General privacy policy

A. Person responsible

The 'controller' of data processing, as described in this privacy policy (i.e. the responsible person), is:

Point Capital Group AG
Gubelstrasse 24
6300 Zug
contact@pointcapital.ch
www.pointcapital.ch 
+41 44 488 80 00

If you have any questions about the processing of your personal data or other data protection concerns, you can contact us using these contact details.

 

B. Purpose of data processing and legal basis

We primarily use the collected data to conclude and fulfill contracts with our customers and business partners, particularly in connection with the provision of financial services and the procurement of products and services from our suppliers and subcontractors, as well as to comply with domestic and international legal obligations.

Furthermore, in accordance with applicable law and where appropriate, we may process personal data for the following purposes, which are in our (or, where applicable, the legitimate interest of a third party), such as:

 

• • Provision and development of our products, services, websites, apps and other platforms on which we operate;

 

• • Communication with third parties and processing their requests (e.g. applications, media inquiries);

 

• • Advertising and marketing (including the organization of events), unless you have objected to the use of your data for this purpose (if you are part of our customer base and receive advertising, you can object at any time and we will put you on a blacklist to prevent further advertising mailings);

 

• • Assertion of legal claims and defense in legal disputes and official proceedings;

 

• • Prevention and investigation of crimes and other misconduct;

 

• • Ensuring the smooth operation of our business, including our IT, websites, apps and other applications;

 

• • Acquisition and disposal of business units, companies or parts of companies and other corporate transactions and the associated transfer of personal data, as well as measures for corporate governance and compliance with legal and regulatory obligations and internal company regulations;

 

If you have given us your consent to process your personal data for specific purposes (e.g., when subscribing to receive newsletters), we will process your personal data within the scope and on the basis of this consent, unless we have another legal basis, should we require one. You can withdraw your consent at any time; however, this will not affect data processed before the withdrawal.

 

C. Collection and processing of personal data

We primarily process personal data that we receive from our customers and other business partners, as well as from other individuals in the course of our business relationships with them, or that we collect from users when they use our websites, apps, and other applications. Where permitted, we obtain certain personal data from publicly accessible sources (e.g., debt registers, land registers, commercial registers, press, internet) or receive such information from affiliated companies of Point Capital Group AG, from authorities, or other third parties (such as custodian banks). Apart from the data you have provided to us directly, the categories of data we receive about you from third parties include, among others, information from public registers, data we receive in connection with administrative or judicial proceedings, information relating to your professional role and activities (e.g., for concluding and executing contracts with your employer), information about you in correspondence and conversations with third parties, information about you provided to us by persons associated with you (family members, advisors, legal representatives, etc.) for concluding or executing contracts with you or with your involvement (e.g., powers of attorney), information relating to legal regulations such as those concerning anti-money laundering, bank details, information about you that can be found in the media or on the internet (where provided in individual cases, e.g., in connection with applications, media reports, marketing/sales, etc.), your address and any interests and other socio-demographic data (for marketing purposes), and data relating to your use of our websites (e.g., IP address, MAC address of your smartphone, etc.). Computers, information about your device and settings, cookies, date and time of your visit, pages and content accessed, applications used, referring website, location data).Grundsätzlich speichern wir diese Daten für 12 Monate nach Beendigung des Bearbeitungszwecks. Dieser Zeitraum kann länger sein, wenn dies aus beweisrechtlichen Gründen oder zur Erfüllung gesetzlicher oder vertraglicher Anforderungen erforderlich ist.

 

D. Cookies / tracking and other relevant information about the use of our website

Technical data

When you visit our website, your user-specific data (e.g., IP address, web browser, operating system) and technical data (e.g., URLs of pages visited, execution of a search query) are collected and analyzed anonymously. This data is collected and processed for the purposes of system security and stability, error and performance analysis, and internal statistical analysis, enabling us to optimize our website. When you subscribe to our content or submit a contact form/customer login, we process the data necessary to provide the requested service. Depending on the service, the following data may be processed: email address, first name, last name, title, full address, subject, and message. If you have given us your consent to process your personal data for specific purposes (e.g., when you subscribe to a newsletter or submit an inquiry), we process your personal data within the scope and on the basis of this consent, unless we have another legal basis, should we require one. You can withdraw your consent at any time; however, this does not affect the data processed before the withdrawal. We generally store technical data for 12 months.

Communication data
When you contact us via the contact form, email, telephone, chat, letter, or other means of communication, we collect the data exchanged between you and us, including your contact details and metadata of the communication. If we record or listen to telephone calls or video conferences, for example, for training and quality assurance purposes, we will inform you. Such recordings may only be made and used in accordance with our internal guidelines and legal regulations. We generally store this data for 12 months from the last exchange with you. This period may be longer if required for evidentiary purposes, to fulfill legal or contractual obligations, or for technical reasons. Emails in personal mailboxes and written correspondence are generally retained for at least 10 years. Recordings of (video) conferences are generally retained for 12 months. Chats are generally retained for 12 months.

Cookies and their use
In some cases, we use cookies to tailor our services as closely as possible to your needs. Cookies are small files that cannot perform any actions on their own and are stored on your computer or mobile device when you visit or use one of our websites. Cookies store specific settings about your browser and data related to the exchange with the website via your browser. When a cookie is activated, it can be assigned an identification number that identifies your browser and enables the use of the information contained in the cookie. There are basically two different types of cookies: temporary cookies and persistent cookies. We use temporary cookies, which are automatically deleted from your mobile device or computer after the browser session ends. We also use persistent cookies to store user preferences (e.g., language, automatic login), to understand how you use our services and content, and to show you customized offers and advertising (which may also happen on other companies' websites; if we know your identity, these companies will not learn your identity from us; they only know that the same user who visits their website has previously visited a particular website). These remain stored on your computer or mobile device for a long time after your browser session ends. They are automatically deactivated after a certain period of time.

Notwithstanding the above, you can configure your browser to reject cookies, store them only for a single session, or delete them prematurely. Most browsers are preset to accept cookies. If you block cookies, certain functions (such as language settings, shopping cart, and order processing) may no longer be available to you. Point Capital Group AG permits partner companies that provide services to Point Capital Group AG or that are integrated into our website to store cookies, provided this is technically necessary and the use of cookies is proportionate. Point Capital Group AG has no control over how cookies are used outside of our website.

By continuing to use our website and/or agreeing to this privacy policy, you consent to our use of cookies and the collection, storage, and use of personal usage data even after you close your browser ('persistent cookies'). You can object to this at any time by changing your browser's default settings to reject third-party cookies.

Google Analytics and similar services
With the aim and intention of tailoring our website to user needs and continuously optimizing it, we may use Google Analytics or similar services on our website. These are third-party services that can be located in any country in the world (in the case of Google Analytics, Google Ireland Ltd. (based in Ireland), Google Ireland uses Google LLC (based in the USA) as a sub-processor (both 'Google'), www.google.com) and which allow us to measure and evaluate the use of our website (on an anonymized basis). For this purpose, persistent cookies are used, which are set by the service provider. We have configured the service so that the IP addresses of visitors are shortened by Google in Europe before being forwarded to the USA and can then no longer be traced. We have deactivated the 'Data Sharing' and 'Signals' options. Although we assume that the information we share with Google is not personal data for Google, it is possible that Google could use the collected data to infer the identity of visitors, create personal profiles, and link this data to these individuals' Google accounts for its own purposes. If you have registered with the service provider, the service provider also knows your identity. In this case, the service provider processes your personal data in accordance with its privacy policy. The service provider only provides us with data about the use of the respective website (but no personal information about you).

When you use our website, pseudonymized user profiles are created and, as explained in section 5 above, small text files stored on your computer are used. The information generated by these cookies about your use of this website is transmitted to the servers of the providers of these services, stored there, and processed for us. In addition to the data mentioned in section 4 above, we thereby receive the following information:

 

• • Navigation path that a visitor follows on the website

 

• • Time spent on the website or subpage

 

• • Subpage where the website is left

 

• • Country, region or city from where access is made

 

• • Device (type, version, color depth, resolution, width and height of the browser window)

 

• • Returning or new visitor

 

The tools, programs, and instruments we use to analyze web behavior include, among others, Matomo Web Analytics, Google Tag Manager, Google Ads, YouTube (embedded videos), and MailChimp. The information generated by cookies about your use of this website (including your IP address) is generally transmitted to and stored on a Google server in the USA. Google will use this information to evaluate your use of the website, to compile reports on website activity for us as website operators, and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You can prevent the installation of cookies by changing your browser settings. However, in this case, you may not be able to fully utilize all the website's features. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Social Media Plug-ins
Furthermore, we use plugins from social networks such as Facebook, Twitter, YouTube, Pinterest, and Instagram on our website. This is visible to you (typically via the respective icons). We have configured these elements so that they are deactivated by default. If you activate them (by clicking), the operators of the respective social networks can record that you are on our website, which page you accessed it from, and can use this information for their own purposes. This processing of your personal data is the responsibility of the respective operator and is carried out in accordance with their privacy policies. We do not receive any information about you from the respective operators.

 

 

E. Disclosure of data to third parties and transfer of data abroad

In the course of our business activities and in accordance with the aforementioned purposes of data processing, we may transfer data to third parties, provided such transfer is permissible and we deem it appropriate, so that they can process the data for us or, where applicable, for their own purposes. In particular, the following categories of recipients may be affected:

 

 

• • Our service providers (e.g., risk management & compliance, IT providers, CRM systems)

 

• • Domestic and foreign authorities, official bodies and courts

 

• • Other parties in potential or actual legal proceedings

 

Some recipients are located in Switzerland, while others may be located in any country worldwide. In particular, you should expect your data to be transferred to any country where the Point Capital Group has subsidiaries, branches, or other offices, as well as to other countries in Europe and the USA where our service providers are located (such as Microsoft). If a recipient is located in a country without adequate legal data protection, we require the recipient to comply with data protection regulations (we use the revised Standard Contractual Clauses of the European Commission, which you can access here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is subject to a legally recognized framework for ensuring data protection and we cannot rely on an exception. An exception may apply, for example, in the case of legal proceedings abroad, but also in cases where there is an overriding public interest or the fulfillment of a contract requires disclosure, if you have given your consent or if the data has been made generally available by you and you have not objected to its processing.

 

F. Duration of data storage

Your data, which includes personal data, will only be processed and stored for as long as necessary to fulfill our contractual and legal obligations or for the purposes for which it is otherwise processed, i.e., potentially for the duration of the entire business relationship and beyond, due to legal retention and documentation requirements. Personal data may be retained for the period during which claims can be asserted against our company, to the extent that we are otherwise legally obligated to do so, or if legitimate business interests require it (e.g., for evidentiary and documentation purposes). As soon as your personal data is no longer needed for the aforementioned purposes, it will be deleted or anonymized, where possible. Shorter retention periods of 30 days or less apply to operational data (e.g., system logs).

 

G. Data security

We have implemented appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse. These measures include issuing instructions, providing training, implementing IT and network security solutions, access controls and restrictions, encrypting passwords, data storage and transmissions, pseudonymization, and audits. However, we cannot guarantee the security of data transmission over the internet. In particular, there is a certain risk of third-party access when transmitting data via email.

 

H. Your rights

In accordance with applicable law, you have the right to access, rectify, and erase your personal data, the right to restrict processing, or to object to our processing of your data, particularly for direct marketing purposes, profiling for direct marketing purposes, and other legitimate interests, as well as the right to receive certain personal data for transmission to another controller (data portability). Please note, however, that we reserve the right to assert legal restrictions, for example, if we are obligated to retain or process certain data, have an overriding legitimate interest (to the extent we can rely on such interests), or require the data for the establishment, exercise, or defense of legal claims.

We have already informed you of your right to object to/withdraw your consent at any time. Please also note that exercising these rights may conflict with your contractual obligations and could have consequences such as early termination of the contract and may involve costs. Should this be the case, we will inform you in advance, unless this has already been contractually agreed. Generally, exercising these rights requires you to prove your identity (e.g., by providing a copy of identification documents if your identity is not otherwise apparent or verifiable). To exercise these rights, please contact us using the details provided above. Furthermore, every data subject has the right to assert their rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

 

I. Profiling [and automated individual decision-making]

We may process your personal data automatically to evaluate certain personal aspects (profiling). Profiling allows us, in particular, to better inform and advise you about products that may be relevant to you. For this purpose, we may use analytical tools that enable us to communicate with you and, if necessary, market to you, including market and opinion research. When initiating and conducting a business relationship, we generally do not use fully automated individual decision-making (such as that described in Article 22 of the GDPR). Should we resort to such procedures in specific cases, we will inform you separately and explain your rights in this regard, provided this is required by law.

 

J. Changes to this privacy policy

We may amend this privacy policy at any time without prior notice. The current version published on our website applies. If the privacy policy is part of an agreement with you, we will notify you of any changes by email or other suitable means.

Zug, July 31, 2023