Data Protection Notice

Preliminary Remarks

This data protection notice provides you with an overview of how your personal data held at Kaiser Partner may be processed and your rights in relation to this information under the EU General Data Protection Regulation (GDPR) and the Liechtenstein Data Protection Act (DPA). The specific data that will be processed and how data will be used will essentially depend on the services and products that will be provided and/or have been agreed in each case.

For all processing of personal data, Kaiser Partner will generally implement a range of technical and organizational measures in order to protect such data.

As you are undoubtedly already aware, the processing of personal data is necessary for almost all of the services you receive. Your personal data are required and processed throughout your relationship with Kaiser Partner, from the moment it is set up, through all the individual services/transactions and up until the point at which it is terminated.

If you have any questions regarding specific data processing activities or wish to exercise your rights, please contact:

 

Data Protection Officer:

Kaiser Partner Privatbank AG
Datenschutzbeauftragter
Herrengasse 23
FL-9490 Vaduz

Telephone: +423 237 84 74
E-mail: dsb@kaiserpartner.com

Responsible authority:

Kaiser Partner
Pflugstrasse 10/12
LI-9490 Vaduz

Telephone: +423 236 57 57
E-mail: info@kaiserpartner.com

 

The Data Protection Officer is available to answer any questions you may have concerning any data protection matters.

1. Where Do the Data Come from (Source)?

We process your personal data that we obtain in the course of our business relationship with you. As a general rule, we will process personal data that you provide to us in connection with the products or services used by you in the course of submitting contracts, forms, correspondence or in the course of other interactions, or that we have lawfully obtained from third parties or public authorities. In addition to this, we also process personal data from generally available sources (e.g. the Internet, the press, land register, commercial register).

We may, where appropriate, also process the personal data of any third parties involved in the business relationship, including data pertaining to authorized agents, representatives, legal successors, or beneficial owners under a business relationship. Please ensure that such third parties are also aware of this data protection notice.

2. What Data Will Be Processed (Data Categories)?

Personal data concerns the following categories of data in particular:

Master data

  • Personal details/identifying information (e.g. name, date of birth, nationality)
  • Address and contact details (e.g. address, telephone number, e-mail address)
  • Passport/ID card information and authentication information (e.g. specimen signature)
  • Other personal details/status data (e.g. FATCA status)

Further basic data

  • Information on services and products used, order and risk management data (e.g. information relating to due diligence and money laundering prevention)
  • Information pertaining to financial circumstances, professional and personal background (e.g. credit history information, professional occupation)
  • Image and voice data (e.g. video recordings or recordings of telephone calls)
  • Data from public sources
  • Other information and details of the business relationship (e.g. client number)

Background data

  • Technical data and information about electronic transactions (e.g. records of website access)

3. What Is the Legal Basis and the Purpose of Our Processing of Your Data?

We process your personal data in a lawful manner. In this context, lawfulness means that there must be at least one relevant legal basis available, depending on the purpose for which we process your data. The following list indicates various combinations of legal bases and purposes:

  • Contract – for the fulfillment of (pre-)contractual obligations in the context of your relationship. The purposes for which data will be processed will depend primarily on the specific services or products involved.
  • Law – for compliance with a legal or regulatory obligation or in the public interest. Data processed on this basis is aimed primarily at complying with legal and regulatory requirements (e.g. compliance with the GDPR, the DPA, due diligence and anti-money laundering rules, and regulations designed to prevent market abuse).
  • Protection of interests – for the purposes of the legitimate interests pursued by us or by a third party. Data are processed, in particular, for the purpose of asserting claims, developing products, marketing and advertising, business management and risk control, reporting, statistics and planning, preventing and investigating criminal offenses, video surveillance to ensure compliance with house rules and to prevent threats.
  • Consent – for specific purposes of processing. Data are processed for the purposes for which you have given your consent. You have the right to withdraw your consent at any time. This also applies to consent granted before the GDPR took effect. However, consent may only be withdrawn with effect for the future and does not affect the lawfulness of data processing undertaken before consent was withdrawn.

We also reserve the right to engage in the further processing of personal data, which we have collected for any of the foregoing purposes, including any other purposes that are consistent with the original purpose or which are permitted or prescribed by law (e.g. reporting obligations).

4. Who Will Have Access to Your Personal Data?

Parties within and outside Kaiser Partner may obtain access to your data. Departments and employees within Kaiser Partner may only process your data to the extent required for the purpose of discharging their contractual, legal, or regulatory duties, or to pursue legitimate interests. Other service providers or agents may also have access to your personal data, subject to compliance data protection requirements. Public bodies (e.g. supervisory and tax authorities) may also receive your personal data where there is a legal or regulatory obligation.

We transfer your data to countries outside the EU or EEA (“third countries”) in the following cases only:

  • the recipient country has an adequate (data) protection level; or
  • one or more of the following elements applies:
    • you have given your consent;
    • the transfer is necessary in order to conclude or perform the contract;
    • the transfer is necessary for important reasons of public interest (e.g. prevention of money laundering);
    • the transfer is necessary on the basis of regulatory or legal requirements.

5. How Long Will Your Personal Data Be Stored?

We will process and store your personal data throughout the continuation of the business relationship, unless there is a strict obligation to erase specific data at an earlier date. It is important to note that our business relationships may subsist for many years. In addition, the length of time that data will be stored will depend on whether processing continues to be necessary and the purpose of processing. Data will be erased if the information is no longer required for the purpose of fulfilling contractual or legal duties or pursuing our legitimate interests, i.e. the objectives have been achieved, or if consent is withdrawn, unless further processing is necessary by reason of contractual, regulatory, or legal requirements (e.g. retention and documentation obligations), or in the interests of preserving evidence throughout any applicable statutory limitation periods.

6. Will There Be Automated Decision-Making Including Profiling?

We do not normally make decisions based solely on the automated processing of personal data.

At the same time, certain business areas involve the automated processing of your personal data at least to a certain extent, where the objective is, for example, to create a profile and/or carry out needs analysis in relation to services and products, assess loan affordability and credit standing, for the purpose of managing risks, or to evaluate certain personal aspects in line with legal or regulatory requirements (e.g. prevention of money laundering).

7. What Data Protection Rights Do You Have?

You have the following data protection rights, which you can exercise by sending a corresponding request to the following e-mail address dsb@kaiserpartner.com, in respect of personal data relating to you:

  • Right of access: you may obtain access to information from Kaiser Partner as to whether and to what extent personal data concerning you are being processed.
  • Right to rectification: you have the right to obtain rectification of inaccurate or incomplete personal data concerning you.
  • Right to erasure: If we have not already done so, you can request that we erase your personal data if the data are no longer necessary in relation to the purposes for which they were collected or processed, if you have withdrawn your consent, or if the data have been unlawfully processed. However, data that we still require due to contractual, regulatory, or legal requirements will not be erased.
  • Right to restriction of processing: you have the right to obtain restriction of processing.
  • Right to withdraw consent: You have the right, at any time, to withdraw your consent to the processing of personal data concerning you for one or more specified purposes, where the processing is based on your explicit consent. This also applies to consent granted before the GDPR took effect. Please note that consent may only be withdrawn with effect for future processing, and does not restrict the processing of your data on the basis of continuing contractual, regulatory, or legal requirements.
  • Right to data portability: you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and to transmit these data to another controller.
  • Right to object: You have the right to object, in specific circumstances and on grounds relating to your particular situation, to the processing of data, provided such processing is not in the public interest or in pursuit of our legitimate interests or those of a third party. You also have the right to object to the use of your personal data for marketing purposes. If you object to the processing of your personal data for direct marketing purposes, we will discontinue processing your personal data for this purpose.

Right to lodge a complaint: In the event of any violation, you have the right to lodge a complaint with the relevant Liechtenstein supervisory authority.

The contact details for the data protection authority are set out below:

Liechtenstein Data Protection Office
Städtle 38
Postfach
LI-9490 VaduzTelephone: +423 236 60 90
E-mail: info.dss@llv.li

 

 

Perspectives

 

Living in a complex world or living in a world full of opportunities? The answer depends on the standpoint. With Perspectives, we present newsworthy topics from various viewpoints.

Please subscribe to our newsletter to learn more.

!Please fill out this field
!Please fill out this field
!Please fill out this field
!Please fill out this field
!Please fill out this field