Skip to content

Privacy Policy

With this Privacy Policy we, Entrepreneur Partners AG (hereinafter Company, we or us), describe how we collect and process personal data. This Data Protection Statement is not necessarily a comprehensive description of our data processing. It is possible that other data protection statements General Terms and Conditions, Conditions of Participation, or similar documents are applicable to specific circumstances.
 
In this Privacy Policy, the term «personal data» refers to any information that identifies or could reasonably be used to identify any natural person.
 
If you provide us with personal data of other individuals (such as family members or work colleagues), please ensure that those individuals are aware of this Data Protection Statement. Only provide us with their data if you are authorized to do so and ensure that the personal data provided is accurate.
 
This Privacy Notice is in accordance with the EU General Data Protection Regulation («GDPR») and the Swiss Data Protection Act («DPA»). However, the application of these laws depends on each individual case.
 
In principle, our website is accessible without the indication of your personal data

A. Data Controller

The «controller» of data processing as described in this privacy policy (i.e. the responsible person) is:
 
Arabella Group AG
Stadtgartenweg 6
7000 Chur
ceo@arabella.ch
www.arabella.ch
 
If you have any questions regarding how your personal data is processed or any other data protection concerns, you can contact us using the above-mentioned contact details.

B. Purpose of Data Processing and Legal Bases

We primarily use collected data to enter into and fulfill contracts with our clients and business partners, particularly in relation to providing financial services to our clients and procuring products and services from our suppliers and subcontractors. We also process personal data to comply with domestic and foreign legal obligations.
 
Additionally, in accordance with the applicable law and where appropriate, we may process personal data for the following purposes, which are in our (or, where applicable, third parties’) legitimate interest:
  • Providing and developing our products, services and websites, apps and other platforms in which we are involved.
  • Communication with third parties and handling their requests (e.g., job applications, media inquiries).
  • Advertisement and marketing (including event organization), provided that you have not objected to the use of your data for this purpose (if you are part of our client base and you receive advertisement, you may object at any time, and we will add you to a blacklist to stop further advertising mailings).
  • Asserting legal claims and defending against legal disputes and official proceedings.
  •  Prevention and investigation of criminal offenses and other misconduct.
  •  Ensuring the smooth operation of our IT systems, websites, apps, and other devices.
  •  Acquisition and sale of business divisions, companies, or parts of companies, and other corporate transactions involving the transfer of personal data. This includes measures for business management and compliance with legal and regulatory obligations, as well as internal company regulations.
If you have provided us with your consent to process your personal data for specific purposes (for example when registering to receive newsletters), we will process your personal data within the scope of and based on this consent, unless we have another legal basis if one is required. You have the right to withdraw your consent at any time, but this does not affect the processing of data that occurred prior to the withdrawal.

C. Collection and Processing of Personal Data

We primarily process personal data that we obtain from our clients, business partners, and individuals in the context of our business relationships. Additionally, we collect data from users when operating our websites, apps, and other applications.
 
Where permitted, we may acquire certain personal data from publicly accessible sources (e.g., debt registers, land registries, commercial registers, press, internet) or receive such information from affiliated companies authorities, or other third parties (such as e.g., custodian banks). In addition to the data provided directly by you, the categories of data we receive from third parties include, but are not limited to: information from public registers, data received in administrative or court proceedings, information related to your professional role and activities (e.g., to conclude and fulfill contracts with your employer), information from correspondence and discussions with third parties, information provided by individuals associated with you (family, consultants, legal representatives, etc.) to conclude or process contracts with your involvement (e.g. powers of attorney), information regarding legal regulations such as anti-money laundering, bank details, information about you from media or internet sources (in specific cases, e.g. job applications, media reviews, marketing/sales, etc.), your address and interests, data related to your use of our websites (e.g., IP address, MAC address of your smartphone or computer, device and settings information, cookies, date and time of visit, accessed content and sites, used applications, referring website, localization data).
 
As a matter of principle, we store this data as needed after the processing purpose has ended. This period may be longer if it is necessary for evidentiary reasons or to comply with legal or contractual requirements.

D. Cookies/Tracking and other relevant Information regarding the Use of our Website

Technical Data

When you visit our website, we collect and evaluate user-specific data (e.g. IP address, web browser, operating system) and technical data (such as URLs of accessed pages, execution of search queries) in an anonymous manner.
 
The mentioned data is collected and processed for system security, stability, error and performance analysis, as well as for internal statistical purposes. This allows us to optimize our website.
 
Depending on the specific service, the following data may be processed: email address, first name, last name, salutation, full address, subject matter, and message.
 
If you have given us your consent to process your personal data for specific purposes (for example, subscribing to a newsletter or making an inquiry), we will process your personal data within the scope of and based on this consent, unless we have another legal basis, if required. You have the right to withdraw your consent at any time, but this does not affect the processing of data that occurred prior to the withdrawal.
 
In principle, we store technical data as required after the end of the processing purpose. This period may be longer if this is necessary for evidentiary reasons or to comply with legal or contractual requirements.

Communication Data

If you contact us by e-mail, telephone, letter or other means of communication, we collect the exchanged data between you and us, including your contact details and relevant communication details. If we record or listen to telephone conversations or video conferences, e.g. for training and quality assurance purposes, we will inform you of this practice. Any recordings will be made and used in accordance with our internal guidelines and applicable laws.
 
In principle, we store technical data as required after the end of the processing purpose. This period may be longer if this is necessary for evidentiary reasons or to comply with legal or contractual requirements.
 
Emails in personal mailboxes and written correspondence are generally retained for at least 10 years. Recordings of (video) conferences are usually retained for 24 months.

Cookies and Their Use

We use “cookies” in some cases to customize our offering to better suit your needs. Cookies are small files that are stored on your computer or mobile device when you visit or use our websites. These cookies cannot perform any operations on their own. They save specific settings through your browser and collect data related to your interaction with the website. If a cookie is activated, it can be assigned an identification number that identifies your browser and enables the information contained in the cookie to be used. There are basically two different types of cookies: temporary cookies and permanent cookies. We use temporary cookies, which are automatically deleted from your mobile device or computer at the end of the browser session. We also use permanent cookies to save user settings (e.g. language, auto-login). These remain stored on your computer or mobile device for a long time after the browser session. They are automatically deactivated after a certain period of time.
 
Nevertheless, you may configure your browser settings in a way that it rejects cookies, only saves them for one session or deletes them prematurely. Most browsers are preset to accept cookies. If you block cookies, it is possible that certain functions (e.g. language settings, shopping basket, ordering processes) will no longer be available to you.
 
Arabella Group allows our partner companies that provide services for Arabella Group or which are integrated into our website to save cookies, as long as it is technically necessary and the use of cookies is proportionate. Arabella Group has no control over how cookies are used outside our website.
 
By continuing to use our website and/or agreeing to this privacy policy, you consent to the saving of cookies and the colletion, storage and use of personal usage data, even after the browser session ends (“permanent Cookies”). You can object to this at any time by changing the default setting of your browser so that it rejects (third-party) cookies.

Google Analytics and Similar Services

We may use Google Analytics or similar services on our website with the objective of designing and continuously optimizing our website to meet your needs. These are third-party services that may be based in any country in the world (in the case of Google Analytics, Google Ireland Ltd (based in Ireland), Google Ireland uses Google LLC (based in the United States) as a sub-processor (both “Google”), www.google.com) and which enable us to measure and evaluate the use of our website on an anonymised basis. For this purpose, permanent cookies are used, which are set by the service provider. We have configured the service in a way that ensures IP addresses of visitors are truncated by Google within Europe before being transmitted to the United States, making it impossible to trace them back. We have also disabled the “Data sharing” and “Signals” options. Although we can assume that the information we share with Google does not conclusions about the identity of visitors based on the data collected, create personal profiles and link this data with the Google accounts of these individuals for its own purposes. If you have registered with the service provider, the service provider will also have knowledge of your identity. In this case, the processing of your personal data by the service provider will be conducted in accordance with its own data protecting regulations. The service provider only provides us with data regarding the usage of the respective website, and no personal information about you is shared
 
In the context of using our website, pseudonymized user profiles are created and, as previously mentioned, through the use of small text files that are stored on your computer. The information generated by such cookies regarding your usage of our website is transmitted to the servers of the service providers, where it is stored and processed on our behalf. In addition to the previously mentioned data, we may also receive the following information
  • The navigation path followed by a visitor on the website
  • The time spent on the website or subpage.
  • The subpage from which you leave the website
  • The country, region or town/city from which access is made
  • The end device (type, version, color depth, resolution, width and height of the browser window).
  • Whether the visitor is a new or returning user.
The tools, programmes and instruments that we use to analyse web behaviour include Google Analytics, Google Tag Manager, Google Fonts and Fontawesome.
 
The information generated by cookies about your use of this website (including your IP address) is usually transferred to a Google server in the United States and stored there. Google will use this information to evaluate website usage and compile reports on website activities for us as the website operator, as well as providing other services relating to website and internet use. Google may also transmit this information to third parties if required by law or if third parties process this data on Google’s behalf. Google will never associate your IP address with other Google data. You can prevent the installation of cookies by adjusting your browser settings. In this case, however, you may not be able to use all the features on the website. By using this website, you consent to Google processing the collected data about you as described above and for the stated purpose.

E. Sharing Data with Third Parties and Transfer of Data Abroad

In the context of our business activities and in line with the purposes of data processing outlined above, we may transfer data to third parties, insofar as such a transfer is permitted and we deemed appropriate for them to process the data on our behalf or for their own purposes. In particular, the following categories of recipients may be concerned.
  • Our service providers (e.g. Risk Management & Compliance, IT-Provider, CRM-System)
  • Domestic and foreign authorities, official bodies and courts
  • Other parties involved in potential or ongoing legal proceedings
Certain recipients are located within Switzerland, but others may be located in any country worldwide.
 
If a recipient is located in a country without adequate statutory data protection, we require the recipient to commit to data protection compliance (for this purpose, we use the revised European Commission’s standard contractual clauses, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is subject to a legally recognised set of rules to guarantee data protection, or unless we cannot rely on an exception. An exception may apply, for example, in case of legal proceedings abroad, overriding public interest, contractual disclosure requirements, your consent, or if data has been publicly available and you have not objected to its processing.

F. Duration of data storage

Your data, which also includes personal data, will be processed and stored only for as long as is necessary to fulfil our contractual and legal obligations or for the purposes stated in the data processing activities. This may include the entire duration of the business relationship and beyond, based on legal retention requirements and documentation obligations. It is possible that personal data will be retained for the time in which claims can be asserted against our company and insofar as we are otherwise legally obliged to do so, or if legitimate business interests require it (e.g. for evidence and documentation purposes). Once your personal data is no longer required for the above-mentioned purposes, it will be erased or anonymized to the extent possible. In principle, we store operating data (e.g. system protocols, logs) after the end of the processing purpose. This period may be longer if this is necessary for evidentiary reasons or to fulfil legal or contractual requirements.

Data Security

We have taken appropriate technical and organizational security measures to protect your personal data against unauthorized access and misuse. These measures include issuing instructions, training, IT and network security solutions, access controls and restrictions, encryption of passwords, data storage and transmission and pseudonymization.
 
We cannot guarantee the security of data transmission over the internet. In particular, there is a certain risk of access by third parties when data is transmitted by e-mail.

G. Your Rights

In accordance with applicable law, you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing, in particular for direct marketing purposes, for profiling carried out for direct marketing purposes and for other legitimate interests in processing in addition to right to receive certain personal data for transfer to another controller (data portability). Please note, however, that we reserve the right to enforce statutory restrictions on our part, e.g. if we are obliged to retain or process certain data or have an overriding interest (insofar as we can invoke such interests) or need the data for asserting claims.
 
We have already informed you of the possibility to object/withdraw consent at any time. Please be aware that exercising your rights may have implications for your contractual obligations and may result in consequences such as premature termination or associated costs. If this is the case, we will inform you in advance unless this has already been contractually agreed upon.
 
In general, exercising these rights requires that you can prove your identity (e.g. by a copy of identification documents where your identity is not evident otherwise or can be verified in another way). To assert these rights, please contact us using the details provided above.
 
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

H. Profiling

We may partially process your personal data automatically with the aim of evaluating certain personal aspects (profiling). In particular, profiling allows us to inform and advise you about products possibly relevant for you. For this purpose, we may use evaluation tools that enable us to communicate with you and advertise to you as required, including market and opinion research.
 
When establishing and carrying out a business relationship, we generally do not use fully automated individual decision-making (e.g. in accordance with article 22 GDPR). Should w
e use such procedures in certain cases, we will inform you separately and advise you of your relevant rights if this is required by law.

I. Change to this Privacy Policy

We may amend this Privacy Policy at any time without prior notice. The current version published on our website shall apply. If the Privacy Policy is part of an agreement with you, we will notify you by e-mail or other appropriate means in case of an amendment.