Privacy Policy for Clients

Data Collection in the Implementation and Processing of our Services and Tasks

 

 

 

a. Data Processing Purposes

We process personal data from our clients for the following purposes:

  • activities pursuant to the Business Act, the Trustees Act and the Persons and Companies Act, in particular:
  • Tax Advice, Management Consulting Services, Accounting, Salary Administration, Property Services and Trust Services;
  • mandate administration (incl. administration of legal entities);
  • fulfilment of statutory accounting requirements;
  • correspondence;
  • compliance with legal requirements in connection with the Trustees Act, the Persons and Companies Act, the Due Diligence Act, the Civil Code and the GDPR).

b. Data Categories

In our data directories, the following data categories are directly processed to perform our activities within the scope of purposes listed under lit. a.:

Data Category Data Description Data Recipient
Client and address data Name, company, date of birth, home and/or business address, nationality, occupation, telephone number, email address e.g. external service providers (e.g. banks, asset managers, auditors) and public authorities (e.g. supervisory or tax authorities)
Identification Data Identification documents, e.g. passport or identity card copies, utility bills, tax numbers, death certificates; authentication data, e.g. signature samples Banks, asset managers, intermediaries, trust companies, tax advisors
Accounting and Salary Administration documents Surname, name, address, tax numbers, marital status, profession, employment data, data on previous tax years, pension scheme data, social insurance data European Tax Authorities, AHV-IV-FAK and other state authorities (Social Welfare Office, Office of Economic Affairs etc.)
Due diligence documents e.g. contractual partners, identification of the beneficial owners, profile of the business relationship with information on professional and personal background (e.g. occupation and hobbies), World Check data, checks pursuant to the Due Diligence Act Liechtenstein banks and asset managers (mandate-related persons subject to due diligence requirements)
Mandate information e.g. corporate documents, bank documents, correspondence, due diligence documents, tax data, resolutions by bodies Liechtenstein authorities due to statutory requirements
Accounting Data Transaction and accounting information Liechtenstein authorities due to statutory requirements
Correspondence Client orders, general Banks and members of bodies, Liechtenstein authorities due to statutory requirements
Data of legal entities Articles of incorporation, by-laws, certificates, mandate agreements, signatory powers Commercial register and Liechtenstein authorities due to statutory requirements
Tax Data FATCA-, AIA-, LDF reports Tax authorities due to statutory requirements

 

 

 

c. Access to and Forwarding of Data

Personal data of clients are processed by us exclusively for the fulfilment of our contractual, statutory and supervisory duties for the purposes specified under a.

For this purpose, the following parties may receive personal data:

  • group companies;
  • external service providers and parties (such as banks, asset managers, insurance companies, lawyers, auditors; suppliers, dealers, transport companies, subcontractors or other cooperation partners; associations, public-interest institutions); the forwarding of data to us by third party service providers only takes place with the express consent of the client.

If we have to fulfil legal or supervisory requirements, the following parties in particular may receive personal data:

  • official bodies and public authorities (e.g. supervisory authorities, courts);
  • tax authorities (e.g. within the framework of the Automatic Exchange of Information) [AIA, FATCA]).

d. Data Origin

The data is collected directly (e.g. in meetings or correspondence with clients; internal background and due diligence checks) and in part by third-party service providers (such as banks, asset managers, auditors).

e. Data Retention Period

Personal data will be processed and stored during the effective business relationship, unless there are special shorter deletion periods. After termination of the business relationship these data will be stored for at least 10 years due to statutory provisions (Persons and Companies Act, Due Diligence Act). Longer storage of data occurs exclusively on the basis of statutory or contractual storage requirements or for evidence purposes with regard to time-barring laws.

f. Automated Decision-Making (Art. 22 GDPR)

There is no automated evaluation of your data. Should such procedures be used in individual cases, we inform our clients to the extent required by law.

g. Your Rights

Right to Information

You have the right to request information about your personal data that is stored by the Companies. A request for information, together with proof of identity, must be sent in writing to the Data Protection Officer (see h.).

Upon receipt of your request for information, you will be informed within the statutory period of 30 days. The information may be refused, restricted or postponed to the extent required by law or due to the prevailing interest of a third party or the company the request is addressed to.

The request for information may be combined with a request for rectification or erasure of data.

Right to Rectification or Erasure

You have the right to request, in writing and free of charge, the rectification or erasure of your personal data, insofar as these are incorrect or stored or processed without good reason. A reasoned request for rectification or erasure must be sent to the Data Protection Officer (see h.), accompanied by a proof of identity.

Your request for rectification or erasure will be processed upon receipt within a reasonable time. Thereafter, the completion of your request for rectification or erasure will be confirmed to you.

Erasure may be prevented by legal regulations. In such a case, the Companies will process your personal data only to the extent necessary to comply with the statutory requirements.

Right of Objection or Cancellation

You have the right to object in writing, in whole or in part, to the processing of your personal data or to cancel your consent to the processing of such data. The objection or cancellation must be addressed in writing to the Data Protection Officer (see h.).

The receipt of your objection or cancellation will be confirmed to you and thereafter the concerned data will be deleted.

To comply with an objection or cancellation may be contrary to statutory regulations. In such a case, the Companies will process your personal data only to the extent necessary to comply with the statutory requirements.

Right to Restriction

You have the right to restrict the processing of your personal data with regard to the transmission of such data to third parties. An application for restriction must be sent in writing to the Data Protection Officer (see h.) accompanied by proof of identity.

The receipt of your application for restriction will be confirmed and your application will be completed within a reasonable time.

Such restriction may conflict with legal regulations. In such a case, the Companies will only transmit your personal data to third parties to the extent necessary to comply with the statutory requirements.

Right of Complaint

You have the right to file a complaint with the competent Liechtenstein supervisory authority. You may also contact another supervisory authority of an EU or EEA Member State, for example at your place of residence or work or at the place of the alleged infringement.

The contact details of the Data Protection Authority in Liechtenstein are as follows:

Liechtenstein Data Protection Authority
Kirchstrasse 8
P.O. Box 684 LI‐9490 Vaduz
+423 236 60 90
info.dssllvli

h. Contact

For questions about data protection and data processing, please contact the Data Protection Officer of the controller in writing. You can contact our Data Protection Officer as follows:

CONFIDA Holding AG
Data Protection Officer
Heiligkreuz 6
LI‐9490 Vaduz
+423 235 81 81
dsbconfidali