Privacy policy
Last update, 18 March 2023
1. PRIVACY NOTICE
Selma Finance ("We") is committed to protecting and respecting your privacy. This privacy notice sets out how we process personal data that we collect about you or that you provide to us, in accordance with the Swiss Federal Act on Data Protection (FADP), when you use our website https://www.selma.com (hereinafter: "Website") and our mobile app (hereinafter: "App"; together: "Services").This Website and its Services are intended exclusively for persons residing in Switzerland.
2. DATA CONTROLLER
The controller for the purposes of the FADP is:Selma Finance AG
Hardturmstrasse 161
8005 Zurich
Schweiz
CH-130.3.023.642-3
[email protected]
3. PERSONAL INFORMATION WE COLLECT
Personally identifiable information (PII) is information that, when used alone or with other relevant data, can identify an individual. Personal data is any information relating to such an identified or identifiable natural person.We may collect and receive information about users of our Service from various sources, including:
- Information you provide when opening an account for the Service
- Your use of the Service
- From third-party websites, services, and partners
4. HOW WE USE PERSONAL DATA
When you visit our Website, Blogs and Learning Contents (“visitor”); when you register on our website or app to test our Services (“user”) or actively use our contractual investment services (“client”) we collect and process the following information about you.4.1 Our Service
4.1.1 Users
Upon registration for an account, we collect and utilize:- Basic Identity Information: Full name, date of birth, nationality.
- Contact Details: Email address, phone number, physical address.
- Technical Data: Hashed password
- Investment Profile: Investment objectives, risk tolerance, investment horizon, experience, and knowledge.
- Financial Data: Income, expenditure, assets, and liabilities.
4.1.2 Clients
For our clients, we additionally:- Collect Legal Identification Information (proof of identity and address) to verify identity as per Swiss regulations. This is done in partnership with a specialized service provider.
- Utilize KYC and Compliance Information (source of funds information, politically exposure and sanctions status, tax status, beneficial ownership) to ensure adherence to regulations, including anti-money laundering legislation.
- Use Basic Identification and Transaction Data (records of assets, investment transactions) to perform financial transactions, manage your assets according to your individual plan, and provide wealth management services.
- Record Security and Interaction Data, like logins and confirmations, to keep an audit trail of your instructions and our actions.
- Use your contract status to provide you with the appropriate service updates and tailored promotional offers.
4.1.3 Referrals
If you refer someone to our Services, we may collect their email address for promotional purposes. The personal information and the purpose will be clearly communicated to you again if and when you choose to provide this information in our service.4.1.4 Partners Promo Code
When you use a partner promo code or come via a campaign link, we can share the following information with the respective partner:- Basic Identification Information: Full name, address
- Contractual Information: Selma client number, contract signing date
4.2 Communication
4.2.1 Email and chat
If you contact us via chat we can collect the following information:- Contact Details: Name, email, and phone number.
- Interaction and Usage Data: Message content and any other provided data like annexes.
4.2.2 Newsletter
When subscribing to our newsletter we store:- Contact Details: Name and email.
- Marketing and Consent Data: Subscription preferences.
4.2.3 Webinars
If you participate in our webinars, you can provide us:- Contact details: name and email.
4.3 Website or Mobile App
4.3.1 Website
4.3.1.1 Log Files
Visiting our website involves the collection of technical data stored temporarily in server log files. This data is used to ensure security, aid performance, and troubleshoot errors.4.3.1.2 Cookies and Tracking Data
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information to improve and analyze our Service.
There are different types of cookies we use for different purposes:
- Essential Cookies: Functional Cookies ensure basic functionalities like navigating; Security Cookies enable secure user authentication, preventing fraudulent logins, and protecting user data and Session Cookies serve essential functions during a single browsing session, such as maintaining a logged-in status.
- Preference Cookies: We use Preference Cookies to enhance user experience by remembering choices, settings, and preferences.
- Analytics & Performance Cookies: to collect data on website usage, user behavior, and overall website performance metrics that we use to improve our website and ensure Website performance.
4.3.1.3 Advertising and re-marketing
We use re-marketing services to serve ads on third party websites after you have visited our Service. We and our third party vendors use cookies to inform, optimize and serve ads to you based on your previous visits to our Service.Google AdWords
Google AdWords re-marketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytics Opt-out Browser Add-on —https://tools.google.com/dlpage/gaoptout— for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy and Terms web page: http://www.google.com/intl/en/policies/privacy
Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/about/ads
To opt-out from Facebook's interest-based ads follow these instructions from Facebook: https://www.facebook.com/ads/preferences
For more information on the privacy practices of Facebook, please visit the Facebook Data Policy page: https://www.facebook.com/policy.php
Quora
Quora Marketing service is provided by Quora Inc. You can learn more about Quora’s privacy policies from https://www.quora.com/about/privacy LinkedIn
LinkedIn remarketing service is provided by LinkedIn Corporation. LinkedIn allows its users to see and control the information that's collected about them for advertising purposes through their account settings.
You can learn more about LinkedIn's interest-based advertising by visiting this page: https://www.linkedin.com/help/linkedin/answer/62931
For more information on the privacy practices of LinkedIn, please visit the LinkedIn Privacy Policy page: https://www.linkedin.com/legal/privacy-policy
Microsoft Advertising
Microsoft Advertising is a remarketing and behavioral targeting service provided by Microsoft Corporation. This service allows advertisers to target and tailor ads to users based on their previous search and browsing behavior.
To opt-out from Microsoft's personalized ads, visit Microsoft's Opt-out page: https://account.microsoft.com/privacy/ad-settings
For a deeper understanding of how Microsoft handles your data and protects your privacy, refer to the Microsoft Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement
4.3.2 Mobile App
When you use our services through the mobile app, we collect and store information to provide basic functionality such as navigation, enable secure user authentication, prevent fraudulent logins and protect user data, as well as to store actions taken and login status during a session.We remember your choices, settings, and preferences so that you can use our services in a personalized way.
In addition, we collect data about app usage, user behavior, and general performance metrics to improve our mobile app and ensure performance.
4.4 Analytics
We may use the usage data described in the previous section together with the user and customer data listed in sections 4.1.1 and 4.1.2 in anonymized form to gain insights into how we can improve our service offering and ensure the performance of the website.4.4.1 Google Analytics
Our website uses Google Analytics of Google Inc., a web analytics service of Google Ireland Limited. Google Analytics uses cookies. These allow Google to analyze the use of our website. This service helps us to understand website traffic and to improve our service offering.You can find more information at https://support.google.com/analytics/answer/6004245?hl=en,
in particular, about the possibility of deactivating Google Analytics at http://tools.google.com/dlpage/gaoptout?hl=en.
4.5 Other Activities
4.5.1 AI Advice
When you activate our AI Advice feature, we use the following information to create analyses for you with the help of our proprietary algorithms: Investment profile: investment goals, risk tolerance, investment horizon, experience, and knowledge Data about your financial situation: cash, cash buffer, liabilities, investments, debts, savings rate Your age Information about your investments and investment strategy at Selma as well as transaction data This information and analyses are shared with OpenAI (ChatGPT) in pseudonymised form (meaning without information that allows conclusions to be drawn about you) to generate personalised feedback in natural language. In addition to the standard data protection clauses provided for in section 6.2, our agreement with OpenAI includes that your data may not be used for the training of their AI models, the data and responses remain the property of Selma at all times, and all data, unless legal obligations exist, will be deleted within 30 days.4.5.2 Community Member
When you participate in our community on circle.io, we have access to the data you choose to share in our groups. We use this information to facilitate open discussions about our app's development plan and to get feedback. Please refer to the respective privacy policy on circle.io4.5.3 Shareholder or Crowd Investor
When you participate in our crowdfunding, we collect your contact information and investment amount through our crowdfunding provider platform.We use this information to provide you with the benefits to which you are entitled based on your investment amount and to give you the opportunity to become part of our closed investor community. Please refer to the respective privacy policy on seeders.com.
4.5.4 Candidate
When you visit our careers page on the homepage, you will be redirected to the Selma landing page on an external hiring platform. We will collect your name and email address, your resume, and the application information you provide in order to process your application. Please refer to the respective privacy policy at thehub.io.5. DATA SECURITY
Selma Finance values the trust you place in us, and our top priority is to ensure the security of your information. We use a variety of security technologies and practices to protect your personal information from unauthorized intrusion, whether through access, use or disclosure. We employ various administrative, physical and technological measures tailored to maintain the integrity, confidentiality and security of your personal information. Specifically, we encrypt personal data before storing it on highly secure servers and restrict access to it on a strict "need-to-know" basis.We have ensured that mechanisms are in place to identify when and by whom certain data has been modified or entered into our systems. We also control the transfer of data to recipients. Furthermore, we have taken steps to detect and mitigate data security breaches. In the unlikely event of a data breach that would result in a high risk to personal or fundamental rights, we will inform you and the FDPIC without undue delay.
Read more about how we protect your personal data in our FAQs
6. Disclosure of Personal Data 6.1 Disclosure to Third Parties
Your personal data will be passed on to the following categories of third parties, only to the extent necessary for the relevant processing activity as set out in Chapter 4: - Selma Group Companies
- Regulatory and Legal Compliance Entities (such as supervisory authorities, official audits, regulatory and compliance services providers and other entities as required by law)
- Technology Partners (such as hosting providers, analytical tools providers)
- Financial Operations (such as Custodian Bank, Financial accounting)
- Other service providers (such as postal services, operational services providers, etc.)
We may also share information to: - satisfy any applicable law, regulation, legal process,
- enforce this Privacy Notice and our Terms of Service, including investigation of potential violations here of;
- detect, prevent, or otherwise address fraud, security, or technical issues;
- respond to your requests; or
- protect our rights, property or the safety of our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
6.2 International Transfer of Personal Data
We may also transfer your personal data abroad, to countries in the European Union, the United Kingdom and the United States. In such cases, we ensure that these transfers are secure and in compliance with the FDPA. To ensure this, we transfer data only to countries - which the Federal Council has decided that the legislation of the country or international body in question ensures an adequate level of protection, or
- if we have agreed standardized contractual data protection clauses with the respective recipient that have been approved, issued or recognized in advance by the Federal Data Protection and Information Commissioner (FDPIC)
7. YOUR RIGHTS
Under the FDPA you have the following rights:- Right to information: You have the right to request details on their personal data's processing. They're entitled to know what data is processed on you, its purpose, retention period, data source, and recipients to which personal data is disclosed.
- The right to data portability: You have the right to receive personal data you have provided to us in a structured, commonly used and machine-readable format, and have the right to transmit that data to another controller without hindrance from us.
- Right to Correct Personal Data: You have the right to request the correction of incorrect personal data.
- Right to Legal Action for Protection of Personality: You can request specific data processing activities to be prohibited, demand the prohibition of disclosure of personal data to third parties if your personality rights are unlawfully infringed.