DATA PROTECTION POLICY
In this Data Protection Policy, we, SunCo Brokering and Services SA and partners, agent or
representatives of SunCo Brokering and Services SA (hereinafter together SunCo Brokering and
Services SA, we or us), describe how we collect and process personal data. This is not an exhaustive
description; where appropriate, other data protection policies or general terms and conditions,
conditions of participation and similar regulations may apply to specific circumstances. The term
“personal data” is here deemed to include all information referring to an identified or identifiable
person.
If you provide us with personal data of other persons (e.g. family members or work colleagues),
please make sure that these persons are aware of this Data Protection Policy, and provide us with
their personal data only if you are allowed to do so and such personal data is correct.
This Data Protection Policy is in line with the Swiss Federal Act on Data Protection Act (FADP) and
the EU General Data Protection Regulation (GDPR). Although the GDPR is a European Union
regulation, it is relevant for us and companies outside the European Union and the EEA must also
comply with the GDPR in certain cases.
- CONTROLLER / DATA PROTECTION OFFICER
Unless specifically otherwise indicated, SunCo Brokering and Services SA is the “controller” of data
processing carried out by us. If you have data protection related concerns, you can inform us using
the following contact details: Sunco Brokering And Services SA, Compliance Officer, Quai des
Bergues 23, 1201 Geneva, Switzerland, Tel.: +41 (0)22 307 06 00 E-Mail: contact@suncobrokers.com,
Website: www.suncobrokers.com (these are also the contact details of our Data Protection Officer
in accordance with Art. 37 GDPR).
- COLLECTION AND PROCESSING OF PERSONAL DATA
We primarily process personal data (such as company names, names, addresses, emails, VAT
number, account numbers, etc.) that we obtain from our clients and other business partners as well
as other individuals in the context of our business relationship with them or that we collect from
users when operating our websites, emails and other applications.
To such a degree as it is permitted to us, we also obtain certain data from publicly accessible
sources (e.g. debt registers, websites, commercial registers, internet) or we may receive such
information from representatives or agents of SUNCO BROKERING AND SERVICES SA, from the
authorities or other third parties, such as the providers of background checks. Insofar as these third
parties are themselves wholly or partly responsible for the processing of these data, their data
protection regulations apply additionally.
Apart from data you provided to us directly, the categories of personal data that we receive about
you from third parties include, but are not limited to: information from public registers, data
received in connection with administrative or court proceedings, information in connection with your
professional role and activities, information about your company in correspondence and discussions
with third parties, information about you given to us by individuals associated with you (consultants,
legal representatives, etc.) in order to conclude or process contracts with you or with your
involvement (e.g. references, your address for deliveries, powers of attorney), information regarding
legal regulations such as anti-money laundering and export restrictions, bank details, information
regarding insurances, our distributors and other business partners for the purpose of ordering or
delivering services to you or by you (e.g. payments made, previous purchases), information about
you found in the media or internet (insofar as indicated in the specific case, e.g. in connection with
a job applications, marketing/sales, etc.), your addresses and any interests and other socio-
demographic data (for marketing purposes), data in connection with your use of the website (e.g. IP
address, MAC address of your smartphone or computers, information about your device and
settings, cookies, date and time of your visit, site and content retrieved, applications used, referring
website, localisation data).
- PURPOSE OF DATA PROCESSING AND LEGAL GROUNDS
We primarily use the collected personal data to conclude and process contracts with our clients
and business partners, particularly within the framework of business consulting, advices and
brokerage services. You may of course also be affected by our data processing in your capacity as
an employee of such a client or business partner.
Furthermore, we also process your personal data and personal data of third parties, where
permitted and advisable, in our opinion for the following purposes, which are in our (or, as the case
may be, any third parties’) legitimate interest, such as:
- providing and developing our range of services, websites and other platforms or supports
on which we are active;
- communication with third parties and processing of their requests;
- review and optimisation of procedures regarding needs assessment for the purpose of
direct customer approach as well as obtaining personal data from publicly accessible
sources for customer acquisition;
- advertisement and marketing (including organising events), provided you have not objected
to the use of your data for this purpose (if you are part of our customer base and you receive
our advertisement, you may object at any time and we will then put you on a list barring
further advertising material being sent);
- carrying out background checks and screening activities in relation to the client and the
relevant persons as part of the performance of a contract;
- prevention and investigation of criminal offences and other misconduct (e.g. conducting
internal investigations, data analysis to combat fraud);
- ensuring our operation, including our IT, our websites and other platforms;
- video surveillance to protect our domiciliary rights and other measures to ensure the safety
of our IT, building and investment security, and for the protection of our employees and
other persons and valuables entrusted to us (e.g. access controls, visitor logs network and
mail scanners, telephone recordings);
- acquisition and sale of business divisions, companies, or parts of companies and other
corporate transactions and associated transfer of personal data as well as measures for
business management and compliance with national and international statutory and
regulatory obligations as well as internal Sunco Brokering and Services SA regulations.
If you have given us your consent to process your personal data for certain purposes (for example
when registering for the receipt of newsletters), we will process your personal data within the scope
of and based on this consent, unless we have another legal basis, provided that we require one.
Consent given can be withdrawn at any time, but this does not affect any data processing already
carried out.
- COOKIES / TRACKING AND OTHER TECHNIQUES REGARDING THE USE OF OUR WEBSITE
For information relating to data processing via our website, please refer to our online data
protection policy on www.suncobrokers.com or below:
What are cookies?
This Cookie Policy explains what cookies are and how we use them, the types of cookies we use i.e,
the information we collect using cookies and how that information is used, and how to manage the
cookie settings.
Cookies are small text files that are used to store small pieces of information. They are stored on
your device when the website is loaded on your browser. These cookies help us make the website
function properly, make it more secure, provide better user experience, and understand how the
website performs and to analyze what works and where it needs improvement.
How do we use cookies?
As most of the online services, our website uses first-party and third-party cookies for several
purposes. First-party cookies are mostly necessary for the website to function the right way, and
they do not collect any of your personally identifiable data.
The third-party cookies used on our website are mainly for understanding how the website
performs, how you interact with our website, keeping our services secure, providing advertisements
that are relevant to you, and all in all providing you with a better and improved user experience and
help speed up your future interactions with our website.
Manage cookie preferences
You can change your cookie preferences any time by clicking the above button. This will let you
revisit the cookie consent banner and change your preferences or withdraw your consent right
away.
In addition to this, different browsers provide different methods to block and delete cookies used
by websites. You can change the settings of your browser to block/delete the cookies. Listed below
are the links to the support documents on how to manage and delete cookies from the major web
browsers.
Chrome: https://support.google.com/accounts/answer/32050
Safari: https://support.apple.com/en-in/guide/safari/sfri11471/mac
Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-
firefox?redirectslug=delete-cookies-remove-info-websites-stored&redirectlocale=en-US
InternetExplorer: https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-
internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc
If you are using any other web browser, please visit your browser’s official support documents.
- DATATRANSFER AND TRANSFER OF DATA ABROAD
In the context of our business activities and in line with the purposes of the data processing set out
in Section 3, we may transfer data to third parties, insofar as such a transfer is permitted and we
deem it appropriate, either in order for them to process data for us, or for their own purposes. In
particular, the following categories of recipients may be concerned:
- our service providers (within SunCo Brokering and Services SA, or externally), including
processors (e.g. IT providers);
- dealers, suppliers, sub-contractors and other business partners;
- clients ;
- domestic and foreign authorities, government office or courts;
- the media;
- the public, including users of our websites and social media;
- competitors, industry organisations, associations, organisations and other bodies;
- acquirers or parties interested in the acquisition of business divisions, companies or other
parts of Sunco Brokering and Services SA;
- other parties in possible or actual legal proceedings;
- other companies in the Sunco Brokering and Services SA group;
all together Recipients.
Certain Recipients may be within Switzerland but can be anywhere in the world. In particular, you
must anticipate your data to be transferred to all countries in which SunCo Brokering and Services
SA is represented by affiliates, branches or other offices, as well as in other countries in where we
may act on your behalf or where our services are located. If we transfer data to a country without
adequate legal data protection, we ensure an appropriate level of protection as legally required by
using appropriate contracts (in particular based on the “standard contractual clauses” of the
European Commission, which can be accessed at https://ec.europa.eu/info/law/law-topic/data-
protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-
countries_en ) or binding corporate rules or we rely on the statutory exceptions of consent,
performance of the contract, the establishment, exercise or enforcement of legal claims, overriding
public interests, published personal data, or because it is necessary to protect the integrity of the
persons concerned. You can obtain a copy of the mentioned contractual guarantees at any time
from the contact person named in Section 1 above, if they are not available under the above-
mentioned link. However, we reserve the right to redact copies for data protection reasons or
reasons of secrecy or to provide excerpts only.
We are entitled to transfer your data to a country that does not have adequate legal data protection
without implementing one of the above mentioned measures if the transfer of the data is necessary
for the conclusion or fulfilment of a contract between you and us, or for the implementation of pre-
contractual measures at your request. We are likewise entitled to transfer your data to a country
that does not have adequate legal data protection without implementing the above mentioned
measures if this is necessary for the conclusion or fulfilment of a contract between us and an
individual or legal entity that is in your interest. Where data of third parties has to be transferred in
the above-mentioned cases, you are responsible for obtaining any consent required from these third
parties.
- RETENTION PERIODS FOR YOUR PERSONAL DATA
We process and retain your personal data as long as required for the performance of our
contractual and national and international legal obligations or for other purposes pursued with the
processing, i.e. for the duration of the entire business relationship (from the initiation, during the
performance of the contract until it is terminated) as well as beyond this duration in accordance
with legal retention and documentation obligations. It is thus possible that personal data may be
retained for the period during which claims can be asserted against our company or insofar as we
are otherwise legally obliged to do so, or if legitimate business interests require further retention
(e.g. for evidential and documentation purposes). As soon as your personal data are no longer
required for the above-mentioned purposes, they will be deleted or anonymised, to the extent
possible.
In this Data Protection Policy we, SunCo Brokering and Services SA and companies of SunCo
Brokering and Services SA (hereinafter together SunCo Brokering dnd Services SA, we or us),
describe how we collect and process personal data. This is not an exhaustive description; where
appropriate, other data protection policies or general terms and conditions, conditions of
participation and similar regulations may apply to specific circumstances. The term “personal data”
is here deemed to include all information referring to an identified or identifiable person.
If you provide us with personal data of other persons or companies, please make sure that these
persons are aware of this Data Protection Policy, and provide us with their personal data only if you
are allowed to do so and such personal data is correct.
This Data Protection Policy is in line with the Swiss Federal Act on Data Protection Act (FADP) and
the EU General Data Protection Regulation (GDPR). Although the GDPR is a European Union
regulation, it is relevant for us and companies outside the European Union and the EEA must also
comply with the GDPR in certain cases.
- DATA SECURITY
We have taken appropriate technical and organisational security measures to protect your personal
data from unauthorised access and misuse such as issuing instructions, training, IT and network
security solutions, access controls and restrictions, encryption of data carriers and transmissions,
inspections.
- OBLIGATION TO PROVIDE PERSONAL DATA TO US
In the context of our business relationship you must provide us with any personal data that are
necessary for the commencement and carrying out of a business relationship and the performance
of the contractual obligations relating to it. Without this data, we will usually not be in a position to
enter into or conclude a contract with you (or the office or person that you represent). In addition,
the website cannot be used unless certain information to ensure data traffic (e.g. IP address) is
disclosed. Where you provide third party data to us which we have to process on your behalf for the
conclusion or performance of the contract with you, you bear the responsibility for the existence of
an adequate legal basis.
- NO AUTOMATED DECISION MAKING
In establishing and carrying out a business relationship, and also in other situations, we generally
do not use any fully automated individual decision-making (such as pursuant to Art. 22 GDPR).
Should we use such procedures in certain cases, we will inform you separately about this and advise
you of your rights in this connection.
- YOUR RIGHTS
In accordance with the data protection law applicable to you and as envisaged therein (as in the
case of the GDPR), you have the right to information, rectification, erasure, the right to restriction
of processing or to object to our data processing, as well as the right to receive certain personal
data for transfer to another controller (data portability). Please note however that we reserve the
right to enforce statutory restrictions on our part, for example if we are obliged to retain or process
certain data, have an overriding interest in it (insofar as we are permitted to invoke such interest) or
need the data for asserting claims. Should you incur costs in exercising such rights, we will notify
you thereof in advance. We have already informed you of your right to withdraw consent in Section
3 above. Please note that exercising these rights may come into conflict with contractual
agreements and this may have consequences such as the premature termination of the contract or
cost implications. If this is the case we will inform you in advance unless it has already been
contractually agreed upon.
In general, exercising these rights requires you to clearly prove your identity (e.g. by means of a
copy of an identity document, where your identity is otherwise not clear, or cannot be verified in
another way). In order to assert these rights, you can contact us at the address given in Section 1.
Furthermore, every data subject has the right to enforce his/her rights through the courts or to
lodge a complaint with the competent data protection authority. The competent data protection
authority in Switzerland is the Federal Data Protection and Information Commissioner
(http://www.edoeb.admin.ch).
- AMENDMENTS OF THIS DATA PROTECTION POLICY
We may amend this Data Protection Policy at any time without prior notice. If the Data Protection
Policy is part of an agreement with you, we will notify you by e-mail or other appropriate method in
case of an amendment.
