Last update, 1 Sep 2023
1. PRIVACY NOTICESelma Finance ("We") is committed to protecting and respecting your privacy. This privacy notice sets out how we process personal data that we collect about you or that you provide to us, in accordance with the Swiss Federal Act on Data Protection (FADP), when you use our website https://www.selma.com (hereinafter: "Website") and our mobile app (hereinafter: "App"; together: "Services").
This Website and its Services are intended exclusively for persons residing in Switzerland.
2. DATA CONTROLLERThe controller for the purposes of the FADP is:
Selma Finance AG
3. PERSONAL INFORMATION WE COLLECTPersonally identifiable information (PII) is information that, when used alone or with other relevant data, can identify an individual. Personal data is any information relating to such an identified or identifiable natural person.
We may collect and receive information about users of our Service from various sources, including:
- Information you provide when opening an account for the Service
- Your use of the Service
- From third-party websites, services, and partners
4. HOW WE USE PERSONAL DATAWhen you visit our Website, Blogs and Learning Contents (“visitor”); when you register on our website or app to test our Services (“user”) or actively use our contractual investment services (“client”) we collect and process the following information about you.
4.1 Our Service
4.1.1 UsersUpon registration for an account, we collect and utilize:
- Basic Identity Information: Full name, date of birth, nationality.
- Contact Details: Email address, phone number, physical address.
- Technical Data: Hashed password
- Investment Profile: Investment objectives, risk tolerance, investment horizon, experience, and knowledge.
- Financial Data: Income, expenditure, assets, and liabilities.
4.1.2 ClientsFor our clients, we additionally:
- Collect Legal Identification Information (proof of identity and address) to verify identity as per Swiss regulations. This is done in partnership with a specialized service provider.
- Utilize KYC and Compliance Information (source of funds information, politically exposure and sanctions status, tax status, beneficial ownership) to ensure adherence to regulations, including anti-money laundering legislation.
- Use Basic Identification and Transaction Data (records of assets, investment transactions) to perform financial transactions, manage your assets according to your individual plan, and provide wealth management services.
- Record Security and Interaction Data, like logins and confirmations, to keep an audit trail of your instructions and our actions.
- Use your contract status to provide you with the appropriate service updates and tailored promotional offers.
4.1.3 ReferralsIf you refer someone to our Services, we may collect their email address for promotional purposes. The personal information and the purpose will be clearly communicated to you again if and when you choose to provide this information in our service.
4.1.4 Partners Promo CodeWhen you use a partner promo code or come via a campaign link, we can share the following information with the respective partner:
- Basic Identification Information: Full name, address
- Contractual Information: Selma client number, contract signing date
4.2.1 Email and chatIf you contact us via chat we can collect the following information:
- Contact Details: Name, email, and phone number.
- Interaction and Usage Data: Message content and any other provided data like annexes.
4.2.2 NewsletterWhen subscribing to our newsletter we store:
- Contact Details: Name and email.
- Marketing and Consent Data: Subscription preferences.
4.2.3 WebinarsIf you participate in our webinars, you can provide us:
- Contact details: name and email.
4.3 Website or Mobile App
18.104.22.168 Log FilesVisiting our website involves the collection of technical data stored temporarily in server log files. This data is used to ensure security, aid performance, and troubleshoot errors.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information to improve and analyze our Service.
There are different types of cookies we use for different purposes:
- Essential Cookies: Functional Cookies ensure basic functionalities like navigating; Security Cookies enable secure user authentication, preventing fraudulent logins, and protecting user data and Session Cookies serve essential functions during a single browsing session, such as maintaining a logged-in status.
- Preference Cookies: We use Preference Cookies to enhance user experience by remembering choices, settings, and preferences.
- Analytics & Performance Cookies: to collect data on website usage, user behavior, and overall website performance metrics that we use to improve our website and ensure Website performance.
Google AdWords re-marketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytics Opt-out Browser Add-on —https://tools.google.com/dlpage/gaoptout— for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy and Terms web page: http://www.google.com/intl/en/policies/privacy
Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/about/ads
To opt-out from Facebook's interest-based ads follow these instructions from Facebook: https://www.facebook.com/ads/preferences
For more information on the privacy practices of Facebook, please visit the Facebook Data Policy page: https://www.facebook.com/policy.php
Quora Marketing service is provided by Quora Inc. You can learn more about Quora’s privacy policies from https://www.quora.com/about/privacy LinkedIn
LinkedIn remarketing service is provided by LinkedIn Corporation. LinkedIn allows its users to see and control the information that's collected about them for advertising purposes through their account settings.
You can learn more about LinkedIn's interest-based advertising by visiting this page: https://www.linkedin.com/help/linkedin/answer/62931
Microsoft Advertising is a remarketing and behavioral targeting service provided by Microsoft Corporation. This service allows advertisers to target and tailor ads to users based on their previous search and browsing behavior.
To opt-out from Microsoft's personalized ads, visit Microsoft's Opt-out page: https://account.microsoft.com/privacy/ad-settings
For a deeper understanding of how Microsoft handles your data and protects your privacy, refer to the Microsoft Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement
4.3.2 Mobile AppWhen you use our services through the mobile app, we collect and store information to provide basic functionality such as navigation, enable secure user authentication, prevent fraudulent logins and protect user data, as well as to store actions taken and login status during a session.
We remember your choices, settings, and preferences so that you can use our services in a personalized way.
In addition, we collect data about app usage, user behavior, and general performance metrics to improve our mobile app and ensure performance.
4.4 AnalyticsWe may use the usage data described in the previous section together with the user and customer data listed in sections 4.1.1 and 4.1.2 in anonymized form to gain insights into how we can improve our service offering and ensure the performance of the website.
You can find more information at https://support.google.com/analytics/answer/6004245?hl=en,
in particular, about the possibility of deactivating Google Analytics at http://tools.google.com/dlpage/gaoptout?hl=en.
4.5 Other Activities
4.5.2 Shareholder or Crowd InvestorWhen you participate in our crowdfunding, we collect your contact information and investment amount through our crowdfunding provider platform.
5. DATA SECURITYSelma Finance values the trust you place in us, and our top priority is to ensure the security of your information. We use a variety of security technologies and practices to protect your personal information from unauthorized intrusion, whether through access, use or disclosure. We employ various administrative, physical and technological measures tailored to maintain the integrity, confidentiality and security of your personal information. Specifically, we encrypt personal data before storing it on highly secure servers and restrict access to it on a strict "need-to-know" basis.
We have ensured that mechanisms are in place to identify when and by whom certain data has been modified or entered into our systems. We also control the transfer of data to recipients. Furthermore, we have taken steps to detect and mitigate data security breaches. In the unlikely event of a data breach that would result in a high risk to personal or fundamental rights, we will inform you and the FDPIC without undue delay.
Read more about how we protect your personal data in our FAQs
6. Disclosure of Personal Data
6.1 Disclosure to Third Parties Your personal data will be passed on to the following categories of third parties, only to the extent necessary for the relevant processing activity as set out in Chapter 4:
We may also share information to:
- Selma Group Companies
- Regulatory and Legal Compliance Entities (such as supervisory authorities, official audits, regulatory and compliance services providers and other entities as required by law)
- Technology Partners (such as hosting providers, analytical tools providers)
- Financial Operations (such as Custodian Bank, Financial accounting)
- Other service providers (such as postal services, operational services providers, etc.)
- satisfy any applicable law, regulation, legal process,
- enforce this Privacy Notice and our Terms of Service, including investigation of potential violations here of;
- detect, prevent, or otherwise address fraud, security, or technical issues;
- respond to your requests; or
- protect our rights, property or the safety of our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
6.2 International Transfer of Personal Data We may also transfer your personal data abroad, to countries in the European Union, the United Kingdom and the United States. In such cases, we ensure that these transfers are secure and in compliance with the FDPA. To ensure this, we transfer data only to countries
- which the Federal Council has decided that the legislation of the country or international body in question ensures an adequate level of protection, or
- if we have agreed standardized contractual data protection clauses with the respective recipient that have been approved, issued or recognized in advance by the Federal Data Protection and Information Commissioner (FDPIC)
7. YOUR RIGHTSUnder the FDPA you have the following rights:
- Right to information: You have the right to request details on their personal data's processing. They're entitled to know what data is processed on you, its purpose, retention period, data source, and recipients to which personal data is disclosed.
- The right to data portability: You have the right to receive personal data you have provided to us in a structured, commonly used and machine-readable format, and have the right to transmit that data to another controller without hindrance from us.
- Right to Correct Personal Data: You have the right to request the correction of incorrect personal data.
- Right to Legal Action for Protection of Personality: You can request specific data processing activities to be prohibited, demand the prohibition of disclosure of personal data to third parties if your personality rights are unlawfully infringed.