1. What is this privacy policy about?
The MD&Partners AG (hereinafter also "we", "us") obtains and processes personal data , which concerns you or also other persons (so-called "third parties"). In this privacy policy, we describe what we do with your data when you use www.md-partners.ch (hereinafter "website"), obtain our services or products, otherwise deal with us under a contract, communicate with us or otherwise deal with us. If you transmit or disclose data to us about other persons, such as family members, we assume that you are authorised to do so, and that this data is correct. By submitting data about third parties, you confirm this. Please also ensure that these third parties have been informed about this priva-cy policy.

(1) Your personal data is any information that relates to you and can identify you directly or indirectly (e.g. via the internet) (e.g. name, email address, telephone number, picture, depending on your profile..

2. Who is responsible for processing your data?
We are responsible for the data processing described in this privacy policy. You can contact us for your data protection concerns and to exercise your rights pursuant to para 11, as follows: MD&Partners AG, Kirchhofplatz 12, Schweiz, mail@md-partners.ch.

3. What data do we process?
We process different categories of data about you. The main categories are as follows:
• Master and portfolio data such as name, address, date of birth, contract number and duration, documents to establish the customer's identity, information on the account, custody account, concluded transactions or on third parties such as life partners, authorised repre-sentatives and advisors who are also affected by data processing.
• Residence for tax purposes and any other documents and information relevant for tax purposes.
• Transaction or order and risk management data such as beneficiary details, mandate details where applicable, details of your assets, investment products, risk and investment profile, fraud.
• Records of telephone calls between you and us, if applicable.
• Marketing data such as needs, wants, preferences.
• Technical data, such as internal and external identifiers, business numbers, IP addresses, records of access or changes.

4. For what purposes do we process your data?
We process your data for the following purposes (in addition to those we notify you of separately):
• Communication with you
• Contract conclusion/processing with you, your employer and customers
• Operation of the infrastructure, website, app
• Marketing (e.g. mailings, with unsubscribe link/option, occasions), relationship management
• Market analyses, planning, development of products & services, R&D
• Compliance (adherence to laws, industry standards, directives etc.)
• Legal procedures, investigations
• Safeguarding security, access control
• Management, Risk Management
• Corporate transactions (e.g. M&A)
• Media relations, PR, publications
• Shareholder Services, Investor Relations
• Training, instruction, further education
• Fighting crime and fraud

5. On what basis do we process your data?
Depending on the products and services we may provide to you or the purpose for which the personal data is processed, the data processing is based on the following:
• Entering into, concluding or performing a contract or business relationship with you or for the performance of our obligations under such contract or business relationship.
• To safeguard our legitimate interests, e.g. statistics, planning or product development, business decisions; monitoring and controlling risks, business auditing; marketing, market re-search, comprehensive support, advice and in-formation on the range of services, preparation and provision of tailor-made services - in-sofar as no objection has been made; safe-guarding our interests and securing the claims of our company, customers and employees.
• To fulfil legal or regulatory obligations of our company or the performance of tasks in the public interest.
• Based on your consent.

6. Do we use online tracking?
We use various techniques on our website which enable us and third parties engaged by us to recognise you when you use our website and, in some circumstances, to track you across multiple visits. We inform you about this in this section. In essence, this is so that we can distinguish accesses by you (via your system) from accesses by other users, so that we can ensure the functionali-ty of the website and carry out evaluations and personalisations. In doing so, we do not want to infer your identity, even if we can do so insofar as we or third parties engaged by us can identify you through a combination with registration data. Even without registration data, however, the technologies used are designed in such a way that you are recognised as an individual visitor each time you access the site, for example by our server (or the servers of the third parties) assigning you or your browser a specific identification number (so-called "cookie").
Whenever you access a server (e.g. when using a website or an app or because an image is visibly or invisibly integrated in an email), your visits can therefore be "tracked" (traced). If we integrate offers from an advertising contractor or provider of an analysis tool on our website, they may track you in the same way, even if you cannot be identified in individual cases.
We use such techniques on our website and allow certain third parties to do so as well. You can programme your browser to block or deceive certain cookies or alternative techniques, or to delete existing cookies. You can also enhance your browser with software that blocks tracking by certain third parties. You can find more information about this on the help pages of your browser (usually under the keyword "data protec-tion") or on the websites of the third parties that we list below.
Cookies:
This site uses cookies. Cookies are small text files that are stored permanently or temporarily on your computer when you visit this website. The purpose of the cookies is in particular to analyze the use of this website for statistical evaluation and continuous improvements. Through the information stored and sent back in the cookie, the respective website recognizes that the user has already accessed and visited it with the browser of their device. However, only the cookie itself is identified on the end device. Any further storage of personal data will only take place if the user gives us his express consent or if this storage is absolutely necessary in order to be able to use the service offered and accessed. You can deactivate cookies completely or partially in the settings of your browser at any time. If cookies are deactivated, all functions of this website may no longer be available to you. By using our homepage, you agree to the use of cookies. More information about cookies at Wikipedia or cookiesandyou.com.
Google Analytics:
Google Ireland (based in Ireland) is the provider of the “Google Analytics” service and acts as our data processor. For this purpose, Google Ireland relies on Google LLC (based in the USA) as its processor (both “Google”). Google uses performance cookies (see above) to track the behavior of visitors to our website (duration, frequency of pages accessed, geographical origin of access, etc.) and creates reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors to Google in Europe are shortened before being forwarded to the USA and therefore cannot be traced back. We have turned off the “Data sharing” and “Signals” settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles and share this data with Google -Accounts of these people can be linked. If you agree to the use of Google Analytics, you explicitly consent to such processing, which also includes the transfer of personal data (in particular website and app usage data, device information and individual IDs) to the USA and other countries. Information about Google Analytics data protection can be found here [https://support.google.com/analytics/answer/6004245] and if you have a Google account, you can find further information about processing by Google here [https://policies.google.com/technologies/partner-sites?hl=en-US].
Social Networks:
In certain areas on MD-Partners we use plugins from the social network linkedin.com. You can find the privacy policy for Linkedin here: [https://www.linkedin.com/legal/privacy-policy].

7. Who do we disclose your data to?
In connection with our contracts, the website, our services and products, our legal obligations or otherwise to protect our legitimate interests, we also transfer your personal data to third parties, in particular to the following categories of recipients: • Service providers (who process your data part-ly on our behalf, e.g. IT providers, partly on their own responsibility, e.g. banks)
• Authorities at home and, if applicable, abroad
• Business partners such as suppliers,
• Customers, marketing and project partners
• Third parties who collect data about you via website/app (see list on the website)

8. Does your personal data also end up abroad?
Yes, this is possible, to the EEA, but exceptionally to any country in the world (conceivable especially for online services that we use). If this is a country without sufficient data protection, we conclude contracts (so-called EU SCC), but may also rely on consent or transfer data abroad on a case-by-case basis, because it is necessary for the processing of a contract, where it concerns data published by you or it is necessary for legal proceedings abroad.

9. How long do we process your data?
The duration of the storage of personal data is determined by legal retention obligations or the purpose of the respective data processing. As a rule, we store personal data for the duration of the business relationship or the duration of the contract and then for a further five, ten or more years (depending on the applicable legal basis).

10. How do we protect your data?
We take reasonable security measures to main-tain the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and to protect against the risks of loss, accidental alteration, unauthorised disclosure or access.

11. What rights do you have?
You have the right to information, correction, deletion, restriction, objection and - if applicable - the right to data portability. Furthermore, you have the right to lodge a complaint with a competent data protection supervisory authority. If you wish to exercise the above rights against us), please contact us in writing, at our premises or, unless otherwise stated or agreed, by e-mail. You will find our contact details in para. 2. In order for us to be able to exclude misuse, we must identify you (e.g. with a copy of your ID card, unless otherwise possible).

12. Can this privacy policy be changed?
This privacy policy does not form part of any con-tract with you. We may amend this privacy policy at any time. The version published on this website is the current version.

Last updated: 13.11.2023