Thank you very much for your interest in our company, The SOL Foundation. Data protection is important to us and accordingly we explain to you in this data protection declaration how we collect and process which personal data (in short: “personal data”, i.e. data relating to a specific or identifiable person, such as name, address, nationality, e-mail address, interests and hobbies, user behaviour on websites). This privacy statement is based on the EU General Data Protection Regulation (GDPR).
1. CONTROLLER, DATA PROTECTION OFFICER AND REPRESENTATIVE
a) Responsible for data protection is The SOL Foundation, Landstrasse 105, 9495 Triesen, Principality of Liechtenstein.
b) The contact details of the Data Protection Officer are firstname.lastname@example.org.
2. COLLECTION OF PERSONAL DATA AND PROCESSING PURPOSES
a ) We limit the processing of personal data to personal data which we receive in connection with our services and products from our customers, our cooperation partners (e.g. law companies as intermediaries) or other persons involved (e.g. family members) or which we collect from users on our websites, apps or other applications.
b) In particular, we collect the following personal data from you on a case-by-case basis and depending on the purpose (see below):
- Salutation / Title
- First name, last name
- Email address
- Telephone number(s)
- Date of birth
- Hobbies / Personal interests
- Tax identification number
- Bank details
- Company affiliation
If you use our homepage or websites, we also collect data. See chapter 4.
c) In addition, if permitted and indicated, we obtain and process further data from publicly accessible sources (e.g. land register, commercial register, media, Internet, Worldcheck) on a case-by-case basis or receive such data from authorities and institutions, from your personal environment (e.g. family or personal legal advisors) or from other third parties.
d) We need this data in particular to fulfil the following purposes:
- to identify you as a customer or cooperation partner or users of our websites
- for correspondence with you
- for the performance of our compliance obligations
- to comply with further legal requirements (e.g. with respect to the Automatic Exchange of Information)
- for the conclusion and execution of service contracts, e.g. settlement agreement, mandate contract, asset management contract
- for the conclusion and processing of purchase and sales contracts, e.g. for the purchase of products from suppliers or sale to interested parties
- for invoicing
- to provide further services from our company or, if necessary, in cooperation with third parties
- to provide you with the best possible and tailor-made services and to further develop our range of services and products
- for communication with third parties
- to assess and respond to applications
- to advertise and market our services and products
- for the assertion of legal claims or defence of our position in general
- to ensure our operation in general (e.g. IT, websites, apps)
- for the protection of safety aspects
e) We will only process your personal data if we are required to by law (e.g. due diligence) or contract (e.g. funding agreement) or the data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority. Beyond that we only process your personal data where we have your consent with no revocation. Or if legitimate interests on our part prevail (e.g. continuation of the delivery of newsletters to existing customers, provided that there is no revocation).
Consent can be revoked by you at any time.
3. RECIPIENTS OF PERSONAL DATA AND DATA TRANSFER ABROAD
a) We only pass on your personal data to recipients or third parties within the scope of the purposes described above, as far as permitted and indicated in your particular context. This may include in particular:
- Service companies such as banks, asset management companies, insurance companies, brokers/brokers, IT providers, printing companies
- Suppliers, dealers, transport companies, subcontractors or other cooperation partners
- Authorities, state institutions, courts, auditors
- Associations, institutions of public interest
b) Such data transfer is based either on a legal obligation (e.g. data transfer in the course of automatic information exchange), a fulfilment of a contract (e.g. asset manager abroad), a consent on your part, a public interest or on the basis of legitimate interests on our part, provided that the interests or fundamental rights and freedoms on your part do not predominate with regard to the protection of personal data.
c) The recipients may be at home or abroad. In particular, we draw your attention to the fact that we may exchange personal data within our group companies or transfer personal data to countries in which service companies are located from which we obtain services (e.g. Microsoft, SAP, Google, etc.), if this is done within the framework of a clearly defined underlying purpose.
In the case of recipients outside our company in the EU/EEA or in countries with recognised data protection adequacy (e.g. Switzerland), we ensure data protection by concluding so-called order data processing agreements – where necessary and indicated.
If we transfer personal data to third countries without adequate legal data protection status, we ensure an adequate level of protection in accordance with legal requirements, for example on the basis of EU standard contractual clauses or other instruments (e.g. Binding Corporate Rules, US Privacy Shield).
4. USE OF OUR HOMEPAGE AND WEBSITE(S)
In addition to the above, we would like to inform you about the use of our websites for cookies, analytics/tracking or other technologies as follows:
a) We do not collect any personal data when you simply use the website for information purposes (i.e. if you do not log in to use the website, register or otherwise provide us with information), with the exception of data transmitted by your browser to enable you to visit the website, which may in particular include the following personal data:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Contents of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser used
- Operating system and its interface
- Language and version of the browser software
b) The server log files with the above data are automatically deleted after 30 days. We reserve the right to store the server log files for longer if facts exist which suggest the assumption of unauthorized access (such as an attempt at hacking or a so-called DOS attack).
c) Our website and various online services, such as Google, use so-called cookies. These are small text files that are stored on your terminal device with the help of the browser. The cookies do no harm.
We only use them to make our offer more user-friendly. Some cookies remain stored on your terminal device until you delete them. They enable us to recognize your browser on your next visit. The data in the cookies are not linked to your other data.
If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you only allow this in individual cases. However, we would like to point out that in this case you may not be able to make full use of all the functions of our websites.
5. USE OF OTHER WEB SERVICES
5.1. GOOGLE ANALYTICS
The purpose of Google Analytics is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website and to provide other services in connection with the use of our website.
Google may combine your behaviour with other websites you visit. If you are a registered customer of Google, Google will recognise you accordingly. Then the data protection regulations of Google apply for the further processing of personal data. Cookies are used to store personal information, such as the access time, the location from which an access originated and the frequency of visits to our website by the person concerned. Each time you visit our website, this personal data, including the IP address of the internet connection used by the person concerned, is transferred to Google in the USA. Google may share this personal information collected through the technical process with third parties.
In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programmes.
For further information, please contact Google directly, especially under the following links:
5.2. GOOGLE ADWORDS
The person responsible for the processing has integrated Google AdWords on this website. Google AdWords is an Internet advertising service that allows advertisers to serve ads both in Google’s search engine results and on the Google advertising network. Google AdWords allows an advertiser to pre-define keywords that will be used to display an ad in Google’s search engine results only when the user uses the search engine to retrieve a keyword relevant search result. In the Google advertising network, the ads are distributed to relevant Internet sites using an automatic algorithm and in accordance with the keywords defined beforehand.
The company operating the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of Google AdWords is to promote our website by displaying advertisements of interest on the websites of third parties and in the search results of the Google search engine and by displaying third-party advertisements on our website.
Furthermore, the person concerned has the opportunity to object to the interest-related advertising by Google. To do this, the person concerned must access the link www.google.de/settings/adsfrom any of the Internet browsers they use and make the desired settings there.
5.3 GOOGLE FONTS
On the website of the The SOL Foundation users are given the opportunity to subscribe to the newsletter of our company. Which personal data is transferred to the person responsible for processing when ordering the newsletter results from the input mask used for this purpose.
The SOL Foundation informs its customers and business partners at regular intervals by means of a newsletter about offers of our company. The newsletter of our company can only be received by the person concerned if (1) the person concerned has a valid e-mail address and (2) the person concerned registers to receive the newsletter. For legal reasons, a confirmation e-mail in the double opt-in procedure will be sent to the e-mail address entered for the first time by a person concerned for the purpose of sending the newsletter. This confirmation e-mail is used to check whether the owner of the e-mail address as the person concerned has authorised receipt of the newsletter. For existing customers and business partners who have already received newsletters before the GDPR came into force, we assume that they will continue to want to receive a newsletter without explicit consent.
When registering for the newsletter, we also store the IP address assigned by the Internet Service Provider (ISP) to the computer system used by the person concerned at the time of registration as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later date and therefore serves to legally safeguard the data controller.
The personal data collected in the course of registering for the newsletter will be used exclusively to send our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or registration in this respect, as might be the case in the event of changes to the newsletter offer or changes to the technical conditions. The personal data collected as part of the newsletter service will not be passed on to third parties. The subscription to our newsletter can be cancelled by the person concerned at any time. The consent to the storage of personal data, which the person concerned has given us for the newsletter dispatch, can be revoked at any time. For the purpose of revoking your consent, you will find a corresponding link in every newsletter. It is also possible at any time to unsubscribe from the newsletter dispatch directly on the website of the data controller or to inform the data controller of this in any other way.
5.5. SSL OR TLS ENCRYPTION
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
5.6. FURTHER WEB SERVICES
For the use of other web services, such as social media (XING, LinkedIn, Facebook, Slack, etc.), YouTube, Vimeo, etc., we offer the following services In addition to the basic data protection regulation, which is to be treated as a priority, their data protection declarations, which are available on the websites of the providers, also apply.
6. DATA PROTECTION FOR APPLICATIONS AND IN THE APPLICATION PROCESS
We collect and process personal data of applicants for the purpose of processing the application. Processing may be carried out on paper or electronically by e-mail or by filling in a web form. If an employment contract is concluded with an applicant, the personal data received will be processed for the purpose of processing the employment relationship in compliance with regulatory obligations. Otherwise, the application documents will be deleted three months after rejection, provided that no legitimate interests on our part prevail.
7. STORAGE PERIOD
We only store your personal data for as long as it is necessary for the purposes for which it was collected in accordance with this privacy statement. However, we may be required by law to store certain information for a longer period of time. In this case, we will ensure that your personal data is treated in accordance with this privacy statement and in accordance to the GDPR for the entire period.
8. YOUR RIGHTS
a) You have the right at any time and free of charge to request information from us about the personal data we have stored about you, as well as about its origin, recipients or categories of recipients to whom this personal data is passed on and the purpose of its storage.
b) You also have the right to demand that we correct, delete or restrict the processing of your personal data at any time. We commit ourselves to this, unless there is a contrary legal obligation on our part.
c) You also have the right to object to the processing of your personal data by us at any time. We commit ourselves to this, unless there is a contrary legal obligation on our part.
d) If you have given us consent to the use of personal data, you can revoke it at any time without giving reasons.
e) Furthermore, you have the right to complain directly to the data protection office of Liechtenstein (www.llv.li/#/1758/datenschutzstelle).
f) If you wish to exercise the above rights, please contact the address mentioned in paragraph 1.
9. DATA SECURITY
We maintain current technical measures to ensure data security, in particular to protect your personal data from the dangers of data transmission and from third parties gaining knowledge. These measures will be adapted to the current state of the art.