Privacy Policy


With this privacy policy, arc investors AG ("we" or "Arc Investors") informs how we collect, use and share your personal data when you use our Services. "Services" refers to all of our products and services (e.g. website).

1. Who is responsible for processing my personal data and whom can I contact?

arc investors AG
Bellerivestrasse 55
8008 Zurich

UID: CHE-470.091.487

2. What personal data do we process about you?

We only process the personal data necessary to provide our Services, namely the following categories:

  • Personal details: in particular first name and surname, telephone number and/or e-mail address that we obtain from business partners as well as other individuals in the context of our business relationships with them;
  • Contract data: in particular information about contracts and the Services to be provided, data from the run-up to the conclusion of a contract, the information required or used for processing Services and information about reactions;
  • Communication data: in particular, preferred communication channel, correspondence with us (including records of communication);
  • Data in connection with the use of our Services, server protocol (whereby this is mostly non-personal data): in particular connection data, IP address and other identifiers (e.g. user name for social media, MAC address of the smartphone or computer, date and time of the visit to our Service, duration of the visit to the Service, requested Internet address (Uniform Resource Locator, URL), referrer URL (i.e. the internet address of the website from which you have reached our website, if applicable with the search word used), browser type and version, operating system used, amount of data sent in bytes, geolocation data
3. From whom do we receive your personal data?

We receive personal data from:

  • Direct Sources: Generally, we process Personal Data that we receive directly from you, such as in the course of our business relationship, use of the Services, or in direct communications via email, telephone or other means.
  • Indirect Sources: In certain cases, we may collect personal information indirectly. This happens namely when someone else (e.g. a friend of yours) recommends you to us. In addition, we may purchase supplemental information from data sources (e.g. data bases or social media). We may obtain personal data from publicly accessible sources (e.g. commercial and association registers, the press, the internet). In individual cases, it is possible that personal data is derived from the combination of various non-personal data.
4. On what legal basis and for what purposes do we process your personal data?

We process personal data in accordance with the provisions of the Swiss Data Protection Act (DPA) and the General Data Protection Regulation of the European Union (GDPR):

4.1 For the performance of the contract

We process personal data in direct connection with the conclusion and execution of contracts. Such contracts may include in particular: investment advisory contracts. The purposes of data processing are primarily determined by the specific Service. The relevant additional data protection information, in particular the specific processing purposes, can be found in the respective contractual documents, terms and conditions or conditions of participation.

4.2 To comply with legal obligations

We process personal data where there is a legal or regulatory obligation to do so. Processing purposes include namely:

  • Document compliance with certain legal and regulatory requirements;
  • Participation in investigations and proceedings, cooperation with and response to inquiries from government agencies and courts;
4.3 Based on your consent

If you have given us your consent for certain processing purposes, this forms the legal basis of the processing.

4.4 In order to safeguard legitimate interests

We process personal data where this is necessary to protect legitimate private interests of us or of third parties, or to protect legitimate public interests. Examples:

  • Ensuring IT security and IT operations: in particular troubleshooting, operation and further development of our IT systems and our Services, identity checks;
  • Quality control: in particular, preparing reports on users, transactions, activities, Services and other business aspects of ours for corporate management and development, compiling statistics, budgets, records and management information, organizing business operations, project management, research, development and enhancement of Services;
  • Ensuring compliance: in particular, checking compliance with internal rules of ours;
  • Carrying out corporate transactions: in particular the sale or purchase of business units, companies or parts of companies and the associated transfer of personal data;
  • Dealing with legal disputes: in particular assertion of legal claims and defence;
  • Prevention and detection of crime and other inappropriate behavior: in particular, abuse prevention, collection of evidence in offences;
5. Who receives my personal data?

Within our organization, access to your data will be given to those departments that need it to fulfill the processing purposes mentioned above.

6. Do we transfer your personal information between countries?

We may transfer personal data to any country in the world, in particular to all countries in which we are represented by group companies, branches or other offices and representatives (namely UK).

Personal data may also be transferred to a country without adequate data protection, provided that:

  • We ensure adequate protection, namely by means of sufficient contractual safeguards such as standard contractual clauses or binding corporate data protection rules;
  • You give your express consent;
  • It is necessary for the performance of a contract with you or a contract in your interest;
  • It is necessary for the fulfillment of a legal obligation;
  • It is necessary to safeguard overriding public interests, to establish, exercise or enforce legal claims or to protect the life or physical integrity of you or third parties;
  • You have made the personal data generally accessible and do not expressly prohibit processing; or
  • The personal data originate from a register provided for by law, which is public or accessible to persons with an interest worthy of protection, insofar as the legal requirements for inspection are met in the individual case.
7. How long will my personal data be kept?

We retain personal data as long as it is necessary for the purpose for which we collected it (i.e. for the duration of the entire business relationship). If the personal data is no longer required to fulfill the purpose, we generally delete it.

In individual cases, there may be a contractual or legal obligation to retain data (e.g. in accordance with the Swiss Code of Obligations, the Value Added Tax Act, the Federal Act on Direct Federal Taxes, the Federal Act on the Harmonization of Direct Taxes of the Cantons and Municipalities, the Federal Act on Stamp Duty, the Withholding Tax Act). We generally store contract-related personal data for the duration of the contractual relationship and for ten years beyond the termination of the contractual relationship. For evidentiary purposes, we may store personal data for the duration of the applicable limitation period, which is usually five or ten years.

8. What rights do I have?

You have a right to:

  • Information on personal data concerning them;
  • Correction Deletion or destruction of personal data
  • Objection or restriction of processing of personal data;
  • Revocation of consent if the processing of personal data is based on your consent. The revocation is possible at any time and is effective for the future. The revocation does not affect the lawfulness of the data processing that took place until the revocation.
  • Data portability in certain cases and in a common electronic format that allows further use and transmission;
  • We will inform you separately about your rights in connection with any automated individual decision-making, insofar as this is required by law. For the establishment and implementation of the business relationship, we generally do not use any procedures of automated individual decision-making.

To exercise your rights, please contact the contact point mentioned above. As a rule, the exercise of your rights requires that you can clearly prove your identity. We also draw your attention to the fact that by deleting your personal data Services may no longer be available or used in whole or in part.

We reserve the right to restrict your rights within the framework of the applicable law and, for example, not to provide complete information or not to delete data.

You have the right to lodge a complaint with the competent data protection authority. In the case of a controller of ours in Switzerland, this is the Swiss Federal Data Protection and Information Commissioner (

9. What are my duties?

Only provide us with personal data of other persons if you are entitled to do so under applicable data protection law. Please ensure that those persons are aware of this privacy policy.

Note that the internet is generally not a secure environment because it is an open network that can be accessed by anyone. Therefore, we also appeal to your personal responsibility with regard to the handling of your personal data. To the extent permitted by law, we accept no liability for the security of data that you transmit to us via the internet or other electronic channels or for any direct or indirect damage. We ask you to choose other communication channels if this appears necessary or reasonable for security reasons.

10. Amendment of this privacy policy

We may amend this privacy policy at any time without prior notice and communication. The cur-rent version published in our Services (e.g. on our website) applies.

If this privacy policy is part of an agreement with you, we may inform you of the change to the privacy policy by e-mail or other appropriate means. If you do not object within 30 days, the new privacy policy will be deemed to be agreed. If you object, we may terminate the agreement extraordinarily and without notice.