Systematic Absolute Return AG (“SAR”) values and appreciate the trust you place in us to protect and store your personal information carefully and in accordance with the applicable laws.
Article 5 of the GDPR States that Personal Data must be processed lawfully fairly and in a transparent manner. In line with the GDPR changes we are updating our Privacy Notice so you can better understand why and how we collect, process and destroy your data. We are committed to protecting and respecting your privacy. This Privacy Notice (the “Notice”), together with the Terms and Conditions and any other documents referred to in it, sets out the legal basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.
This Notice is subject to the laws of Switzerland on the matter as well as any other applicable legal provisions and regulations.
Whose personal information is collected?
We collect and use information about the following groups of individuals:
• Clients, investors and beneficiaries (current, prospective and former) and any of their directors, officers, employees, partners, shareholders or agents;
• Suppliers and service providers;
• Professional advisers and consultants;
• Individuals who contact SAR by email, phone or otherwise and any visitors to the Site;
• Employees, contractors and other members of staff (current, prospective and former); and
What types of Personal Data do we collect?
We may collect and use personal information that is:
• Directly provided by you;
• Related to services provided to you by SAR;
• Received from your representatives or advisers;
• Received from third parties, including administrators of products advised by SAR;
• Collected using cookies and other technologies when visiting the Site; or
• Sourced from public sources.
We may control, process and use your Personal Data, which may include names, postal addresses, email addresses, telephone numbers or any other Personal Data that you provide to us. We may also, in appropriate cases and to the extent permitted by law, control, process and use certain special categories of Personal Data which are more sensitive in nature (e.g. when undertaking “Know Your Customer” (KYC) or anti-money laundering (AML) checks, we may collect information about any criminal conviction offence that you or the directors of any company might have committed).
Identity of the Firm
Lawful basis for Processing
Where we act as Data Controller, we rely on the following legal basis for Processing your Personal Data:
• Consent- if you are a recipient of our online direct marketing;
• Legitimate interests – if you are our client or prospect client, business affiliate, employee or potential employee, or our website visitor;
• Performance of contract- if you are our client, supplier, employee, akin to employee or business affiliate or our website visitor;
• Legal obligation – if we process Personal Data according to requirements of domestic legislation.
Where we act as Data Processor, we process Personal Data on behalf of Data Controller and we act on their written instructions.
Data protection officer
The Firm has no regulatory obligations under the GDPR to appoint a DPO; the Firm has no data protection officer (DPO) currently appointed. The GDPR sets out guidelines on when the appointment of a DPO shall be required as follows:
• Where the scope or purpose of collecting data requires a regular systematic monitoring of the Data Subjects;
• Where the Firm processes special categories of data on a large scale;
• Where Processing is carried out by a public authority.
The Firm has instead agreed to name a responsible officer (the “Responsible Officer”) who may be reached on compliance [at] sar-ag [dot] ch .
Purpose of data collected
The personal information we collect is for the following legitimate interest:
• Provision of financial products and services;
• Administration of your investments;
• Promotion of ideas and events relating to services we provide;
• Accuracy of client records,
• Maintenance of records of communications and management of your relationship with us;
• To respond to you enquires;
• To comply with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, AML and anticorruption);
• To carry out, in appropriate cases, KYC checks and other procedures that we undertake prior to you becoming a customer of ours;
• Prevention and detection of fraud and other illegal activity or misconduct; and
• For informing you about compliance with legal and regulatory obligations and provide related guidance.
• Respond to any enquiry or complaint raised by you.
We may also combine any information that you provide with the information received from other sources. This combined information may be used for the purposes set out above.
Who we share our information with
We may share your personal information with any other company associated with SAR for the purposes set out above.
We may share your personal information with selected third parties including:
• Business partners, suppliers and sub-contractors for the performance of any contract SAR enters into with them or you;
• Your current, prospective and former employers;
• Marketing providers that assist with the delivery of information to you;
• Analytics providers that assist in the improvement of the Site; and
• Administrators, custodians, depositaries and directors of SAR sponsored investment vehicles (e.g. funds) in connection with your subscription or investment in such funds.
If applicable, where you have notified us of your adviser, information provided may be shared with such adviser. You must notify us in writing if you no longer wish us to share information with your adviser or of any change to your adviser. Your adviser should have its own arrangements with you about its use of your information.
We may also share your personal information with third parties in the following circumstances:
• If SAR sells or buys any business or assets, it may be necessary to share your personal information with the prospective seller or buyer;
• If SAR is acquired by a third party, the personal information held by SARwill be one of the transferred assets; or
We are required, by law, to sometimes pass on some of this Personal Data to:
• Law enforcement agencies; financial regulators and other relevant regulatory authorities; government bodies; tax authorities; courts tribunals and complaints/dispute resolution bodies;
• Other bodies as required by law or regulation; or
• Related financial institutions such as trustees, custodians and sub-custodians; insurers; fraud protection agencies; and/or similar suppliers or service providers.
To fulfil our contract with you, the Firm may sometimes pass information to:
• IT services including client relationship management platforms; and
• Intra group to related affiliates also working on providing you with related services.
With the exception of the purposes set out above, we will not share personal information about you with third parties without your consent.
International transfer outside the EEA
The information that SAR collects from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), for instance in Switzerland, at the place of business of SAR . The Information may also be processed by SAR or SAR ’s suppliers operating outside of the EEA for the purposes set out above. By submitting your personal information to SAR, you agree to this transfer, storing or processing. SAR will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with the Notice.
SAR does not transfer your personal information outside of the European Economic Area (EEA) unless the transfer is necessary for one of the reasons set out in this privacy note, including the performance of a contract between the Firm and the Data Subject, reasons of public interest, to establish, exercise or defend legal claims or to protect the vital interests of the Data Subject where the Data Subject is physically or legally incapable of giving consent and, in some limited cases, for our legitimate interest.
In these cases, we will follow the GDPR Guidelines in protecting the transfer of data to countries outside the EEA to ensure that the level of data protection afforded to individuals by the GDPR is not undermined.
We will keep your Personal Data for no longer than reasonably necessary. We will retain your personal information in accordance with legal and regulatory requirements as set out in our Data retention policy.
Your rights and your Personal Data
You have a right:
• To request a copy of your Personal Data which the Firm or related data Controller holds about you;
• To request the Firm or any related data Controller to correct any Personal Data if it is found to be inaccurate or out of date;
• To request your Personal Data is erased where it is no longer necessary for the Firm or related data Controller to retain such data;
• To withdraw your consent to the Processing at any time if consent constitutes the lawful basis for processing;
• To object to Processing based on grounds relating to the Data Subject situation if the processing is necessary for the performance of a task carried out in the public interest or the processing is necessary for the purposes of the legitimate interest by us or a third party, unless such interest is overridden by your fundamental rights and interests;
• To request a restriction is placed on further Processing;
• To lodge a complaint with the relevant official supervisory authority
• Not to be subject to a decision based on automated Processing; the Firm does not practice such decision making.
Where we may seek to further process your data other than for the original purpose for which it was collected, the Firm shall only further process such data where the new Processing is compatible with the original purpose.
We take your privacy seriously and take every reasonable measure and precaution to protect and secure your Personal Data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including, without limitation, encryptions.
Special Categories of Data (if applicable)
Owing to the products and services that we offer, such as performance of KYC and other background checks, we sometimes need to process special categories of data which are deemed to be more sensitive in nature. Where we collect such information, we will only request and process the minimum necessary for the specified purpose and identify a compliant legal basis for doing so. Where we rely on your consent for Processing Special Categories Data, we will obtain your explicit consent through electronic means.
Legitimate Interests (if applicable)
We occasionally process your personal information under the Legitimate Interests’ legal basis. Where this is the case, we have carried out a Legitimate Interests’ Assessment (LIA) to ensure that we have weighed your interests and any risk posed to you against our own and that such interests are proportionate and appropriate such as for the purposes of HR, marketing and day-to-day operations.
When sending marketing materials to customers, we may have the option to rely on your consent or legitimate interest.
We only use legitimate interests for marketing if we have assessed that the information being sent is beneficial to the customer and have weighed our interests against your own and there is little to no risk posed, the method and content is non-intrusive, and the material being sent is something you would usually expect to receive.
Cookies, analytics and traffic data
We provide the following information with some explanations to ensure transparency to our users:
• What types of cookies are set;
• How long they persist on your user’s browser;
• What data they track;
• For what purpose (functionality, performance, statistics, marketing, etc.;
• Where the data is sent and with whom it is shared;
• How to reject cookies, and how to subsequently change the status regarding the cookies.