Privacy Notice

Status as at May 2024

1) Who is responsible for your personal data and who can you contact?

TruZt AG (“TruZt”, “us” or “we”) process information and personal data (“Personal Data”) relating to you and/or any Related Person of yours [Related Person(s) and you together: the “Data Subject(s)”]. We do this in connection with our existing and/or prospective business relationships, including your use of our websites and applications (together: the “Business Relationship”). We can do so either as controller or as joint controller (the “Controller”). A “Related Person” means an individual or entity whose information that you or a third party provides to us and/or information that otherwise comes to our knowledge in connection with our Business Relationship. A Related Person may include, but is not limited to, (i) a director, officer or employee of a company; (ii) a trustee, settlor or protector of a trust; (iii) a nominee or beneficial owner of an account; (iv) a substantial interest owner in an account; (v) a controlling person; (vi) a payee of a designated payment; (vii) a representative or agent (i.e. with a power of attorney, a right to information on an account, an e-banking user); or (viii) an employer or contractor.We therefore ask you to liaise with all of your Related Persons and to pass this Privacy Notice and the information it contains on to them.If you have any questions about this Privacy Notice, about your Controller or, more generally, about the processing of your (or your Related Persons’) Personal Data, you can contact our Data Protection Officer at the following address:

TruZt AG
Steinmatstrasse, 43
3920 Zermatt,
Switzerland
Email: data-protection@the-guestclub.com

2) How do we handle your Personal Data?

We are subject to certain confidentiality and/or secrecy obligations, e.g. those arising under laws governing data protection.This Privacy Notice deals with the way we process Personal Data. That means how we collect, use, store, transmit or otherwise handle or process, operations collectively defined in this document as “Processing” or “Processing Operations”. We may conduct our Processing Operations either directly or indirectly, through other parties that process Personal Data on our behalf (the “Processors”).3)

3) What Personal Data do we process?

Personal Data include any information relating to an identified or identifiable natural person or as defined in the applicable law. Personal Data of Data Subjects that we process may be based on the following principal legal bases, bearing in mind that they may also rely cumulatively on other legal bases mentioned.

On the legal basis of contract performance, including the pre-contractual steps:

On the legal basis of your prior consent:

4) For what purposes and on what legal bases do we process Personal Data?

Purposes for which we process Personal Data (the “Purposes”) may be based on the following principal legal bases, bearing in mind that they may also rely cumulatively on other mentioned legal bases.

We collect and process Personal Data as necessary for pre-contractual steps and performance of a contract to which you are a party and/or a Related Person is related, which encompasses the following Processing Operations:

We also collect and process Personal Data relating to compliance with legal and regulatory obligations to which we are subject, including to:

Furthermore, we may process Personal Data in connection with legitimate interests (including those of other Group entities) we pursue so that we can:

If our Personal Data Processes presuppose that you give your prior consent to doing so, we will seek your consent in due time and you will have the right to withdraw your consent at any time by contacting our Data Protection Officer (see Section 1 above). The provision of personal data may be mandatory, e.g. with regard to our compliance with legal and regulatory obligations to which we are subject. Please be aware that failing to provide such information may preclude us from pursuing a Business Relationship with, and/or from rendering our services to, you.5)

5) Do we rely on profiling or automated decision-making?

We may assess certain characteristics of the Data Subjects on the basis of Personal Data processed automatically (profiling), in particular to provide Data Subjects with personalised offers and advice or information on our products and services or those of our affiliates and business partners.

We may also use technologies that allow us to identify the level of risks linked to a Data Subject or to activity on an account. We generally do not use automated decision-making in connection with our Business Relationship and/or Data Subjects. If we do so, however, we will comply with applicable legal and regulatory requirements.

6) What sources do we use to collect your Personal Data?

To achieve the Purposes, we collect or receive personal data:

7) Do we share your Personal Data with third parties?

We reserve the right to disclose or make accessible the Personal Data to the following recipients, provided this is legally or otherwise authorised or required:

We undertake not to transfer personal data to any third parties other than those listed above, except as disclosed to Data Subjects from time to time or if required by applicable laws and regulations applicable to them or by any order from a court, governmental, supervisory or regulatory body .8)

8) Are Personal Data transferred outside our jurisdiction of incorporation?

In the course of our Business Relationship, we may disclose, transfer and/or store Personal Data abroad (“International Transfer”):

International Transfers may include the transfer to jurisdictions that:

Specific information for Switzerland:

9) What are your rights in connection with data protection?

Subject to the limitations set forth in this Privacy Notice and/or in applicable local data protection laws, you can exercise the rights below free of charge by contacting the Data Protection Officer (see Section 1 above):

If a Data Subject objects to the Processing of Personal Data, we are nevertheless allowed to continue with the Processing if it is:

10) How long are your Personal Data kept or stored?

In principle, we retain Personal Data for as long as we need to do so to achieve the Purposes. We will delete or anonymise Personal Data (or equivalent) once they are no longer necessary to achieve the Purposes, subject however:

We may enforce any or all of the above mentioned under points (i) and (ii) to preserve relevant information.