Privacy Policy

I.   Name and address of the person responsible

The person responsible according to the General Data Protection Regulation (GDPR) is:

Seeger, Cott & Partner AG, Kirchstrasse 6, 9494 Schaan, Liechtenstein

Tel.: +423 265 22 00

E-Mail:

Website: www.seeger-cott.li

 

II.     Data processing in general

1.        Scope of the processing of personal data

The processing of personal data is limited to data that is required to operate a functional website and for the provision of content and services. The processing of personal data of our users is based on the purposes agreed or on a legal basis (GDPR). We only collect personal data that is necessary to implement and process our tasks and services or if you provide data voluntarily.

2.       Your rights

You have the right to request information about any of your personal data we process. In particular, you have the right to request information about the purpose of the processing, the categories of personal data, the categories of recipients who will have access or were disclosed with your data, the duration periods for saving the personal data, whether there is a right to adjust/correct, erase, restrict or object, transmission of data (as long as it does not cause a disproportionate effort to transmit these data), the source of your data if not collected through us and if we use automatic decision-making technologies including profiling.

Additionally, you have the right to revoke a previously granted consent to use your personal data at any time.

If you believe that the processing of your personal data is inconsistent or contradicts the applicable data protection laws you have the possibility to lodge a complaint with the data protection office.

 

III.   Description and scope of data processing

1. Provision of the website

Our system records data and information about the computer used by the user automatically and with every visit on our website.

The following data are collected:

  • Information regarding the type and version of internet browser used to access the website
  • Operating system
  • Internet service provider
  • IP address
  • Date and time of each access
  • Web page from which the user was redirected to our page

The data mentioned above are saved for a maximum time period of six months. This storing is done due to security reasons to ensure the stability and integrity of our systems.

We use “Google Analytics” a web analysis client by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA to evaluate the usage of our website. Google Analytics uses cookies (see point 2) which will be stored on your computer. The containing information regarding website and internet usage can be evaluated and processed by Google.

The collected data may be transmitted to countries outside the EU/EEA, especially to the USA. However, Google has committed to follow the Privacy Shield Framework agreement. Further information about your rights of said agreement is found on the website of European Commission Data Protection.

Additionally, we ensure that your IP address is anonymised before it is transmitted to Google. Your IP address is shortened directly on your computer. Therefore Google Analytics can not make any connection between your IP address and other information stored by Google Analytics.

Legal basis for the usage of Google Analytics is Article 6 (1) lett. f GDPR.

2. Cookies

We use cookies on our website to ensure a user-friendly experience. Cookies are small files that are managed by the user’s web browser and are directly stored on the respective device (Laptop, Tablet, Smartphone etc.) whenever you visit our website. Cookies are stored as long as you do not don’t delete them. This process allows us to recognize your browser on your next visit.

If you do not wish to use cookies you can change the settings in your browser accordingly. You will then be notified whenever your browser attempts to create a cookie and you can decide whether you want to allow the cookie. However, please note that a deactivation of cookies may result in a limited user experience and you may not be able to use every function of our website.

Legal basis for the processing of data through cookies is Article 6 (1) lett. f GDPR.

3. Contact form

If you fill out a contact form, send us an email or another form of electronic message, your data will only be used to process your inquiry and possible further questions you might have.

Legal basis for the processing of your inquiry is Article 6 (1) lett. b GDPR.

We will delete your email address after completing your inquiry.

 

IV. Data security

We use the common encryption technology RSA in connection with the highest encryption levels that are supported by your browser. If a page on our website was/is being transmitted encrypted it is shown by the lock symbol in the address bar of your browser.

Additionally, we use appropriate technical and organizational security measures to protect your data from accidental or intentional manipulation, partial or complete loss, destruction, or to prevent unauthorized access by third parties. Our security measures are continuously upgraded according to the latest technological developments. 

 

B. Additional privacy statement for clients

Description and scope of data processing

1. Purpose of data processing

We process our clients’ personal data for the following purposes:

  • Activities pursuant to Article 2 of the Liechtenstein Professional Trustees Act (TrHG) in conjunction with the Liechtenstein Persons and Companies Act (PGR), in particular:
    • Client mandate management (including administration of legal entities)
    • Compliance with statutory accounting requirements
    • Correspondence
  • Compliance with legal obligations, in particular:
    • PGR, TrHG, due diligence laws, tax legislation and treaties

2. Categories of data

The following categories of data are processed in our data directories pursuant to Article 4 (1) of the GDPR for the purposes of our activities outlined under Section 1 above:

Data category Data description Data recipient
Client and address data Name, company name, date of birth, home and/or business address, nationality, occupation, telephone number, e-mail address external service providers (such as banks, asset managers, auditors) authorities
Identification means passports and official ID papers, utility bills, tax numbers, self-disclosure, death certificates banks, asset managers
Due diligence documentation contracting partners, identification of beneficial owners, business relationship profiles with background information about occupation and private situation, World-Check data, checks pursuant to the Liechtenstein Due Diligence Act (SPG) banks
Mandate data company documents, bank documentation, correspondence, documents pursuant to the DDA, tax data, resolutions of governing bodies no data transmission
Accounting data Transactions and accounting information no data transmission
Correspondence Client orders, general no data transmission
Company information Articles of Association, by-laws, certificates, mandate contracts, signing authorities no data transmission
Tax reporting data Reports based on FATCA, AEOI, LDF tax authorities

 

3. Legal basis

The data listed under Section 2 above will be processed

  • on the basis of our contractual relationship with our clients (Article 6(1)(b) of the GDPR);
  • in order to fulfil a legal obligation (Article 6(1)(c) of the GDPR);
  • to carry out a task in the public interest or in the exercise of official authority (Article 6(1)(e) of the GDPR); or
  • for the purposes of the legitimate interests pursued by the data controller or a third party (Article 6(1)(f) of the GDPR).

Processing for the purposes of our legitimate interests may include:

  • Processing for the purpose of internal administration
  • Evaluations
  • Marketing
  • Direct marketing
  • Video surveillance
  • Defending against unjustified claims

4. Recipients of personal data

Clients’ personal data will only be processed by us to carry out our contractual, statutory and regulatory obligations for the purposes listed under Section 1 above.

For these purposes, data may be shared with the following:

  • Companies within our group of companies for the purpose of internal administration
  • External services providers and offices:
  • Banks
  • Asset managers
  • Insurance companies
  • Lawyers
  • Auditors
  • Other cooperation partners
  • Associations

If we have statutory or regulatory obligations to fulfil, personal data may be sent in particular to the following:

  • Public offices and authorities (e.g. supervisory authorities, courts)
  • Tax authorities (including in the scope of AEOI and FATCA)
  • Authorities of third countries or international organisations

5. Sharing data with third countries or international organisations

If we transfer clients’ personal data to other countries, it is protected and transferred in accordance with the statutory provisions. Transmission of data outside of the European Economic Area is done with the following guarantees:

  • The country to which we are transmitting the personal data has assured the European Commission of an appropriate level of protection of personal data.
  • The recipient has signed a contract based on the Standard Contractual Clauses confirmed by the European Commission, undertaking to protect personal data.
  • If the recipient is located in the USA, the recipient is a certified member of the EU-US Privacy Shield Framework.

Additional information about the protection of personal data when it is transmitted outside the European Economic Area can be provided on request.

For the fulfillment of contractual obligations, personal data are only transferred to third service providers in third countries with the expressed consent of the client.

6. Data sources

We collect data either directly (e.g. in meetings or through correspondence with clients; internal background and due diligence checks) or partially from third-party service providers.

Third-party service providers may include:

  • Banks
  • Asset managers
  • Auditors

7. Storage periods

Personal data will be processed and stored for the duration of the business relationship within the framework of the statutory provisions. Once the business relationship has been terminated, these data are retained for 10 years on the basis of statutory provisions (PGR, DDA, Liechtenstein Civil Code [ABGB]). Longer retention periods will be enforced only on the basis of statutory or contractual requirements to retain data or for the purpose of maintaining evidence within any applicable statutory limitation periods.

8. Automated decision-making (Article 22 of the GDPR)

No automated decision-making processes are applied to clients’ personal data. Where such processes are used in individual cases, we inform the clients to the extent required by the law.

9. Necessity of the data (Article 13(2)(e) of the GDPR)

Provision of the data listed under Section 2 above is mandatory in order to allow us to offer our clients the services they require and fulfil our statutory obligations. In addition to possible statutory reporting obligations to the responsible supervisory authorities, failure to provide data will result in the non-establishment or termination of the business relationship.