We process personal data from our clients for the following purposes:
In our data directories, the following data categories are directly processed to perform our activities within the scope of purposes listed under lit. a.:
|Data Category||Data Description||Data Recipient|
|Client and address data||Name, company, date of birth, home and/or business address, nationality, occupation, telephone number, email address||e.g. external service providers (e.g. banks, asset managers, auditors) and public authorities (e.g. supervisory or tax authorities)|
|Identification Data||Identification documents, e.g. passport or identity card copies, utility bills, tax numbers, death certificates; authentication data, e.g. signature samples||Banks, asset managers, intermediaries, trust companies, tax advisors|
|Accounting and Salary Administration documents||Surname, name, address, tax numbers, marital status, profession, employment data, data on previous tax years, pension scheme data, social insurance data||European Tax Authorities, AHV-IV-FAK and other state authorities (Social Welfare Office, Office of Economic Affairs etc.)|
|Due diligence documents||e.g. contractual partners, identification of the beneficial owners, profile of the business relationship with information on professional and personal background (e.g. occupation and hobbies), World Check data, checks pursuant to the Due Diligence Act||Liechtenstein banks and asset managers (mandate-related persons subject to due diligence requirements)|
|Mandate information||e.g. corporate documents, bank documents, correspondence, due diligence documents, tax data, resolutions by bodies||Liechtenstein authorities due to statutory requirements|
|Accounting Data||Transaction and accounting information||Liechtenstein authorities due to statutory requirements|
|Correspondence||Client orders, general||Banks and members of bodies, Liechtenstein authorities due to statutory requirements|
|Data of legal entities||Articles of incorporation, by-laws, certificates, mandate agreements, signatory powers||Commercial register and Liechtenstein authorities due to statutory requirements|
|Tax Data||FATCA-, AIA-, LDF reports||Tax authorities due to statutory requirements|
Personal data of clients are processed by us exclusively for the fulfilment of our contractual, statutory and supervisory duties for the purposes specified under a.
For this purpose, the following parties may receive personal data:
If we have to fulfil legal or supervisory requirements, the following parties in particular may receive personal data:
The data is collected directly (e.g. in meetings or correspondence with clients; internal background and due diligence checks) and in part by third-party service providers (such as banks, asset managers, auditors).
Personal data will be processed and stored during the effective business relationship, unless there are special shorter deletion periods. After termination of the business relationship these data will be stored for at least 10 years due to statutory provisions (Persons and Companies Act, Due Diligence Act). Longer storage of data occurs exclusively on the basis of statutory or contractual storage requirements or for evidence purposes with regard to time-barring laws.
There is no automated evaluation of your data. Should such procedures be used in individual cases, we inform our clients to the extent required by law.
Right to Information
You have the right to request information about your personal data that is stored by the Companies. A request for information, together with proof of identity, must be sent in writing to the Data Protection Officer (see h.).
Upon receipt of your request for information, you will be informed within the statutory period of 30 days. The information may be refused, restricted or postponed to the extent required by law or due to the prevailing interest of a third party or the company the request is addressed to.
The request for information may be combined with a request for rectification or erasure of data.
Right to Rectification or Erasure
You have the right to request, in writing and free of charge, the rectification or erasure of your personal data, insofar as these are incorrect or stored or processed without good reason. A reasoned request for rectification or erasure must be sent to the Data Protection Officer (see h.), accompanied by a proof of identity.
Your request for rectification or erasure will be processed upon receipt within a reasonable time. Thereafter, the completion of your request for rectification or erasure will be confirmed to you.
Erasure may be prevented by legal regulations. In such a case, the Companies will process your personal data only to the extent necessary to comply with the statutory requirements.
Right of Objection or Cancellation
You have the right to object in writing, in whole or in part, to the processing of your personal data or to cancel your consent to the processing of such data. The objection or cancellation must be addressed in writing to the Data Protection Officer (see h.).
The receipt of your objection or cancellation will be confirmed to you and thereafter the concerned data will be deleted.
To comply with an objection or cancellation may be contrary to statutory regulations. In such a case, the Companies will process your personal data only to the extent necessary to comply with the statutory requirements.
Right to Restriction
You have the right to restrict the processing of your personal data with regard to the transmission of such data to third parties. An application for restriction must be sent in writing to the Data Protection Officer (see h.) accompanied by proof of identity.
The receipt of your application for restriction will be confirmed and your application will be completed within a reasonable time.
Such restriction may conflict with legal regulations. In such a case, the Companies will only transmit your personal data to third parties to the extent necessary to comply with the statutory requirements.
Right of Complaint
You have the right to file a complaint with the competent Liechtenstein supervisory authority. You may also contact another supervisory authority of an EU or EEA Member State, for example at your place of residence or work or at the place of the alleged infringement.
The contact details of the Data Protection Authority in Liechtenstein are as follows:
Liechtenstein Data Protection Authority
P.O. Box 684 LI‐9490 Vaduz
+423 236 60 90
For questions about data protection and data processing, please contact the Data Protection Officer of the controller in writing. You can contact our Data Protection Officer as follows:
CONFIDA Holding AG
Data Protection Officer
+423 235 81 81