Privacy Policy

Dear Customer, Dear interested Parties,

Thank you for your interest in our company and the services and products we offer.

Crypto Finance (Brokerage) AG, Crypto Finance (Infrastructure Services) AG and Crypto Finance (Asset Management) AG (hereinafter referred as CFG) take the protection of your personal data very seriously. Data protection has a particularly high priority for CFG.

Our team of selected and experienced specialists is familiar with the requirements of data protection law. They implement them with due care and in accordance with our high quality standards.

The confidential and responsible handling of personal data from our relationships with customers, business partners, personnel or job applicants and suppliers forms the basis of our entrepreneurial success. We therefore adhere to the following principles when handling personal data:

  • Confidentiality and fairness
  • Compliance with our corporate guidelines
  • Compliance with all applicable laws and regulations

1. Name and address of the controller and the data protection officer (Impressum)

The controller within the meaning of the Swiss Data Protection Act (DPA) is:

Crypto Finance AG, Bahnhofplatz, CH-6300 Zug

Phone: +41 (0)41 552 45 05

Website: Crypto Finance Group

UID: CHE-188.012.907 (registered in the Commercial Register ZefixWebApp )

Data Protection Officer (DPO)

Crypto Finance AG, Bahnhofplatz, CH-6300 Zug

Phone No: +41 (0)41 552 45 05, 08.00-17.30h (every working day)

E-Mail: dataprotection@cryptofinance.ch

2. Position of the DPO

CFG in its additional function as DPO, shall ensure that the DPO is properly involved at an early stage in all matters related to the protection of personal data and is supported by the controller in the performance of its tasks.

The independence of the DPO and his professional qualification as well as the expertise in the field of data protection law and practice to fulfil his tasks are guaranteed.

3. Data protection - general information

CFG treats your personal data confidentially and in accordance with the statutory data protection regulations, in particular in accordance with the Swiss Federal Act of Data Protection (FADP or DPA) and this data protection declaration.

CFG processes personal data about the contractual partner in direct connection with the conclusion or execution of a contract (justification).

As a rule, the use of our website is possible without providing personal data. However, if a data subject wants to use special services of our enterprise via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we will obtain the consent of the data subject in an appropriate form after providing adequate information.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps despite the high security requirements we have created. Complete protection of data against access by third parties is not possible.

As the (natural) person concerned, it is in your personal interest to secure the system(s) you use (PC, laptop, etc.) against unauthorized access by third parties, to provide it with sufficient password protection and not to pass the password on to third parties. Please install a virus protection (“Internet Security”) designated in the market and update it at regular intervals.

4. Collection of general data and information

The website of CFG companies collects a series of general data and information every time a data subject or automated system calls up the website. This general data and information is stored in the log files of the server.

The following data may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information which serve to avert danger in the event of attacks on our information technology systems.

When using these general data and information, CFG does not draw any conclusions about the data subject. Rather, this information is needed (1) to deliver the contents of our website correctly, (2) to optimize the contents of our website and the advertising for these, (3) to ensure the long-term operability of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. Therefore, the CFG analyzes anonymously collected data and information on one hand for statistical purposes and on the other hand for the purpose of increasing the data protection and data security of our enterprise, so as to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a data subject.

5. Definitions

The data protection declaration of CFG bases on the definitions used by the legislator for the adoption of the Data Protection Act (DPA).

Our data protection declaration should be easy to read and understand for the public as well as for our customers, interested parties and business partners. To ensure this, we explain the terms used. You can find these terms under the link Definitions.

6. Cookies

Some of the internet pages, including those of CFG, use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

7. Apps, QR-Code and similar applications

When you scan a QR code, the external service provider that creates our QR codes on our behalf may store certain information from your mobile device (such as your mobile device identifier and IP address). The service provider uses this information solely on our behalf and for the purpose of providing anonymized statistical analysis about visitors to our website and users of our services.

8. Server-Log-Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version;
  • operating system used; referrer URL;
  • host name of the accessing computer;
  • time of the server request.

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.

9. Contact option via the website

If you send us enquiries via the contact form or e-mail, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

10. Newsletter order, data and revocation

If you would like to receive the newsletter offered on the website, we require a valid e-mail address intended for your direct access as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter (so-called confirmation e-mail in the “double opt-in procedure”). No further data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the link provided for this purpose in the newsletter.

11. Newsletter-tracking (tracking pixel)

CFG newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, CFG may see if and when an e-mail was opened by a data subject, and which links contained in the e-mail were called up by the data subject.

Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the person responsible for the processing or the electronic portal of a third-party provider commissioned by the latter, in order to optimize the newsletter dispatch and to adapt the content of future newsletters even better to the interests of the data subject. This personal data will not be passed on to third parties; nor will it be used for any other purposes outside those stated above.

Consent

The recipient of our newsletter consents to this form of data processing based on the information provided above by accepting the privacy policy.

In the event of a withdrawal by the data subject, this personal data shall be deleted by the controller. CFG automatically regard a withdrawal from the receipt of the newsletter as a revocation. CFG thereby unilaterally initiate the aforementioned measures.

12. SSL-Encryption

For security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator, this site uses SSL encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

13. Right to information

As a natural person concerned, you have the right to obtain information free of charge at any time about whether personal data about you is being processed. The corresponding form for providing information is available here.

You will receive the information that is necessary to enable you to assert your rights under the Data Protection Act and to ensure transparent data processing.

Content of the information

  • the identity (company) and contact details of CFG (see CFG homepage and privacy policy);
  • the personal data processed as such;
  • the purpose of the processing;
  • the retention period of the personal data or, if this is not possible, the criteria for determining this period;
  • the available information on the origin of the personal data, insofar as it has not been collected from the data subject;
  • if applicable, the recipients or categories of recipients to whom personal data are disclosed

CFG does not process personal data on the basis of an automated individual decision.

14. Restrictions on the right to information

CFG may refuse, restrict or postpone the disclosure of information, in particular if a law in the formal sense provides for this, namely in order to protect a professional secret (business secret); this is necessary due to the overriding interests of third parties; or the request for information is obviously unfounded, namely if it pursues a purpose contrary to data protection, or is obviously querulous.

CFG shall state why it refuses, restricts or postpones the surrender or transfer.

As a data subject, you may request that inaccurate personal data be corrected unless:

    1.  a legal provision prohibits the change;
    2.  the personal data is processed for archiving purposes in the public interest.

The data subject may, by means of an action for the protection of personality under the Swiss Civil Code (CC/ZGB), in particular demand that:

    1.  a certain data processing is prohibited
    2.  a specific disclosure of personal data to third parties be prohibited; personal data be deleted or destroyed.

15. Objection to advertising mails

The use of contact data published within the scope of the imprint obligation to send advertising and information material that has not been expressly requested is hereby prohibited. CFG expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

16. Data protection in applications and the application process

The person responsible for processing collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also be carried out electronically. This is in particular the case when an applicant submits relevant application documents to the controller by electronic means, for example by e-mail with pdf files or other file types as attachments via a web form located on the website.

For the application process CFG works together with an internationally recognized system provider and its online software application to assist with our recruitment process. We use this software to process personal information as a data processor on our behalf. The system provider is only entitled to process your personal data in accordance with our instructions.

Where you apply for a job opening posted by us, these privacy notice provisions will apply to our processing of your personal information in addition to our other privacy notice which has been provided to you separately or is available on our website.

Where you apply for a job opening via the application function on a job site or similar online service provider (“Partner”), you should note that the relevant Partner may retain your personal data and may also collect data proceeds data (including collect data) from us in respect of the progress of your application. Any use by the Partner of your data will be in accordance with the Partner’s Privacy Notice. The partner has the same high standard in terms of data protection and data security as our standard is (“GDPR Compliance”).

If the data controller concludes an employment contract with an applicant, the transmitted data will be stored at CFG companies for the purpose of processing the employment relationship, in compliance with the statutory provisions and securing access for unauthorised employees and third parties.

If the data controller does not conclude an employment contract with the job applicant as the data subject, the application documents shall be deleted automatically and without further notice to the job applicant 12 months after the notification of the rejection decision, provided that no other legitimate interests of the data controller prevent such deletion. Other legitimate interests in this sense are, for example, obligations to provide evidence in proceedings under the Equal Treatment Act (“Gleichstellungsgesetz”/GlG).

17. Registration function

The data entered as part of a registration will be used for the purposes of using the offer. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical circumstances. The data collected can be seen from the input mask within the scope of registration. This includes, for example, name, postal address, e-mail address, IP address and their purpose.

18. Social Media Buttons

If functions (plug-ins) of third-party providers or social media platforms (Facebook, Twitter, LinkedIn, Google+, etc.) are integrated on the CFG website, these plug-ins enable the user to share content on the aforementioned social networks. When the website is called up, the buttons are deactivated by default. This means that no personal data is transmitted to the respective third-party providers without the user’s intervention. After the user has activated the buttons, the plug-ins automatically transmit data, including personal data, to the corresponding third-party provider. If the user is logged into the network of the respective third-party provider at the same time as visiting the website, the provider can assign the visit to the user’s network account. CFG have no influence on this. The purpose and scope of this data collection and the further processing and use of personal data are set out in the data protection information of the respective social networks. Users can also obtain information on rights and setting options regarding the protection of privacy there.

19. Facebook-Plugins (Like-Button)

If Plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages you can recognize the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: Social Plugins – Documentation – Facebook for Developers.

When you visit our pages, a direct connection may possibly established between your browser and the Facebook server via the plugin. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages on your Facebook profile. This allows Facebook to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook.

You can find more information on this in Facebook’s privacy policy at: Facebook.

If you do not want Facebook to be able to assign your visit to our pages to your Facebook user account, please log out of your Facebook user account.

20. Twitter

If functions of the Twitter service are integrated on our pages these functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transferred to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

Here you can find more information on Twitter’s data protection declaration.

You can change your Twitter privacy settings in the account settings.

21. LinkedIn

Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website with you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.

Here you can find more information on LinkedIn’s privacy policy.

22. XING

Notices to functions of the XING network. The provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. Each time one of our pages containing XING functions is called up, a connection to XING servers is established. As far as we are aware, no personal data is stored in this process. In particular, no IP addresses are stored or usage behaviour evaluated.

Further information on data protection and the XING Share button can be found in the XING privacy policy.

23. Google-AdSense

Notices to Google AdSense, a service for integrating advertisements of Google Inc. (“Google”). Google AdSense uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. Google AdSense also uses so-called web beacons (invisible graphics). Through these web beacons, information such as visitor traffic on these pages can be analyzed.

The information generated by cookies and web beacons about the use of this website (including your IP address) and delivery of advertising formats will be transmitted to and stored by Google on servers in the United States. This information may be passed on by Google to contractual partners of Google. However, Google will not merge your IP address with other data stored by you.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

24. Google Analytics

Notices to Google Analytics, a web analytics service provided by Google, Inc. (“Google”). The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site.

The information generated by cookies about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymisation is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area..

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the installation of cookies by setting your browser software accordingly, by downloading and installing the browser plugin available under the following link: Download Browser-Add-on Deactivation Google Analytics .

However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

You can find more information on the handling of user data by Google Analytics in Google’s privacy statement.

25. Google +

Notice to the use of Google+ functions. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

You can use the Google +1 button to publish information worldwide. Via the Google +1 button, you and other users receive personalized content from Google and its partners. Google stores both the information that you have given +1 for a content and information about the page you were viewing when you clicked +1. Your +1s can be displayed as notices together with your profile name and photo in Google services, such as in search results or in your Google profile, or in other places on websites and advertisements on the internet.

Google records information about your +1 activities in order to improve Google services for you and others.

In order to use the Google +1 button, you need a globally visible, public Google profile, which must at least contain the name chosen for the profile. This name is used in all Google services. In some cases, this name may also replace another name you used when sharing content via your Google Account. The identity of your Google profile may be displayed to users who know your email address or who have other identifying information about you.

In addition to the purposes explained above, the information you provide will be used in accordance with the applicable Google privacy policy. Google may publish aggregate statistics about users’ +1 activities or share these statistics with our users and partners, such as publishers, advertisers or affiliated websites.

26. YouTube

Our website may use plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established.

This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Further information on the handling of user data can be found in YouTube’s privacy policy.

27. Integration of third-party services and content

Despite CFG great care, it can’t be ruled out that third-party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites are integrated within CFAG’s online offerings. This always presupposes that the providers of this content (hereinafter referred to as “third-party providers”) are aware of the IP address of the user.

The IP address forms a necessary basis for the third-party providers to send the content to the browser of the respective user. The IP address is thus necessary for the presentation of this content. We endeavour to only use content whose respective third-party providers only use the IP address to deliver the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. Insofar as this is known to us, we inform the users about this.

28. Objection to advertising e-mails

CFG hereby object to the use of contact data published within the scope of the imprint obligation for the purpose of sending advertising and information material that has not been expressly requested. CFG and the other operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.

29. Applicable law and place of jurisdiction

For the website of CFG with their registered office in Switzerland, Swiss (data protection) law is exclusively applicable, unless other mandatory law, in particular the EU General Data Protection Regulation (GDPR), applies to the natural person concerned.

For all possible disputes between you as a visitor and user of the website of CFG, which arise from the operation or the visit of the websites, the court at the registered office of CFG (Switzerland) is exclusively responsible, unless another mandatory jurisdiction is applicable for the natural person concerned.

30. Changes to this privacy policy

CFG is entitled to change this privacy statement if necessary. If changes are made to the statement, it may take up to 30 business days for new privacy practices to be implemented by CFG or for the necessary processes to be implemented. Please visit this page periodically to identify any changes. In the event of changes, we will draw your attention to them in particular (short message).

31. Scope and amendment of the privacy policy

This Privacy Policy applies to all companies of CFG, i.e. to all dependent group companies as well as affiliated companies and their employees. Dependent in this sense means that CFG, directly or indirectly, due to the possession of the majority of voting rights, a majority in the company management or an agreement, can demand that this data protection declaration and thus the resulting obligations are taken over by the aforementioned companies. The data protection declaration covers all processing of personal data. In countries where data of legal entities are protected in the same way as personal data, this data protection declaration also applies in the same way to data of legal entities or partnerships. Anonymized data, e.g. for statistical analysis or research, is not subject to this Privacy Policy. The individual companies covered by this privacy policy are not entitled to make any arrangements that deviate from the level of protection provided by this privacy policy.

32. Consent to the Data Privacy Policy (Protection Statement)

The Purchaser or the Customer fully accepts the contents of the Data Privacy Policy as updated from time to time. The Data Privacy Policy shall take precedence over the General Terms and Conditions of CFG (GTC) in the event of any contradictions.

For the most current version of the Data Privacy Policy look at CFG’s website.

33. Legal notice / Disclaimer

CFG does not assume any liability with regard to the correctness and completeness of the content of the information.

Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.

All offers published in digital or electronic form by CFG companies are non-binding. CFG companies expressly reserves the right to change, supplement or delete parts of the pages or the entire offer without prior notice or to discontinue the publication temporarily or permanently.

34. Liability for links

References and links to third-party websites are outside the responsibility of CFG. Any responsibility for websites of third parties, i.e. outside the companies belonging to CFG companies, is rejected. Access to and use of such websites is at the user’s own risk.

All offers published in digital or electronic form by CFG companies are non-binding. CFG companies expressly reserves the right to change, supplement or delete parts of the pages or the entire offer without prior notice or to discontinue the publication temporarily or permanently.

35. Copyright / Intellectual Properties

The copyright and all other rights to the content, images, photos or other files on CFG website belong exclusively to CFG and its affiliated companies, their suppliers or the specifically named rights holders. The written consent of the respective copyright holder must be obtained in advance for the reproduction or use of any elements.

 

Last updated on: June 2022