Privacy Policy of Dukascopy Bank SA
V.05.06.2018

1. INTRODUCTION

1.1. We are strongly committed to protecting and safeguarding your personal data. The present Privacy Policy of Dukascopy Bank SA (here-after “the Company”) has been implemented in light of the EU's General Data Protection Regulation (GDPR) which benefits to the residents of the European Union.
1.2. This Privacy Policy provides information on the processing and protection by the Company of personal data of natural persons residing in the EU. 
EU residents accessing the Company's websites and applying for using its services shall preliminarily read and accept the present Privacy Policy. By continuing to access and use this website or services you expressly confirm your acceptance of our Privacy Policy.
 

2. DEFINITIONS

Client – any natural person, who has been using or has expressed willingness to use services and other online resources (e.g. contests, online community, etc.) provided by the Company;
Dukascopy Group –Dukascopy Bank SA incorporated in Swiss Confederation and its representative offices, branches, Dukascopy Europe IBS AS, Latvia and SIA “Dukascopy Payments” Latvia;
Privacy Policy – the present Privacy Policy of Dukascopy Bank;
Personal Data – any information related to an identified or identifiable individual. For further information please see Section 3;
Processing – any actions related to Personal Data for instance, but not limited to collection, recording, storage, transfer, erasure, etc.;
Services – any services offered by the Company;
Website - www.dukascopy.com and www.dukascopy.bank
 

3. CATEGORIES OF PERSONAL DATA THAT THE COMPANY PROCESS

3.1. Dukascopy Bank SA, legal address: ICC, Entrance H, Route de Pre-Bois 20, 1215 Geneva 15, Switzerland, is the controller of Client’s Personal Data.
3.2. The Company processes certain Personal Data for the purposes specified under Section 4. Please note that the below list is not exhaustive and upon necessity the Company may process other Personal Data, according to its Privacy Policy and other relevant legal enactments.
3.2.1. Personal Data received from the Client:
3.2.1.1. Natural persons identification data – including, but not limited to name, surname, tax identification number, date of birth, details of identification document (e.g. passport number or copies);
3.2.1.2. Contact information – address, telephone number, e-mail address and other if relevant;
3.2.1.3. Financial information – account number, account balance, income, wealth, transactions and other similar information;
3.2.1.4. Background and source of funds – information regarding the education, the place of work, occupation, business activities if any, employer if any;
3.2.1.5. Information relating to the use of services and their relation to Clients preferences, habits etc. – such as information on services used, personal settings, surveys, contests and campaigns to which the Client has participated;
3.2.1.6. Marital status and relevant third parties – individuals and legal entities connected to the Client account (e.g. POA holders, authorised users, etc.), originators or beneficiaries of the Client's transactions, etc.
3.2.2. Information collected automatically while using the Website or mobile or online applications operated or owned by the Company:
3.2.2.1. Technical information and unique identifiers – Internet protocol (IP) address, login information, information about browser, time zone, etc.;
3.2.2.2.Cookies used by the Company’s websites and its mobile applications. For more detailed information on the types of cookies and unique identifiers the Company use and for which purposes, please refer to Section 10.
3.3. It is the duty of the Client of informing third parties of this Privacy Policy in case he passes to the Company Personal Data related to such third parties.
 

4. GROUNDS AND PURPOSES FOR THE PROCESSING OF PERSONAL DATA

4.1. The Company processes Personal Data if one of the following applies:
4.1.1. the processing of Personal Data is necessary to enter into and perform a contract;
4.1.2. to comply with the Company’s legal obligations;
4.1.3. to protect the legitimate interests of the Company or of third party;
4.1.4. if the Company receives the Client's consent.
4.2. The Company primarily processes Personal Data for the following purposes:
4.2.1. to provide Services and free of charge online and mobile resources;
4.2.2. to send administrative information, including updates of policies and changes to contractual terms;
4.2.3. to provide the Client with information about Services, products, educational materials, upcoming events and other related information that may be useful to the Client in relation to Dukascopy Group offers and other resources;
4.2.4. to assess and mitigate risks related to anti-money laundering and terrorism financing as well as transaction related risks;
4.2.5. to comply with legal obligations and/ or government authorities’ requests;
4.2.6. in relation to the Company’s legitimate interests.
 

5. DISCLOSURE OF CLIENTS PERSONAL DATA

5.1. The Company is entitled to disclose Client’s Personal Data to selected third parties, including:
5.1.1. within Dukascopy Group, including all offices and affiliates of the Company, irrespective of their geographical location;
5.1.2. to selected third parties, including providers that deliver services to Dukascopy Group under written agreements ensuring proper safeguards and limitations with regards to Personal Data processing. This may include companies providing IT, payment services, audit services, identity verification, due diligence services, data analysis, marketing support, cloud services and others;
5.1.3. to competent governmental, regulatory or other law enforcement agencies/ authorities.
 

6. PERSONAL DATA TRANSFERS

6.1. The Client Personal Data is primarily processed within the European Economic Area (EEA) and the Swiss Confederation. However, when it is necessary, Personal Data may be transferred to third countries, as specified in this Privacy Policy.
6.2. The Company transfers or makes Client Personal Data accessible for processing outside the EEA or the Swiss Confederation only when appropriate safeguards are in place and if one of the following applies:
6.2.1. This is required under the laws and regulations;
6.2.2. This is necessary to enter into or to perform the agreements for the Services;
6.2.3. The Client has given consent to the processing of his data outside the EEA.
 

7. RETENTION PERIOD

7.1. The period of retention of Personal Data depends on the purposes specified by the Company.
7.2. In determining the retention period of Personal Data, the Company takes into account contractual obligations, the legitimate interest of the Company and relevant legal enactments (such as the regulation concerning anti-money laundering and terrorism financing).
 

8. CLIENT’S OBLIGATION

The Client agrees not to hold the Company nor Dukascopy Group or any of their officers, directors, employees and affiliates liable for losses of any kind, including financial, suffered by the Client in case of use by a third party of Client’s confidential information, for example the login and password either communicated to this third party by the Client or obtained by the third party from the Client by an abusive/fraudulent manner. The Client shall be solely liable for any such personal data disclosure to unauthorised third parties.
 

9. CLIENT’S RIGHTS

9.1. Upon written request, the Client may receive a copy of his Personal Data that are processed by the Company. If such request is excessive or repetitive, the Company may refuse to provide the Client with copy of his Personal Data and the Company may request a reasonable fee taking into account the necessary resources for preparing such copy;
9.2. The Client may request the Company to correct his Personal Data;
9.3. The Client may request the Company to erase his Personal Data to the extent permitted by law and other regulation applicable to the Company;
9.4. The Client may restrict the processing of his Personal Data by the Company to the extent permitted by law and other regulation applicable to the Company; 
9.5. The Client has the right to receive his Personal Data in structured, commonly used and electronic format as well as to transmit it to another controller;
9.6. All aforementioned rights should be exercised in good faith and on written request basis;
9.7. If your request or concern is not satisfactorily resolved by us, upon your written demand, you may approach the Data State Inspectorate of the Republic of Latvia.
 

10. COOKIES

10.1. The Company uses monitoring technologies such as cookies to provide efficient operation of the Website to its visitors;
10.2. Cookie is technology based on small system files placed on browser during visit of the Website;
10.3. The Company collects information about visitor’s device and uses cookies to:
10.3.1. customize Company’s Website features;
10.3.2. avoid re-entry of visitor’s data;
10.3.3. store visitor’s preferences;
10.3.4. gather information about usage of the Website.
10.4. The Company uses third party cookies, provided by third party web analytic services such as Google Analytics;
10.5. Clients and Website visitors can configure their browser preferences and not to accept cookies, however this may affect functionality of the Website;
10.6. Detailed information on cookies, their management and deletion can be found on the website: www.aboutcookies.org 
 

11. CONTACT DETAILS

Should the Client have any questions or inquiries regarding the processing of his Personal Data by the Company, he shall send an e-mail to: [email protected] or send a letter to the postal address indicated on the Company’s Website: https://www.dukascopy.com/swiss/english/home/.
 

12. FINAL PROVISIONS

12.1. The Client agrees that the Company has the right to change its Privacy Policy at any time without prior notice to the Client. The Company may freely use its Websites to inform the Client about any changes in the Privacy Policy. The publishing of an updated version of the Privacy Policy on the Company’s website(s) shall be deemed a valid notification of changes to the Client. The Client undertakes to regularly review the Company’s Website(s) and updates to the Privacy Policy.
12.2. The amendments to the Privacy Policy shall become effective on the date specified in the Privacy Policy;
        12.3. This Privacy Policy was last updated on 25 May 2018 and it supersedes the previous version.