your personal data

Privacy Statement

We like to be transparent about what we do with your personal data. In our Privacy Statement we explain how we process personal data. 

Summary Privacy Statement

Your privacy is important to us. We therefore treat your personal data responsibly and carefully. It is essential for us that your information is safe with us. Our employees are bound by strict rules when handling information and our security standards are high. We do not sell personal information to third parties.

Use of your personal data
We process personal data of all our customers and therefore also of you. If you are a contact person for a customer, we also process your personal data. We need your personal data for many reasons. To accept you as a customer, but also to be able to offer products and services. You can think of your contact details, but also of information about your income where necessary. For some legal obligations, we also have to monitor your transactions. If you are no longer a customer of ours, we will destroy your personal data after a certain period of time.

In order to acquire new customers or promote new products or services, we also process personal data. This often involves a limited type of data, such as contact details. If you are not yet a customer, we may process a limited amount of your personal data in order to contact you within a reasonable period of time. We will ask for your permission at that moment.

Viewing, modifying, correcting personal data
We like to be transparent about what we do with your personal data and find it important that they are correct. You can therefore ask us to view, amend, supplement and improve your personal data. If you do not want us to process your personal data, you can object. It is your data, which is why you can also ask us to transfer data to you. The law determines whether we can cooperate with your request.

Provision of personal data to third parties
We use your personal data for our services. Sometimes we provide your personal information to third parties. We only do this if it is necessary to carry out the agreement with you or to keep our business operations efficient. For example, we work with a party that sends mail to our customers on our behalf. We give personal information to that third party in order to do so. We ensure that your personal information is in as good a hands as it is with us.

We must also comply with legal obligations to provide information (including personal data). For example, to a regulator or other public body, such as the Tax and Customs Administration. We may also have to provide personal data to foreign regulators or authorities.

Do you want to know exactly what we do with your personal data? Please read all the information in the full Privacy Statement below.

Full Privacy Statement

Below we explain how F. Van Lanschot Bankiers (Switzerland) Ltd (Van Lanschot) handles personal data.
  • 1. When do we announce changes in our Privacy Statement?
    Van Lanschot may amend this Privacy Statement. We will always inform you about important changes in advance.
  • 2. What are personal data?
    Personal data is information that says something about a natural person. For example, a name, address or telephone number, but also financial data such as a bank account number or income data. In appendix 1 are the categories of personal data that we may be able to process. This Privacy Statement explains why we can process which personal data and on what basis.
  • 3. What is "processing of personal data"?
    This includes everything we can do with personal data. For example, collecting, viewing, destroying or storing.
  • 4. How do we handle personal data?
    Your privacy is important to us. We comply with laws and regulations. For example, the Swiss Data Protection Act and the European General Data Protection Regulation (GDPR). We treat personal data responsibly and carefully. We do not sell personal data to third parties.
  • 5. Is this privacy statement also about your personal data?
    This Privacy Statement covers personal data of: customers, former customers, persons who are interested in our services and who are not yet customers, representatives of customers or former customers (e.g., agents and trustees) or people associated with a company or institution that is our customer (e.g., directors or stakeholders of customers). Wherever this Privacy Statement refers to customers' personal data, it also includes personal data of customers' representatives or people associated with a company or institution that is our customer.
  • 6. How do we secure personal data?
    It is very important to us that your and our information is safe. Our employees are bound by strict rules. Our security measures comply with the relevant standards. 
  • 7. How do we deal with data breaches?
    In the event of a data breach, personal data may end up somewhere where they do not belong. We report data leaks to the relevant Authority. We will not do this if there is no risk for you. We will also inform you. We will do so if necessary in view of the risks you might run. Risks include identity theft or fraud. We will then provide you with information about what has happened and what consequences this has or may have. We will also tell you about the measures we have taken to limit any adverse consequences.
  • 8. What can you ask us with regards to your personal data?
    Below you can find out what you can ask us for with regard to your personal data. The law determines whether we can cooperate with your request. You should therefore bear in mind that we are not always able to help you.

    You can ask your question using the form at the bottom of this page. We will answer your question as soon as possible. There are no costs involved in handling a question, unless the answer is an exceptional burden for us. This would be the case, for example, if you repeat a question repeatedly within a short period of time. We will inform you in advance if we charge a fee.

    a.    Correction or supplementation of personal data
    You may ask Van Lanschot to correct or supplement personal data if they are incorrect or incomplete.

    b.    Access to personal data
    You can ask Van Lanschot to view your personal data and to receive a copy of it. You may also ask us for information on how we process your personal data (such as the purposes of such processing and the categories of personal data).

    c.    Removal of personal data
    You can ask us to remove your personal data. This may be the case, for example, if the personal data are no longer required or if you have withdrawn your consent to the use of the personal data.

    d.    Objecting to the processing of personal data

    You can object to certain processing of personal data. This is only possible if we base a processing on the legal basis of 'legitimate interest' (in section 9. 'What do we process personal data for?' is mentioned if this is the case), if it concerns direct marketing or if the personal data are processed for statistics.

    e.    Restricting the processing
    You can ask us to temporarily suspend the processing of personal data. This may be the case, for example, if, at your request, we examine whether personal data is incorrect or incomplete or if we process personal data without being allowed to do so. You can also ask us if you think you need the data for legal proceedings or if you have objected to the processing.

    f.    Downloading and transfer of data
    You can download payment and securities transactions via online banking and possibly transfer them to a third party.
  • 9. What for do we process personal data?
    Van Lanschot processes personal data for various reasons. You can read more about this below.
    • a. Becoming a customer
      Before a person becomes a Van Lanschot customer, we are obliged to investigate the potential customer. We will then consider whether to accept the person as a customer. This is called the customer acceptance survey. The purpose of this investigation is to determine whether there are reasons not to accept an individual as a customer. We also examine whether there are any particularities that we should take into account in our services, such as whether there are any registered debts. We may process personal data for the purpose of this investigation to the extent that we need such data in order to comply with our legal obligation to conduct a customer acceptance investigation.

      For the purpose of this investigation, we collect personal data from the customer, such as a copy of proof of identity, personal identification data, personal characteristics, financial data and criminal law data. We also use external sources for this investigation, such as the Land Registry, the Central Credit Information Register and the Internet.

      Once a customer has been accepted, we will examine, based on our legal duty of care, whether we can offer the customer a product or service. In particular, we use personal characteristics and financial data for this purpose. We may process personal data for this purpose to the extent that we need these data in order to comply with our statutory duty of care.

      We cannot accept a customer and may not offer a product or service if we do not receive the necessary personal data from the customer.
    • b. Being a customer

      We also process the customer's personal data during the relationship with the customer.

      In order to be able to have contact with the customer
      During the relationship with the customer, we have contact with the customer. For example, by phone (landline or mobile phone), by email, text message, post, via an application (app), by using a chat function on the website or the app, or at the reception of one of our offices. For that contact, we use personal identification information. We may process these personal data to the extent necessary for the execution of the agreement with our customers.

      Execution of the agreement
      We process personal data in order to fulfil the agreement with the customer. We need personal data, for example, in order to carry out transactions or to advise the customer. Even if there are problems in the relationship with a customer, we can process personal data to find a solution. For example, if a customer is unable to repay a loan, or if a customer has been in the red for too long.

      We may use personal identification data, personal characteristics, information about products and services, financial data and communication data for this purpose. We also use data from external sources, such as public registers (e.g. Chamber of Commerce and Land Registry). We may process this personal data to the extent necessary for the execution of the agreement with our customers.

      Legal obligations
      We process personal data in order to comply with legal obligations. More information about this can be found below.

      • Transaction monitoring
        We are legally obliged to monitor our customers' transactions. We cannot fulfil this obligation without processing financial data and personal identification data.
      • Legal retention obligations
        We are required by law to retain certain personal data. This applies, for example, to information relating to the customer acceptance survey, to investment transactions carried out and telephone calls made and to digital communication with the customer if these could lead to an investment transaction or investment service.
      • Information obligations and requests for information
        We may be required by law, on our own initiative or upon request, to disclose personal information about customers to a government agency, tax authority, regulator or court. We must provide information about customers' identity, assets and income from assets to the Swiss Federal Tax Administration regarding the automatic exchange of information in tax matters (also known as Common Reporting Standard). Foreign legislation may also oblige us to provide information to foreign authorities.

      For training and quality purposes
      We can record the content of telephone conversations with customers for training and quality purposes. Customers are informed in advance. The content of the communication is recorded in order to train and guide our employees in the contact with customers. We may process personal data for this purpose because it is in our justified business interest to improve the quality of telephone services. A customer may object to the processing of personal data on the basis of this interest for personal reasons. You can read more about this in the section 'Right of objection'.

    • c. The relationship between the client and Van Lanschot is or will be terminated

      If the relationship with the customer is or will be terminated, we retain collected personal data. This can be done on the basis of Legal storage obligations (see section 9b), for Internal analyses (see section 9f), for the settlement of the agreement and the relationship or to use in the event of any differences of opinion during or after the completion of the relationship. Van Lanschot may process personal data for this purpose because this is necessary to protect its interests in order to have sufficient evidence at the time when a dispute arises with a customer. You may object to the processing of personal data based on this interest for personal reasons. You can read more about this in the section 'Right of objection'. Van Lanschot may also collect new personal data, such as financial data and data from public external sources (Commercial Register, Land Registry, the Central Credit Information Register), for the purpose of processing the agreement and the relationship.

    • d. For the safety and integrity of the financial sector and the prevention and limitation of fraud

      We are required by law to ensure that our business operations are safe and sound. We therefore take measures to limit fraud and crime involving the processing of various personal data. For example, we analyse personal identification and financial data to detect skimming, cybercrime and other forms of fraud or improper behaviour. For example, we record the names and dates of birth of (legal) persons who pose a risk to the safety and integrity of our company.

      Another way to ensure a safe and sound financial sector is to carry out fraud investigations into events. For this type of investigation, we can, for example, consult e-mail correspondence with customers, listen to recorded telephone calls and interview employees. It is possible that personal data of customers may be processed in the process. We may use third parties, such as lawyers or forensic accountants, to conduct this investigation.

      We may process personal data for this purpose because we are obliged to ensure safe and sound business operations and because it is in the legitimate interest of our customers, the financial sector, our employees and ourselves as a company.

    • e. For promotion and marketing

      Our activities in the field of promotion and marketing consist of acquiring new customers and consolidating the relationship with existing customers.

      Recruiting new customers
      In order to acquire new customers, we process personal identification data and personal characteristics from external sources and compare them with our customers' personal data. We process personal data of potential customers in order to contact them within a reasonable period of time. We request permission at that time. Consent can easily be withdrawn at any time. Withdrawal of consent has no retroactive effect; data processing up to the time of withdrawal is lawful. We may use personal data with specific permission to inform customers, for example, about products and services or to send newsletters. We also store personal data for a short period of time if the customer has informed us that he is not interested in our services. This enables us to prevent the customer from being contacted anyway. You can read more about this under the heading 'How long do we keep personal data?

      Consolidating the relationship with existing customers
      Through promotion and marketing, we try to point out new products and services to customers or serve them better. We do this, for example, by means of a commercial on television or an advertisement on social media. But sometimes we do this by means of a personal e-mail or a telephone call. For such marketing activities, we may process personal data, such as personal identification data, personal characteristics, product and service information and electronic identification data.
      We have a business interest in marketing and promotion, they support our business activities. A customer may object to the processing of personal data on the basis of this interest for personal reasons. You can read more about this in the section 'Right of objection'.

    • f. Analysis and research

      Van Lanschot processes personal data for analysis and research purposes. The purpose of these analyses and surveys is to develop and improve our products and services and to provide our customers with a better service. We also use analyses to predict and prevent problematic debts.

      For the development and improvement of products/services and for better customer service
      We strive to ensure that our products and services meet the needs of our customers as closely as possible. That is why we regularly develop and improve our products and services. To determine how best to do this, we analyse the use of products and services. Where possible, we do not use personal or anonymous data. If this is not possible, we use personal data that we have received from customers, such as personal identification data, financial data and information about products and services. This allows us to create profiles of our customers. These are automated processing of personal data in which we evaluate certain personal aspects of our customers on the basis of personal data, in particular with a view to analysing or predicting the economic situation, personal preferences, interests, behaviour, location or movements of our customers. We can also use general (statistical) data from external sources, such as public registers (Commercial Register, Land Registry, the Central Credit Information Register), public sources (Internet, newspapers) and research institutes. We may process personal data for this purpose because it is in our and the customer's interest to improve our products and services and to better serve our customer. Customers may object to the processing of personal data based on this interest for personal reasons. You can read more about this in the section 'Right of objection'.

      We also conduct customer surveys and interviews for this purpose. This involves processing personal data such as personal identification data and data about products and services. These personal details are processed with the customer's consent. Consent can easily be revoked at any time. Withdrawal of consent has no retroactive effect; the data processing up to the moment of withdrawal is lawful.

      For predicting and preventing problematic debts
      We process personal data to predict and prevent problematic debts. On the basis of risk parameters, we use personal data to calculate whether a situation of arrears or overstress can arise in the short term. For this purpose, we process personal identification and financial data.

  • 10. Do we provide personal data to third parties?

    We may provide your personal information to third parties. We only do this if this is necessary within the framework of the execution of the agreement or because it makes our business processes more efficient.

    a.    Execution of the agreement
    For example, your name may be disclosed to another bank in the case of a payment transaction. Conversely, for this reason we may also process personal data of third parties who are not our customers. In the case of international transactions, transaction data is provided to companies that facilitate (international) transfers of funds (e.g. SIC, SWIFT). These companies store personal data in the European Economic Area and the United States. U.S. authorities may request these personal data for counterterrorism purposes.

    We also provide personal data to, for example, Card Service Providers such as VISA and Mastercard if you wish to havea credit card through us. We may also transfer personal data to a foreign body or tax authority, for example to reclaim withholding tax on foreign investments, if so agreed with you, or with exemption at source on foreign investments. This may also be the case if you are a participant in an investment vehicle.

    b.    Business Support
    We also use third parties who support us in our business operations and therefore process personal data for us. These parties are called processors. For example, we work together with a third party that prints and sends out to customers daily statements and asset management reports on our behalf. We also sometimes use third parties for customer research. We make agreements with these third parties to ensure that the personal data are adequately protected. We only select this third party after careful examination. We demand that your personal details are also safe with these third parties. We may provide personal data to third parties in support of our business operations because it is in our justified interest to optimise our business operations.

  • 11. Do we provide personal data to organisations in countries outside de EEA?

    We try to limit the processing of personal data to organisations in countries outside Switzerland and the European Economic Area (EEA), because the level of protection of personal data in those countries may be lower. In the exceptional event that we do so, we do so only because it is necessary for the performance of a contract with a customer or because specific safeguards have been put in place for the protection of personal data. Van Lanschot remains the point of contact for individuals whose personal data are provided to third parties outside Switzerland or the EEA, also with regard to those processing operations. This may be the case, for example, if technical support is needed for certain applications in the event of malfunctions.

  • 12. How long do we store personal data?

    We apply maximum periods of time for the storage of personal data. These periods are listed in Appendix 2. After the expiry of the maximum retention periods, personal data will be destroyed. The storage periods mentioned can only be extended if, after the expiry of the storage period mentioned, there is an ongoing complaint, procedure or (criminal or supervisory) investigation with regard to the (former) relationship. The same retention periods apply to personal data stored with third parties. In our cookie statement you will find the retention periods that are used by the various cookies.

  • 13. Do we also process special categories of personal data and criminal records?

    We handle special categories of personal data and personal data under criminal law with care. These data are processed to a very limited extent within our organisation. We only process this data in the context of incident registers and warning systems of the financial sector. See 'For the safety and integrity of the financial sector and the prevention and limitation of fraud' (section 9d). Furthermore, we only process special categories of personal data if we are required to do so by law, with express permission or if you ask us to do so or if you disclose special personal data in communications with us on your own initiative. If a customer has consented to the processing of special categories of personal data, this consent may be withdrawn at any time. Withdrawal of consent has no retroactive effect; the data processing up to the moment of withdrawal of consent is lawful.

  • 14. Cookies

    In our cookie statement you can read how we deal with personal data processed using cookies.

  • 15. Do you have questions or complaints?

    For general questions or complaints in connection with this Privacy Statement, please contact us.

    F. van Lanschot Bankiers (Switzerland) Ltd

    Mittelstrasse 10

    PO Box 3078

    8034 Zurich

  • 16. Downloads