Privacy Policy of Dukascopy Bank SA

  1. Introduction
    1. We are strongly committed to protecting and safeguarding the privacy of personal data, including personal data related to individuals who may be clients, employees, job applicants or others (“Data subject”, “User”, “you”). The present Privacy Policy (the “Privacy Policy”) of Dukascopy Bank SA (the “Bank”) has been implemented in light of the EU's General Data Protection Regulation (“GDPR”) which benefits the residents of the European Union (“EU”).
    2. This Privacy Policy provides information on the processing and protection of personal data of natural persons residing in the EU. The Data controller responsible for the collection, processing and use of such personal data is Dukascopy Bank SA, legal address: ICC, Entrance H, Route de Pré-Bois 20, 1215, Geneva 15, Switzerland.
    3. Privacy Policy applies to all apps, services, features, software, and websites (jointly called – “Services”) of the Bank unless specified otherwise. By continuing to access and use our Services, including by opening account, utilizing our website and applications, you agree and consent to the provisions of this Privacy Policy, to the collection and processing of your personal data and confirm that you have read and understood all of the provisions stated in the Privacy Policy.
    1. The Bank processes certain types of personal data listed below for the purposes specified under Section 3. Please note that the below list is not exhaustive and upon necessity the Bank may process other personal data, according to its Privacy Policy and other relevant legal enactments.
    2. Information you may provide or have provided to the Bank:
      • Natural persons identification data – including, but not limited to name, surname, tax identification number, date of birth, details of identification document (e.g. passport number and/or copies);
      • Contact information – residence and correspondence addresses, telephone numbers, e-mail address and other if relevant;
      • Financial information – account number, account balance, income, wealth, amount of planned investment, investment profile, risk appetite, transactions and other similar information;
      • Background and source of funds – information regarding the education, the place of work, occupation, business activities if any, employer if any;
      • Information relating to the use of services and their relation to your preferences, habits etc. – such as information on Services used, personal settings, surveys, contests and campaigns to which you have participated;
      • Marital status and relevant third parties – inliiduals and legal entities connected to your account (e.g. POA holders, authorised users, etc.), originators or beneficiaries of your transactions, etc.;
      • Information received from communication – you may provide us with information related to your use of our Services, including copies of your messages, and how to contact you so we can provide you customer support. For example, you may send us an email with information relating to our application performance or other issues.
    3. Information collected automatically while using the website or mobile or online applications operated or owned by the Bank:
      • Usage and log information. We collect service-related, diagnostic, and performance information. This includes information about your activity (such as how you use our Services, how you interact with others using our Services, and the like), log files, and diagnostic, crash, website, and performance logs and reports;
      • Technical information and unique identifiers. We collect device-specific information when you install, access, or use our Services. This may include information such as hardware model, operating system information, browser information, internet protocol (IP) address, mobile network information including phone number, and device identifiers. We collect device location information if you use our location features, such as when you choose to share your location with your contacts, view locations nearby or those others have shared with you, and the like, and for diagnostics and troubleshooting purposes such as if you are having trouble with our application’s location features;
      • Status information. We collect information about your online and status message changes on our Services, such as whether you are online, when you last used our Services, and when you last updated your status message.
    4. Publicly available information and information received from third-parties:
      • Information third parties provide about you. We may receive information that third parties such as public authorities provide us, which may include information about you.
      • Third party service providers. We work with third-party providers to help us operate, provide, improve, understand, customise, support, and market our Services. For example, we may work with companies to distribute our applications, provide our infrastructure, delivery, and other systems, supply map and places information, process payments, help us understand how people use our Services, and market our Services. These providers may provide us information about you in certain circumstances; for example, app stores may provide us reports to help us diagnose and fix the issues.
    1. The Bank processes your personal data only if at least one of the following legal basis applies:
      • it is necessary to enter into and perform a contract or to take necessary actions at the request of the Data subject prior to entering into contract;
      • it is necessary to comply with the Bank’s legal obligations;
      • it is necessary to protect the legitimate interests of the Bank or of third party;
      • if the Bank receives Data subject's consent.
    2. The Bank primarily process your personal data for following purposes:
      • to provide Services and free of charge online and mobile resources;
      • to send administrative information, including updates of policies and changes to contractual terms;
      • to assess and mitigate risks related to money laundering and terrorism and proliferation financing;
      • to comply with the requirements of legal enactments and/ or government authorities’ requests;
      • to provide you with information about Services, products, educational materials, upcoming events and other related information that may be useful to you in relation to our offers and other resources;
      • in relation to other legitimate interests of the Bank.
    1. For the purpose of opening Multi-Currency Account, we offer you a Video-Identification procedure.
    2. The Bank is responsible for the execution of the Video-Identification and control over all data received during or after the Video-Identification procedure. However, the Bank may delegate or outsource to conduct Video-Identification to its subsidiaries, related companies or to third parties.
    3. Video-Identification shall be conducted based upon your express consent. Prior starting Video-Identification you confirm that your personal data may be recorded and processed.
    4. In order to start Video-Identification a secure video connection will be established between the Bank’s app and your end device to enable the required visual contact. To ensure proper execution of the Video-Identification procedure, the employee conducting the identification procedure must be able to access the camera of your end device and take photography’s of you, of the front and rear sides of your identification document or the principal pages of your passport. Additionally, conversation held between you and the employee will be recorded and stored.
    5. Above named actions, including verification of your identity, as well as information and collection of your personal data are necessary and shall be processed in order to enter into contract and to comply with the legal obligations to which the Bank is subject.
    6. Please note that your biometric data are not analysed during or post Video-Identification.
  5. Transmission and disclosure of personal data
    1. The Bank is entitled to disclose your personal data to selected third parties, including:
      • within Dukascopy Group, including all offices and affiliates of the Bank, irrespective of their geographical location;
      • to selected third parties, including providers that deliver services to Dukascopy Group under written agreements ensuring proper safeguards and limitations with regards to personal data processing. This may include companies providing IT, payment services, audit services, identity verification, due diligence services, data analysis, marketing support, cloud services and others;
      • to competent governmental, regulatory or other law enforcement agencies/ authorities.
    2. Your personal data is primarily processed within the European Economic Area (EEA) and the Swiss Confederation. However, when it is necessary, personal data may be transferred to third countries, as specified in this Privacy Policy.
    3. The Bank transfers or makes your personal data accessible for processing outside the EEA or the Swiss Confederation only when appropriate safeguards are in place and if one of the following applies:
      • This is required under the laws and regulations;
      • This is necessary to enter into or to perform the agreements for the Services;
      • You have given your consent to the processing of your data outside the EEA and outside Switzerland.
  6. Retention periods

    We store and process your personal data only as long as it is necessary to perform our obligations under the agreement with you or as long as the legal enactments requires to store it or as long as this is necessary to protect the Bank. In determining the retention period of personal data, the Bank takes into account contractual obligations, the legitimate interest of the Bank and relevant legal enactments (such as the regulation concerning anti-money laundering and terrorism financing).

    1. Under certain circumstances you have the right:
      • to receive a copy of your personal data that are processed by the Bank. If such request is excessive or repetitive, the Bank may refuse to provide you with copy of your personal data and the Bank may request a reasonable fee taking into account the necessary resources for preparing such copy;
      • to request the Bank to correct your personal data;
      • to erase your personal data to the extent permitted by law, by other regulation applicable to the Bank and at the condition that such deletion of data does not endanger the Bank;
      • to object to the processing or to restrict the processing of your personal data by the Bank to the extent permitted by law and other regulation applicable to the Bank and at the condition that such instruction does not endanger the Bank;
      • to receive your personal data in structured, commonly used and electronic format as well as to transmit it to another data controller;
      • According to the Article 27(1) of the GDPR, the Bank has designated Dukacopy Europe IBS AS as its representative in the EU. In case your request or concern is not satisfactorily resolved by us, upon your written demand, you may approach the supervisory authority of our representative in the EU, i.e. the Data State Inspectorate of the Republic of Latvia.
    2. All aforementioned rights should be exercised in good faith and on written request basis.
    3. Please address any requests, inquiries, suggestions or questions in a written form by sending an e-mail to: [email protected] or send a letter to the postal address indicated on the Bank’s website:
    1. Cookies are technology based on small system files placed on browser directories during the visit of the websites and applications.
    2. The cookies will be used to recognize the User as having previously visited, to help to collect statistics on website traffic, and to improve the navigation experience for the User. The Bank uses cookies to provide efficient operation of the website and applications to its users.
    3. Unless you have set your browser to decline all or certain type of cookies, our cookies will be issued to you as soon as you visit our websites.
    4. Websites or applications users can configure their browser preferences and not to accept cookies, however this may affect the functionality of the Services. If you prefer not to receive cookies, you may set your browser to refuse all cookies or send an alert when a cookie is issued.
    5. Detailed information on cookies, their management and deletion can be found on the website:

    This Privacy Policy was last updated on the date indicated at the top. Any changes or amendments to the Privacy Policy shall become effective on the date specified in the Privacy Policy. Latest version supersedes all previous versions.

    The Bank has the right to change its Privacy Policy at any time without prior notice. The Bank may freely use its websites to inform you about any changes in the Privacy Policy. The publishing of an updated version of the Privacy Policy on the Bank’s website(s) shall be deemed a valid notification of changes. By using our Services, you undertake to regularly review the Bank’s website(s) and updates to the Privacy Policy.

Last modification