Data ProtectionDeclaration

1. General
This data protection declaration tells you how Aquila AG (“Aquila”) processes personal data.

The term “Personal Data” means all information relating to a particular or identifiable natural person or legal entity. The term “Processing” means any use of personal data, whatever means and procedures may be employed, in particular the procurement, storage, use, amendment, notification, archiving, erasure or destruction of personal data.

Further rules (e.g. Conditions of use) apply to certain types of data processing, e.g. for the purpose of contracting with Aquila or in connection with Aquila websites (“Aquila websites”). These will be found in the relevant contracts or on the appropriate webpages. In addition, the General Terms and Conditions of Business (AGB) contain general information about data protection, in particular in relation to the performance of contracts in the banking sector.

2. Data security
On the basis of the applicable laws, in particular through bank customer secrecy and data protection law, Aquila undertakes to protect personal data and privacy. Aquila takes various technical and organisational security measures for that purpose (e.g. access restrictions, firewalls, personalized passwords as well as encryption and authentication technologies, employee training etc.).

3. Categories of personal data
Aquila processes the following categories of personal data. In every case, as few items of personal data as possible will be processed.

Data of Aquila partners, such as

  • master and inventory data (e.g. name, address, nationality, date of birth, professional track record);
  • technical data (e.g. business numbers, IP addresses, internal and external identifications, access reporting);
  • marketing data (e.g. preferences, needs)

Bank customer data, such as:

  • master and inventory data (e.g. name, address, nationality, date of birth, tax number, information about the account, custody account, transactions and contracts closed, information about third parties who are affected by data processing, e.g. spouses, authorised representatives and consultants);
  • transaction or order and risk management data (e.g. information on the beneficiaries of transfers, beneficiary bank, amount of transfers, risk and investment profile, details of investment products);
  • technical data (e.g. business numbers, IP addresses, internal and external identifications, access recording);
  • marketing data (e.g. preferences, needs).

Visitor and prospect data (e.g. visitors to Aquila or Aquila websites), such as:

  • master and inventory data (e.g. name, address, date of birth);
  • technical data (IP addresses, internal and external identifications, access recording);
  • marketing data (e.g. preferences, needs).

Supplier data, such as:

  • master and inventory data (e.g. name, address, date of birth, information about transactions and contracts closed);
  • technical data (IP addresses, internal and external identifications, access recording).

4. Origin of the personal data
To perform the purposes set out in Sec. 5, Aquila may acquire personal data from the following sources:

  • Personal data which are notified to Aquila, e.g. when opening business relations, for the performance of contracts, when products and services are used or on websites.
  • Personal data which occur when products or services are used and are transferred to Aquila by the technical infrastructure or by work-sharing processes, e.g. for payment transactions, securities trading, eBanking, on websites or in connection with cooperation with other financial or IT service providers, marketplaces and stock exchanges.
  • Personal data from third party sources, e.g. authorities or sanctions lists of the UNO and EU.

5. Purposes of processing
Aquila may process personal data to provide its own services and for its own purposes or for those prescribed by law. The following points in particular must be borne in mind here:

  • Closure and performance of contracts, implementation, processing and management of products and services (e.g. bookkeeping, tax returns, commercial register entries and changes, invoices, account openings, payments, financings, financial planning, investments, occupational benefits, insurance, consolidation).
  • Monitoring and control of risks (e.g. investment profiles, prevention of money laundering, limits, utilisation numbers, market, credit or operational risks).
  • Statistics, planning, business decisions (e.g. development of new services or analysis of existing services, products, processes, technologies).
  • Marketing, communication, information about the service offering and its verification (e.g. print and online advertising, events for customers and prospects or other events, ascertaining customers’ future needs, assessment of a customer, market or product potential).
  • Performance of statutory or regulatory information or reporting obligations to courts and public authorities, implementation of official instructions (e.g. reporting obligations to FINMA and foreign supervisory authorities, automatic exchange of information with foreign tax authorities, orders of attorney-generals’ offices in connection with money laundering and the financing of terrorism).
  • Safeguarding the interests and securing claims of Aquila, e.g. in the case of claims on Aquila or claims of Aquila against third parties.

6. Notification to third parties, categories of recipients
Aquila discloses customer data to the following third parties in the following cases:

  • For outsourcing pursuant to Sec. 7 and for the purpose of comprehensive customer care to other service providers.
  • For the performance of orders, i.e. when products or services are used, e.g. to service providers, stock markets or other marketplaces, reports of stock market transactions to (international) transaction registers.
  • Based on statutory obligations, for reasons of statutory justification or because of official orders, e.g. to courts, supervisory authorities, tax authorities or other third parties.
  • As far as is necessary to safeguard the justified interests of Aquila, e.g. when customers threaten or take legal action against Aquila, for public statements, to safeguard Aquila’s claims against customers or third parties, to collect Aquila claims etc.
  • With the consent of the persons concerned, to other third parties.

In particular when using certain products or services of Aquila, personal data may under certain circumstances have to be disclosed to third parties in countries in which there is no appropriate standard of data protection (e.g. USA). If transfer of data to such a country is necessary, Aquila will if possible take suitable measures to assure appropriate continuing protection of personal data.

7. Outsourcing of business areas or services

Aquila outsources certain business areas and services either in whole or in part to third parties (e.g. account keeping including payment transactions, custody account keeping, preparation of consolidation reports, fund limit verifications, definitions of fund limit rules, opening of Valoren numbers, updating restriction rules, IT systems etc.).

The service providers who process personal data for this purpose on behalf of Aquila (known as order processors) are chosen carefully. If at all possible, Aquila uses order processers who are domiciled in Switzerland. In certain cases the order processers are entitled to arrange for certain services (e.g. electronic data processing, securities transactions etc.) to be provided for them by third parties.

The order processers may only process personal data received by them to the same extent as Aquila does so itself and they are contractually required to safeguard the confidentiality, bank customer secrecy and security of the data.

Outsourcing by Aquila is effected in compliance with the circular on outsourcing by banks of the Swiss Financial Market Supervisory Authority (FINMA) in its latest edition.

8. Automated decisions in specific cases, including profiling
Aquila reserves the right in future to effect automated processing of customer data where necessary, in particular to identify important personal features of the customer, to predict developments and prepare customer profiles. This serves in particular to verify and develop offers and optimise the provision of services.

In future, customer profiles may lead to automated individual decisions (e.g. automated acceptance and performance of customer orders in eBanking). Aquila makes sure that a contact person is available if a person concerned wishes to comment on an automated individual decision and the possibility of making such a statement is required by law.

9. Use of websites and cookie policy
When a person visits Aquila websites, the webserver automatically records details of that visit (e.g. the website from which the visit is made, the visitor’s IP address, the Aquila website contents which are retrieved, including the date and duration of the visit). Such tracking data serve to optimise the Aquila website and indicate how the visitor is informed of the products and services and offers of Aquila and makes use of them. However, as a rule they do not enable the visitor’s identity to be determined. To that extent no personal data are processed.

However, if the visitor makes personal data available, e.g. by completing a registration form or notification field for newsletters etc., Aquila may additionally use such data for the purposes designated in Sec. 5, in particular as follows:

  • for customer and user administration;
  • to inform the visitor about services and products;
  • for marketing purposes (e.g. to despatch newsletters);
  • for technical “hosting” and for the further development of Aquila websites.

When Aquila websites are visited, the visitor’s data are transferred via the Internet, i.e. by an open network which is accessible to everyone. Data transferred by electronic media (including by e-mail) cannot be effectively protected against access by third parties. This creates the risks that the data may be disclosed or their content changed, that the identity of the sender (e.g. e-mail) and the content of the notification will be mirrored or manipulated in some other way by unauthorised persons, that viruses will be released, that technical transmission errors, delays or interruptions may occur, that data will be transferred abroad without control to a country where the data protection requirements may be less stringent than those that apply in Switzerland etc.

By using the Aquila website, the visitor confirms his express consent to this Data Protection Declaration and to the named risks.

By using the Aquila website, the visitor likewise declares his consent to the use of cookies. Cookies are small data files which are stored on the visitor’s computer to track the relevant website visit and navigation between different pages and/or to store settings (e.g. chosen language). The purpose of cookies is to gather statistical data about the frequency and time of visits to individual website areas and help to design customised, useful and user-friendly websites. The visitor may at any time decide against the use of cookies by deleting the cookies set by the Aquila website. Deletion is possible via the settings in the visitor’s internet browser.

On occasion, Aquila uses third party components (such as plug-ins) to improve the user experience and online advertising campaigns. These components may likewise use cookies for similar purposes. Neither these third parties nor Aquila have access to the data which are acquired by anyone else using cookies. Finally, Aquila also uses cookies in the context of its advertising on third party websites with which Aquila has marketing relationships. If third parties gather anonymised information about the use of the Aquila and other websites, Aquila may use such anonymised data to improve the effectiveness of its advertising.

This section of the present Data Protection Declaration applies only to data which Aquila receives on the basis of the use of Aquila websites. It does not apply to third party websites even if the visitor reaches such sites via links on an Aquila website. Aquila has no influence on the content and data protection handling of third party websites and cannot accept any liability for them.

10. Duration of storage
The duration of personal data storage depends on the purpose of the particular data processing and/or statutory storage obligations which amount to five, ten or more years, depending on the applicable legal basis.

11. Rights of the persons concerned
Anyone may ask Aquila for information as to whether personal data about him are being processed. There is a right to oppose and restrict processing and, where applicable, the right to data portability. Incorrect data may be rectified. In addition, erasure of the personal data may be requested, save in cases where statutory or regulatory requirements (e.g. statutory storage obligations for data relevant to the business) or technical obstacles prevent this. Erasure of data may create a situation in which Aquila can no longer provide certain services. In addition, in certain cases there is a right of appeal to an appropriate authority. When Aquila processes personal data on the basis of consent, that consent can be withdrawn at any time. To help Aquila to answer your question, please send us a suitable, understandable notification. We will examine and respond to requests within a reasonable time limit.

12. Contact
Aquila is responsible for processing your personal data. The contact data for Aquila are as follows:

Aquila Ltd.
Bahnhofstrasse 43
8001 Zurich


Disclaimer / Terms of Use
Data Protection Declaration Partner