Automatic Exchange of Information (AEoI)

On January 1 2017, the Federal Act on the International Automatic Exchange of Information in Tax Matters (AEI Act) entered into effect in Switzerland. The AEI Act implements the OECD’s Common Reporting Standard (CRS), which has become a standard for the international exchange of information on financial accounts. To date, more than 100 countries have committed to implement the CRS.

 

The AEI Act obliges Swiss banks to document the tax residence of their clients. Accounts of clients who are tax resident in a reportable jurisdiction and who do not act as financial institution by themselves must be reported by Swiss banks to the competent authorities. Please find a list of the current reportable jurisdictions on the website of the Swiss Secretariat for International Financial Matters SIF.

(www.sif.admin.chàTopicsàInternational tax policiesàAutomatic exchange of information)

Data Protection Client Information

Information on compliance with current data protection requirements by Berenberg Bank (Schweiz) AG

A. Introduction

Berenberg Bank (Schweiz) AG (hereinafter referred to as “Bank” or “we”) is bound by Swiss data protection legislation, specifically the Swiss Federal Data Protection Act (“DSG”) dated 19 June 1992. The new EU General Data Protection Regulation (“GDPR”), which enters into force on 25 May 2018, is only indirectly applicable to our business and only to some of our business relationships.

Nevertheless, with this document we would like to take account of the greater transparency requirements of recent data protection legislation, in particular the GDPR (Articles 13, 14 and 21) and to inform you about how the Bank collects, uses and protects personal data. It contains in particular a description of how you as a data subject can make use of your rights.

B. Important questions

1. Who is responsible for data processing and whom can I contact?

Berenberg Bank (Schweiz) AG 
Kreuzstrasse 5 
Postfach 
8034 Zürich 
Switzerland 
Phone +41 44 284 2120 
Telefax +41 44 284 2320 
E-Mail info@berenberg.ch

You can contact our company’s Data Protection Officer at:

Berenberg Bank (Schweiz) AG 
Data Protection Officer 
Kreuzstrasse 5 
Postfach 
8034 Zürich 
Switzerland 
Phone +41 44 284 2059 
E-Mail dataprotection@berenberg.ch

2. Which sources and data do we use?

We process personal data that we acquire from you in the course of our business relationship. To the extent that is necessary for the provision of our services, we also process personal data which we have lawfully acquired from publicly available sources (such as the press or internet) and which we are allowed to process, as well as data that has been lawfully transmitted to us by Group companies or other third parties.

Personal data of relevance includes personal details (name, address and other contact details, date of birth, place of birth, na-tionality), data regarding proof of identity (such as identity card details) as well as authentication data (such as a signature sample). This can also include order details (such as payment orders, financial instrument orders), information about your financial situation (such as information on your creditworthiness and the origin of your assets), data withheld for record-keeping purposes (such as investment advice protocols), register details, data about how you have used our telecommunication services (such as when you accessed our website) as well as other data comparable with the specified categories.

3. Why do we process your data (purpose of processing) and what is the legal basis for this?

The Bank processes your personal data primarily in order to comply with our obligations arising from our contractual banking relationship with you, in particular to perform your orders and to engage in all other activities typical of a financial services institution. The purpose of data processing is predominantly dictated by the specific product in question (for instance an account or securities) and may include demand analyses, advisory services, portfolio management and the execution of transactions.

As a Bank, we are also bound by legal obligations (for example the Banking Act, AntiMoney Laundering Act, tax laws) as well as requirements imposed by banking regulators (such as the Swiss financial supervisory authority “FINMA”). In this regard, we process your data for purposes in relation to anti-fraud and anti-money laundering activities, compliance with tax monitoring and reporting obligations, and risk assessment and management.

We also process your data to safeguard our own legitimate interests or those of third parties, for insta

  • marketing, unless you have objected to the use of your data;
  • establishing legal claims and defences in the event of litigation;
  • ensuring IT security and the continued operation of the Bank’s IT services;
  • preventing and investigating criminal activity;
  • activities related to building and facility security (incl. access controls, e.g.);
  • activities related to business management and the ongoing development of products and services (where relevant, including the review and optimisation of demand analysis methods and directly addressing customers).

Where you provide or have provided consent to process personal data for certain purposes (for example for marketing), processing will be performed on the basis of your consent. Where consent is provided, it can also be withdrawn at any time. Please note that withdrawal of consent only has effect for the future. Processing performed before the withdrawal of consent is not affected by this.

4. Who has access to your data?

Within the Bank, access to your data will be provided to those offices that require it to fulfil our contractual and statutory obligations. External data processors commissioned by us may also receive data for these purposes. Such companies operate in particular in the IT services, printing services and consulting and advisory industries. To process payments, we use the digital services of thirdparty providers, which involves the use of externally developed software. If you conduct business in currencies and derivatives through us, for example, you should refer to the relevant contract documents and terms of business for further details on the processing and communication platforms and interfaces employed.

In terms of how data is transmitted to recipients outside of the Bank, it is important to note that we are bound by confidentiality obligations regarding any and all customerrelated information and assets that we acquire (“banking secrecy”). We are only permitted to disclose information about you with a legally valid order from the courts, from the competent criminal investigation authorities or from the competent supervisory authorities, or if you have instructed us to do so. Under these conditions, the following are examples of potential recipients of personal data:

  • civil and criminal courts, police and other competent cantonal or federal authorities (for instance FINMA, Swiss Federal Tax Administration);
  • other banks or financial services institutions or comparable institutions to whom we transmit personal data for the purpose of fulfilling the obligations arising from our business relationship with you (depending on the contract, this may for example be correspondent banks, custodian banks, stock exchanges).

Other potential recipients of data include offices to whom data is sent based on consent that you have granted us.

5. How long is your data stored for?

We process and store your personal data as required for the duration of our business relationship. We are also bound by various retention and record-keeping obligations, imposed, for example, by the Swiss Code of Obligations (OR) and the Anti-Money Laundering Act (GwG). The retention and record-keeping periods specified therein may be up to ten years.

6. Will data be transmitted to Third Countries or an international organisation?

Data will only be transmitted to Third Countries insofar as it is necessary in order to perform your orders (for instance payment or financial instrument orders), in order to comply with statutory requirements, or if you have provided us with your consent to do so.

7. What are your data protection rights?

Any data subject has a right to information (Art. 8 DSG) as well as a right to correction, to erasure and to have processing restricted, and also to prohibit disclosure to third parties (Art. 15 DSG). Where applicable, data subjects also have other rights under GDPR, including the right to have processing restricted in accordance with Art. 18 GDPR and the right to data portability in accordance with Art. 20 GDPR. The right to information may be limited by Art. 9 DSG.

8. Are you required to provide data?

For the purpose of our business relationship, you only need to provide personal data as required to establish, conduct and terminate a business relationship, or data which we are required to collect by law. Without this data, we will usually have to refuse to establish or perform a contract, we may not be able to fulfil an existing contract, and may need to terminate an existing contract. In particular, we are bound by the money laundering regulations and duties of care of the CDB, which involve conclusively identifying you before a business relationship is established (for example through your identity card), and registering your name, place of birth, date of birth, nationality and private address. To enable us to comply with this statutory obligation, you must provide us with the required information and documents and report any changes immediately in the course of the business relationship. Should you fail to provide us with the necessary information and documents, we will be unable to establish the desired business relationship with you.

9. How are individual decisions made on an automated basis?

When establishing or conducting business relationships, we generally do not employ automated decisionmaking processes. Should we employ such methods in the future in specific circumstances, we will notify you of this separately insofar as it is required to do so by law.

C. Information about your right to object

You are entitled to lodge an objection at any time for reasons relating to your personal circumstances against the processing of your personal data insofar as this data is processed in the public interest or on the basis of an interest assessment.

If you lodge an objection, we will cease to process your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or that processing is necessary for the establishment, exercise or defence of legal claims.

In individual cases, we will process your personal data for the purpose of direct marketing. You are entitled to lodge an objection against the processing of your personal data for direct marketing at any time. If you lodge an objection against the processing of your data for direct marketing, we will cease to process your personal data for these purposes.

Such an objection is not required to comply with any formal standards and should ideally be sent to:

Berenberg Bank (Schweiz) AG 
Data Protection Officer 
Kreuzstrasse 5 
Postfach 
8034 Zürich 
Switzerland 
Phone +41 44 284 2059 
E-Mail dataprotection@berenberg.ch

Berenberg Wappen