PRIVACY POLICY
Version 1.0 – Effective 23 May 2025
This Privacy Policy explains how Swiss Quantum Finance AG (“SQF“, “we“, “our“, “us“) collects, uses, shares and protects your personal data when you visit https://swissqf.com (the “Website“) or use any products or services we make available (collectively, the “Services“). It forms part of our Website Terms & Conditions and should be read together with them.
1 Who We Are – Data Controller
Swiss Quantum Finance AG (UID CHE‑380.703.618), Neugasse 4, 6300 Zug, Switzerland is the data controller for the purposes of the Swiss Federal Act on Data Protection (“FADP”) and, where applicable, the EU/UK General Data Protection Regulation (“GDPR”).
Data‑Protection Contact / DPO
Email: [email protected]
Postal: Swiss Quantum Finance AG, Attn: Data-Protection Officer, Neugasse 4, 6300 Zug, Switzerland
2 The Data We Collect
| Category | Examples | Source |
|---|---|---|
| Identification & KYC | Name, nationality, date of birth, passport/ID, company docs, proof of address | Direct from you; compliance vendors |
| Contact | Postal address, email, phone | Direct from you |
| Transactional | Payment instructions, currency trades, lending activity | Generated while delivering Services |
| Technical | IP address, browser type, device ID, cookies, time‑zone | Collected automatically from your device |
| Marketing & Usage | Newsletter preferences, page views, click‑throughs | Your interactions with Website/emails |
We do not intentionally collect data relating to children under 16.
3 Legal Bases & Purposes of Processing
| Purpose | Data Used | Legal Basis (Art 6 GDPR / FADP art. 31) | Legitimate Interest (where applicable) |
| Client onboarding & KYC | Identification, Contact | Contract (6 1 b); Legal obligation (AML) | — |
| Delivering regulated payment, FX, lending & hedging Services (provided by Ebury) | Identification, Contact, Transactional | Contract (6 1 b) | — |
| Website operation & analytics | Technical, Usage | Legitimate interests (6 1 f) | Running a secure, usable website |
| Marketing & newsletters | Contact, Marketing | Consent (6 1 a) | — |
| Risk management, fraud & AML screening | Identification, Transactional, Technical | Legal obligation; Legitimate interests | Protecting business & clients |
| Regulatory reporting | Identification, Transactional | Legal obligation | — |
You may withdraw consent at any time (see Section 10).
4 How We Share Your Data
-
Ebury Partners Belgium NV/SA (“Ebury Belgium”) – SQF acts as Programme Manager; Ebury Belgium is authorised and regulated by the National Bank of Belgium (registration 0681 746 187). We share onboarding/KYC, transactional and risk data with Ebury Belgium so it can provide regulated payment, FX, hedging and lending services. Ebury’s privacy notice is available here.
-
Service providers – cloud hosting, analytics, ID‑verification, email platforms and professional advisers under confidentiality agreements.
-
Authorities & regulators – where required to comply with law, court orders or supervisory requests.
-
Potential acquirers – in connection with a merger or sale of our business (subject to safeguards).
We never sell your personal data.
5 International Transfers
Your data may be stored or processed in Switzerland, the EEA, the United Kingdom and the United States. Where we transfer personal data outside Switzerland or the EEA we rely on:
-
The Swiss/EEA adequacy decisions for the destination country; or
-
Standard Contractual Clauses (SCCs) approved by the European Commission/Swiss FDPIC, plus appropriate technical and organisational measures (encryption, access controls).
6 Cookies & Similar Technologies
We use cookies to operate the Website, analyse traffic and deliver personalised content. You can manage cookie preferences via the banner displayed on first visit or at any time via our Cookie Preference Centre. For details see our separate Cookie Policy.
7 Data Retention
| Data type | Retention period |
| Onboarding & KYC records | 10 years after termination of the client relationship (Swiss AMLA) |
| Transactional data | 10 years (Swiss Code of Obligations) |
| Marketing records | Until you unsubscribe or 24 months of inactivity |
| Cookie & analytics logs | 14 months (Google Analytics default) |
We may retain data longer if required for legal claims.
8 Security
We employ ISO 27001‑certified data centres, TLS 1.2+ encryption in transit, AES‑256 encryption at rest, multi‑factor authentication, role‑based access controls and continuous monitoring. Despite our efforts, no method of transmission over the Internet is 100 % secure.
9 Automated Decision‑Making & Profiling
We use automated screening tools to comply with anti‑money‑laundering and sanctions regulations. The logic checks your data against sanction, PEP and adverse‑media databases. If a match is found, a human reviewer verifies the result before any decision is taken.
10 Your Rights
Subject to conditions set out in the GDPR/FADP, you have the right to:
-
Access your personal data
-
Rectify inaccurate or incomplete data
-
Erase data (“right to be forgotten”)
-
Restrict or object to processing
-
Data portability
-
Withdraw consent at any time
-
Lodge a complaint with the Swiss FDPIC or your local supervisory authority (e.g., Belgian DPA for EU residents)
To exercise your rights, email [email protected]. We will respond within 30 days.
11 Children
Our Services are not directed to children under 16. If we discover that we have inadvertently collected such data we will delete it promptly.
12 Changes to This Policy
We may update this Policy from time to time. Material changes will be notified on the Website and, where appropriate, by email at least 30 days before they take effect.
13 Contact
Questions about this Policy or our data‑handling practices?
Email: [email protected]
Post: Swiss Quantum Finance AG, Attn: Data‑Protection Officer, Neugasse 4, 6300 Zug, Switzerland
14 Change Log
| Version | Date | Summary of changes |
| 1.0 | 23 May 2025 | Initial publication |