Some retention periods are set out by applicable law. In relation to the marketing purpose, Fundbase will cease the processing once you unsubscribe from the receiving of any marketing materials or communication.
VIII. Protection of your personal data
Fundbase has implemented appropriate technical and organisational security measures to protect your Personal Data against loss, accidental or unlawful destruction or alteration, unauthorized disclosure of, or access to Personal Data.
Payment or bank details are transmitted, after we authenticate your details, to the webserver using a 'secure form' in which your details are encrypted using the most secure encryption level available (our extended security validation is highlighted with a green bar in the browser). You should notify us immediately if you have any reason to suspect that someone else may be using your details. An encryption certificate can be viewed by double-clicking on the padlock icon displayed within the web browser window when you are on a secure page.
IX. Your rights
You are entitled to request from Fundbase access to, correction, update, erasure of personal data or restriction of processing or to object to the processing as well as the right to data portability. You can submit your request in a written form or electronically (see contact details in Art. I above). Please, don’t forget to identify yourself sufficiently otherwise Fundbase won’t be able to handle your request.
- Right of access by data subjects The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.
- Right to restriction of processing The data subject has the right to obtain from the controller restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,
- the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead,
- the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims,
- the data subject has objected to processing pursuant to the following paragraph pending the verification of whether the legitimate grounds of the controller override those of the data subject.
- Right to object The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on the
- performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or
- legitimate interests pursued by the controller or by a third party,
- Right to erasure (‘right to be forgotten’) The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
- the data subject objects to the processing pursuant to paragraph 3 of this Article and there are no overriding legitimate grounds for the processing,
- the personal data have been unlawfully processed,
- the personal data has to be erased for compliance with a legal obligation under Swiss, EU or other applicable law to which the controller is subject,
- the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of EU General Data Protection Regulation (GDPR),
- Right to data portability The data subject has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where
- the processing is based on consent or on a contract and
- the processing is carried out by automated means.
- Right to file a complaint with a supervisory authority The data subject has the right to file a complaint with a supervisory authority, in particular in the state of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes applicable laws.
X. Age limitations
Fundbase does not knowingly collect personal data from natural persons under the age of 18 via the Fundbase website or Fundbase’s generally accessible contact details. If we determine we have collected personal data from a person younger than 18 years of age, we will take reasonable measures to remove that data from our systems. If you are under the age of 18, please do not submit any personal data to us. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this provision by instructing their children never to provide personal data without their permission.
XI. Final provisions
This Policy shall also serve as the information on personal data processing for data subjects in accordance with the EU General Data Protection Regulation (GDPR). Fundbase reserves the right to change this Policy from time to time. Please check this Policy frequently and particularly before you submit additional personal data to Fundbase. All revisions to this Policy will be published on www.fundbase.com.
Annex A
LEGAL BASIS FOR PROCESSING
PurposeData CategoriesLegal basis Entering into contract and performance thereof Basic Personal Data; Professional Details, Financial Details; Identification and Background Checks; Business Activities; Performance of the contract or Pre-contract Relations Accounting Basic Personal Data, Financial Details Compliance with/fulfilment of the legal obligation to which the controller is subject Marketing Contact details Controller’s Legitimate Interest in promoting its services or products to existing clients or prospective clients who voluntarily provided their contact details; you can unsubscribe from receiving any marketing materials or communication; if the processing is consent-based you may withdraw your consent anytime. Fulfilment of other Controller’s statutory duties (e.g. towards tax office) Basic Personal Data; Financial Details, other relevant data categories Compliance with/fulfilment of the legal obligation to which the controller is subject Litigation (in the case of a trial) Basic Personal Data, other relevant data categories Controller’s Legitimate Interest in the protection of its rights Prevention, detection and investigation of illegal activities Basic Personal Data, other relevant data categories Controller’s Legitimate Interest in the protection of its rightsLIST OF RECIPIENTS
(PROSPECTIVE) PROCESSORS
(individuals or legal entities) processing personal data on behalf of Fundbase:
ProcessorsPurpose of processing ACOLIN Group, Switzerland and its affiliates - ACOLIN Holding AG, Switzerland, ACOLIN Fund Services AG, Switzerland, ACOLIN InfoTech AG, Switzerland, ACOLIN (Slovakia) s.r.o., Slovakia, ACOLIN Europe AG, Germany, ACOLIN InfoTech d.o.o., Serbia, ACOLIN (UK) Limited, United Kingdom, GFA S.A., Luxembourg Outsourcing partner for the provision of the services Suppliers, Consultants, Subcontractors Provision of the Services SW providers Provision of the SW and related servicesOTHER (PROSPECTIVE) RECIPIENTS WITHIN SWITZERLAND:
RecipientPurpose of processingThe legal obligation imposed by Tax Offices Tax Administration Tax Legislation Courts, other judicial authorities, criminal justice authorities (law enforcement) Civil or Criminal Proceedings Swiss Civil Procedure Code, Swiss Criminal Procedure Code Federal Data Protection and Information Commissioner Protection of personal data Federal Act on Data Protection Auditors Conducting Audits Code of Obligations, Federal Act on the Licensing and Oversight of Auditors FINMA Financial Markets Supervision Federal Act on the Swiss Financial Market Supervisory AuthorityTRANSFER TO THIRD COUNTRIES (OUTSIDE OF SWITZERLAND)
CountryAdequacy of protection where data is transferred to the third country EEA Adequate USA Protection adequate by Swiss – U.S. Privacy Shield* and/or EU-U.S. Privacy Shield* Participant otherwise ensured via standard data protection clauses or otherwise*The Privacy Shield Principles lay out a set of requirements governing participating organizations’ use and treatment of personal data received from the EU and/or Switzerland. By joining the Privacy Shield, participants make a commitment to comply with these principles that are enforceable under U.S. law
COOKIES POLICY
1. What cookies does Fundbase use and why
Cookies are small text files, which often include a unique identifier that is sent by a web server to your computer, mobile phone or any other internet-enabled device (“device”) when you visit a website. Cookies are widely used in order to make websites work efficiently and help provide us with business and marketing information to enable us to make informed decisions on the development of our websites. We use three main types of cookies.
'Performance' cookies
These help us see how you use our website e.g. which pages you visit. These cookies don't collect any information that could identify you – all the information collected is anonymous and is only used to help us improve the performance of our website, understand what interests our users and measure how effective our advertising is.
We use performance cookies to:
- analyze the performance of our website;
- help us improve the website by measuring any errors that occur;
- see how effective our adverts are (this isn’t shared with 3rd parties).
Performance cookies will not be used to:
- remember your preferences after your current visit;
- target advertising to you on any other website.
Sometimes cookies are managed for us by third parties, but we don't allow the third party to use the cookies for any purpose other than those listed above.
By using our site you accept the use of 'Performance' cookies.
‘Identification' cookies
These are used to help us customize website content based on your selections.
We use identification cookies to:
- remember choices you have made such as identifying yourself;
- show you when you're logged in to the website.
Identification cookies will not be used to:
- target you with adverts on other websites.
You can control whether or not these cookies are used, but preventing them may mean you are unable to access certain features or services. Preventing these cookies may stop us from remembering that you didn't want a specific feature or service.
By using our site you accept the use of 'Identification' cookies.
‘Targeting’ cookies
These are used to send you relevant information and see which content you use.
We use targeting cookies to:
- send you customized news content via email;
- track which content you use.
Targeting cookies will not be used to:
- target you with adverts on other websites.
By using our site you accept the use of 'Targeting' cookies.
2. Third-party cookies
There are a number of third parties which provide Fundbase with content and functionality on our website, some of these providers will use cookies to ensure the particular areas on the site work. None of these cookies is “targeting” cookies. The site also has Social Interaction links (such as LinkedIn, Facebook or Youtube). Fundbase does not control any cookies that may be sent when using these external websites. For more information on these, it is advised to check their cookie policies.
3. How to control and/or delete cookies
It is possible to remove cookies or block them from recording this information. This is generally found within the Options menu then the Privacy section of your particular browser. Each browser is slightly different and constantly updating. For more information consult the Help menu for your browser. This information has been provided to show our commitment to legislation regarding cookie awareness so that you can understand what cookies we use and why we use them. This ensures transparency in the data collected on you.
4. Further information
Information about cookies: http://www.allaboutcookies.org
QUESTIONS
If you have any questions or complaints relating to the Policy or how we use the personal information we have about you, please contact us at fundbase@acolin.com, and we will endeavour to respond to you promptly.
© 2022 Fundbase. All rights reserved.