PRIVACY POLICY

Memento SA (as defined below) is committed to protecting your privacy. This Privacy Policy provides you with details of how we collect and use your personal data (as defined below) and the specific rights and options you have in this respect. Please also refer to our Cookie Policy (attached as Schedule 1 hereunder) which explains the use of cookies and other web tracking pixels via our website.

Personal data refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (the “Personal Data”).

Responsibility of your Personal Data

Memento SA (as defined below) is responsible for your Personal Data. Memento SA consists of one (1) office in Geneva. Memento SA is a service company active in wealth management and asset management.

Specifically, your data will be controlled by the Memento SA Entity that you have instructed or that is providing services or communication to you in your jurisdiction. However, please note that your Personal Data can be transferred within Memento SA, for the provision of services to you.

Type of Personal Data being collected

The Personal Data that we collect about you may include:
Contact information, such as your name, job title, postal address, including your home address (where you have provided this to us), business address, telephone number, mobile phone number, fax number and email address;
Payment data, such as data necessary for processing payments (to the extent relevant) and fraud prevention, including bank account/credit/debit card numbers, security code numbers and other related billing information;
Further business information necessarily processed in a project or client contractual relationship with Memento SA or voluntarily provided by you, such as instructions given, payments made, requests and projects;
Information collected from publicly available resources, integrity data bases, risk screening tools and credit agencies;
If legally required for compliance purposes such as for client due diligence and any information about relevant and significant litigation or other legal proceedings against you or a third party related to you and interaction with you which may be relevant for antitrust purposes;
Other Personal Data regarding your preferences where it is relevant to the services that we, as Memento SA provide; Details of your visits to our premises or calls made to us; and Personal Data about your membership in a professional or trade association or union, health Personal Data, details of dietary preferences (relevant to events in which we invite you) and details of any criminal record you may have.

Collection of your Personal Data

We may collect Personal Data about you in a number of circumstances, including:

When you or your organization seek any type of advice from us (e.g. legal, regulatory and/or consultancy);
When you or your organization browse, make an enquiry or otherwise interact on our website;
When you or your organization offer to provide or provide services to us.

In some circumstances, we collect Personal Data about you from a third-party source. For example, we may collect Personal Data from your organization, other organizations with whom you have dealings, government agencies, credit reporting agency, an information or service provider or from a publicly available record. In such cases, the purposes for the collection of your Personal Data from a third-party source will still be the permitted purposes (as defined below) mentioned in this Privacy Notice.
The types of Personal Data which may be collected from third party sources include your name and surname, email address and other relevant contact details.

The requirement of providing us with your Personal Data and the consequences in the case you do not provide such
As a general principle, you will provide us with your Personal Data purely on a voluntary basis by way of explicitly providing your consent. Should you choose not to consent or to provide your Personal Data, then Memento SA may not be able provide you with the requested service and/or be able to take the necessary action.
By way of an example, as a result of not receiving your consent, we may not be able to:
process your instructions in relation to any service required from Memento SA; and/or
provide you with access to a web offering or newsletter; and/or
carry out a legally required compliance screening.

In these cases, it will unfortunately not be possible for us to provide you with what you request without the relevant Personal Data. Moreover, in the course of our relationship, your decision not to provide us with ongoing personal information as might be required for anti-money laundering purposes, might lead to Memento SA having to terminate the relationship with you.

We will notify you accordingly of the purposes for which your Personal Data is being required and whether there will be any detrimental effects in the case that you do not provide such Personal Data.

Purpose of processing your Personal Data
We may use your Personal Data for the following purposes only (the “Permitted Purposes “):

Wealth management and asset management;

Managing and administering any request for a service made by you or by your organization;

Compliance with our legal and regulatory obligations (such as record keeping obligations), compliance screening or recording obligations (for example anti-money laundering, financial and credit check and fraud and crime prevention and detection purposes), which may include automated checks of your contact data or other information you provide about your identity against applicable sanctioned-party lists and contacting you to confirm your identity in case of a potential match or recording interaction with you which may be relevant for compliance purposes;
To analyze and improve our services and communications to you in relation to the services which we provide to you or to your organization;
Protecting the security of and managing access to our premises, IT and communication systems, online platforms, websites and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
For monitoring and assessing compliance with our internal policies and standards;
To comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and international regulatory bodies;
To comply with court orders and exercises and/or defend our legal rights; and
For any purpose related and/or ancillary to any of the above or any other purpose for which your Personal Data was provided to us.

Where you have expressly given us your consent, we may process your Personal Data also for the following purposes:

Customer surveys, marketing campaigns, market analysis, or other promotional activities or events; or
Memento SA may also undertake business development and marketing activities. In this case, where we rely on your consent for such purposes, you have the right to object at any time to the processing of your Personal Data for such purposes.

We will not use your Personal Data for taking any automated decisions affecting you or creating profiles other than described above.
Depending upon the specific Permitted Purposes we use your Personal Data, we may process your Personal Data on one or more of the following legal grounds: Because processing is necessary for the performance of your instruction or other contract with you or your organization and for us to be able to provide you with the requested service;
To comply with our legal and/or regulatory obligations which become applicable to Memento SA from time to time;
Because processing is necessary for purposes of our legitimate interest or those of any third-party recipients that receive your Personal Data in managing our business including legal, personnel, administrative and management purposes and for the prevention and detection of crime, provided that such interests are not overridden by your interests or your fundamental rights and freedoms.

In addition, the processing may be based on your consent where you have expressly given that to us (as described above).

Recipients of your Personal Data

We may share your Personal Data in the following circumstances:

Between Memento SA on a confidential basis where required for the purpose of providing the respective service that you have mandated us for e.g. consultancy and for other business purposes related to you and your business;
If you are a client of Memento SA, or are contracted to or are an agent of a client of Memento SA, we may disclose your Personal Data to:
Partners, support staff, other professionals and specialists, consultants or experts engaged in your matter; or
Foreign law firms, regulatory advisors, consultants and professional service providers for the purpose of obtaining foreign advice in relation to your matter;
If we have collected your Personal Data in the course of providing legal services, regulatory services or consultancy services to any of our clients, we may disclose it to that client, and where permitted by law to others for the purpose of providing those services;
We may disclose your contact details on a confidential basis to third parties for the purposes of collecting your feedback on our service provision, to help us measure our performance and to improve and promote the services we offer to our clients;
We may share your Personal Data with companies providing services for money laundering checks and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such Personal Data is shared; We may share your Personal Data with any third party to whom we assign or novate any of our rights or obligations;
We may share your Personal Data with any other third party providing services to Memento SA, including, but not limited to information technology, marketing and business development specialists, as well as professional service providers, accountants, bookkeepers and payroll entities.
We may also instruct service providers within or outside of Memento SA, domestically or abroad, to process Personal Data for the Permitted Purposes on our behalf and in accordance with our instructions only. Memento SA will retain control over and will remain fully responsible for your Personal Data and will use appropriate safeguards as required by applicable law to ensure the integrity and security of your Personal Data when engaging such service providers;
We may also use aggregated Personal Data and statistics for the purpose of monitoring website usage in order to help us develop our website and the services which we offer;

Otherwise, we will only disclose your Personal Data when you direct us or give us permission, when we are required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.

International transfer of your Personal Data

Memento SA is a globally active service company active in wealth management and asset management. Hence, we may transfer your Personal Data outside of the European Union (the “EU”) and/or the European Economic Area (the “EEA”) if required for the Permitted Purposes as described above. This may include countries which do not provide the same level of protection as the laws of your home country. We will ensure that any such international transfers are made subject to appropriate or suitable safeguards as required by the Swiss Federal Act on Data Protection as well as the General Data Protection Regulation (EU) 2016/679 (“GDPR”) or other relevant laws (as applicable). This includes entering into the EU Standard Contractual Clauses.

Our office will at all times ensure a level of data protection at least as protective as that required in the Switzerland and EEA (as applicable). We will also require our agents, consultants and sub-contractors and others who are outside the EEA and Switzerland (as applicable) and to whom we transfer your personal data to ensure a similar level of data protection.

When doing so we will comply with applicable data protection requirements and take appropriate safeguards to ensure the security and integrity of your personal data. Such transfer occurring to countries outside of the EEA is only carried out if the EU has approved such third countries as having equivalent data protection laws in place.

You may contact us anytime using the contact details further below if you would like further information on the above.

Personal Data about third parties which you provide to us.

If you provide Personal Data to us about someone else (such as one of your directors or employees, or someone with whom you have business dealings) it is your responsibility to ensure that you are entitled to disclose that Personal Data to us and that, without our taking any further steps, we may collect, use and disclose that personal data as described in this Privacy Policy.

In particular, you must ensure the individual concerned is aware of the various matters detailed in this Privacy Policy, as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our Personal Data disclosure practices (including international transfers of Personal Data), the individual’s rights as data subject and the consequences if the Personal Data is not provided (as detailed above).

Please ensure that you provide a copy of this Privacy Policy to any third party whose Personal Data you provide to us.

Security measures for the safekeeping of your Personal Data

We will take appropriate technical and organizational measures to keep your Personal Data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to Personal Data. Personal Data may be kept on our personal data technology systems, those of our service providers or in paper files.

Updating your Personal Data

If any of the Personal Data that you have provided to us changes, or if you wish to cancel any request you have made to us, or if you become aware that we have any inaccurate personal data about you, please let us know by contacting us using the contact details mentioned hereunder.

We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Data that you provide to us.

Retention period

We will, in particular, retain your Personal Data where required for Memento SA to assert or defend against legal claims until the end of the relevant retention period or until the claims in question have been settled.

Your Personal Data will be deleted in the following circumstances:

when it is no longer reasonably required for the Permitted Purposes; or
when you withdraw your consent (where applicable); and
when we are not legally required or otherwise permitted to continue storing such data.

Your rights

The right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;
the right to withdraw your consent to our processing of your Personal Data at any time, if relevant. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason (other than consent) for doing so;
in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to Personal Data which you have provided to us and only where the GDPR applies to you;
the right to request that we rectify your Personal Data if it is inaccurate or incomplete;
the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it;
the right to object to, and the right to request that we restrict the processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, the processing of your Personal Data but we are legally entitled to continue processing your Personal Data and / or to refuse that request; and
the right to lodge a complaint with the local data protection regulator if you think that any of your rights have been infringed by us.

If you wish to do any of the above please use the contact details provided below.

We may request proof of identification to verify your request. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your Personal Data, and for any additional copies of the Personal Data you request from us.

We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than within one (1) month after of receipt of your request. In exceptional cases, we may extend this period by two (2) months and we will tell you why.

If you are not satisfied with our response, you may take your complaint to the relevant data protection regulator.

Updates to this Privacy Policy

This Privacy Policy may be updated from time to time in order to reflect any changes to the way in which we process your Personal Data or changing legal and/or regulatory requirements.

In case of any such changes, we will post the changed Privacy Policy on our website. The changes will take effect as soon as they are posted on our website. In the case of substantial changes being made to this Privacy Policy, we will notify you in writing of such.

Contact details

If you would like to contact us with any queries or comments, please contact our Chief Operating Officer by using the below contact details:

Memento SA

Cours des Bastions 16
1205 Geneva - Switzerland
Email address: info@memento.ch
Contact Number: +41.22.311.11.33

Schedule I – Cookie Policy

Our use of cookies and other information-gathering technologies

A cookie is a small text file which is stored on the user’s hard drive or mobile device. Cookies perform a number of functions associated with browsing websites and are used for a variety of different purposes, such as tracing users from page to page on an internet site, thereby enhancing a user’s browsing experience. They are generated by web servers when the user enters an internet page and are passed to the user’s computer or mobile device and stored for subsequent future access (the “Cookie” or the “Cookies”).

We only use Cookies in certain areas of our website (the “Memento SA website”) and the purposes for which they are used are detailed below. You are not obliged to accept a Cookie and you can modify your browser so that it will not accept Cookies. However, if you do so this may affect your browsing experience and certain functions within the Memento SA website may not work.

The Memento SA website uses the following Cookies:

Session Cookies

Session Cookies are used to temporarily store information about logged in users. These Cookies do not collect information from the user’s computer, and do not identify the user.

Acceptance of Cookies

We use “Cookie Accepted” to record whether a user has accepted the Cookie policy. The Cookies expire within thirty (30) days after the last page was requested.

Verification Cookie

To protect the security of our website, we use the “request verification token” Cookie. This Cookie verifies a visitor’s identity in order to prevent “Cross-Site Request Forgery” attacks, where unauthorized commands are transmitted from a user that the website trusts.

Generic Google Analytics Cookies

These Cookies are used by Google Analytics, which monitors traffic levels, search queries and visits to our website. Google Analytics stores internet protocol (the “IP”) addresses on its servers in the United States. An IP address is a unique number assigned to each device (such as your computer) that allows it to communicate with other devices on a computer network (such as modems, printers or other computers). Neither Memento SA nor Google associate your IP address with any information that can identify you as the user personally.

These Cookies enable Google to determine whether you are a return visitor to the site, and to track the pages that you visit during your session.