What is the Purpose of this Data Protection Declaration?
Our data protection declaration explains how and why SIX Financial Information processes personal data. It applies to all individuals with whom we come into contact. This includes board members, beneficial owners, employees of (potential) clients and service providers, users of our products, participants in our events, those subscribing to our newsletters, as well as regulatory bodies and other business partners.
Why Do We Advocate Data Protection?
Data protection is a top priority at SIX Financial Information, particularly when processing personal data. The general principle is that a high level of data protection and data security must be guaranteed wherever data is processed. We therefore consider it extremely important to comply with the key legislation and protect the personal rights and privacy of persons affected in order to satisfy both national and international legal requirements.
In order to protect personal data, SIX Financial Information employs appropriate physical, electronic, and procedural security measures. These include firewalls and personal passwords, as well as encryption and authentication technologies.
Who Bears Responsibility?
The legal entities of SIX Financial Information listed in the following are controllers. In other words, they are responsible for processing personal data.
Why Do We Process Personal Data?
We Process Personal Data When:
- We are seeking to get (potential) clients to sign a contract or require the data in order to fulfill a contractual obligation
- We have legal requirements that we must meet
- We are pursuing a legitimate business interest, for example to comply with the security provisions for our premises and IT infrastructure
We Process Personal Data for the Following Reasons:
- For contractual arrangements
- In order to provide services for our clients, including the communication required for this
- In order to accept, analyze, and respond to client interactions and improve the quality of the service we provide
- In order to inform clients/suppliers or service providers/regulatory bodies of operational incidents, their implications, and how they are/were rectified
- In order to maintain relations with business partners, (potential) clients, and service providers
- In order to conduct analyses aimed at strengthening business relations and improving our services
- For advertising purposes
- In order to perform tests and provide support services
- In order to operate and maintain our information technology
- In order to substantiate, exercise, or defend legal claims
- In order to protect our rights, our property, and our security, as well as those of our clients, business partners, and other third parties
- For other reasons, insofar as these are specified separately
What Kind of Personal Data Do We Process?
The personal data processed by SIX Financial Information is generally limited to basic information on individuals. This data typically includes the name, gender, position, work address, telephone number, and e-mail address of the respective person. However, in the context of sending out newsletters and marketing products online, SIX Financial Information also processes anonymized information, such as click behavior, as well as the IP address, geographical location, browser type, time spent on the website, and pages viewed. Other data types are based on the respective services.
Where Do We Obtain This Personal Data?
We Collect This Data From:
- Our clients, when they
– Provide us with contact details for relationship management, sales, or other purposes
– Send us data in either electronic or printed forms via e-mail or physical mail
– Provide us with data in order to conclude a contract or service agreement (including invoicing)
– Provide us with data in order to rectify operational issues, for client satisfaction surveys, for service improvements, and for other legitimate uses - Our service providers
– In order to establish and then maintain contact
– In order to set up and maintain contracts and service agreements as well as other service descriptions
– For the purpose of invoicing and invoice settlement
– In order to monitor service delivery in the sense of quality assurance and improvement in quality
– In order to collaborate in specifying solution concepts and deliveries - From other sources, such as
– Collecting information in order to select and assess service providers
– Information in connection with newsletter subscriptions
– Information from regulatory bodies
– Information from public sources
To whom is this data disclosed?
Personal data may be disclosed or transferred to
- Our business partners (for example data providers) if this disclosure is contractually agreed
- Our clients and business partners in the context of disruptions and issue resolution, contract management, queries regarding the provision and invoicing of services, compliance inquiries, and general customer care
- Other legal units of SIX Group companies and business partners that are involved in the delivery of service and operations of SIX Financial Information
- The responsible supervisory body, law enforcement agency, or tax authorities
- Our auditors, as well as any legal counsel involved in judicial proceedings
- Our technology suppliers for the purpose of eliminating operational disruptions and providing support
- Other persons, insofar as such disclosure is legally required
Where Do We Transfer Data?
Personal data may be transferred to other legal entities of SIX Group of companies and to the relevant supervisory bodies, law enforcement agencies, tax authorities and courts as well as service providers and other business partners of SIX Group of companies that are involved both within and outside the European Economic Area (EEA). This includes countries whose data protection standard deviates from the EEA standard. If data is transferred to a business partner in a country with a different data protection standard, this business partner is contractually obligated by us to protect the data either in line with a data transfer agreement that applies in the EEA or through the implementation of other suitable security measures.
Data transfer can take place to the following countries: Belgium, Denmark, France, Germany, Italy, India, Japan, Luxembourg, Monaco, Morocco, Netherlands, Poland, Singapore, Spain, Sweden, Switzerland, United Kingdom, United States.
How Long Do We Store Personal Data?
We generally require personal data for the duration of the respective business relationship. However, SIX Financial Information only stores personal data for as long as necessary in order to serve the purpose for which it was collected or to comply with legal/regulatory requirements.
What Rights Do You Have Regarding the Data Collected About You?
You can ask us to: (i) correct your personal data; (ii) delete your personal data; or (iii) restrict processing of your personal data. You can also prohibit the use of your data for marketing purposes (opt out) and the processing of your data for other business purposes. These rights may be restricted in certain cases, for example if the processing of your data is required for legal purposes.
Please reach out to the contact specified below in order to exercise these rights or if you have any questions regarding the processing of your personal data. You can also contact the data protection authority responsible for you as well as the authority in whose jurisdiction a violation of the Federal Data Protection Act is presumed to have taken place.
Update to the Data Protection Declaration
This data protection declaration was last updated on 06.06.2023. Future updates may be required either due to changes in the legal/technical bases or as a result of business development.
How Can You Contact Us?
To exercise your rights with regards to data protection please use this link.
You can also direct your queries to: SIX Group Services Ltd., Data Protection Officer, Hardturmstrasse 201, 8005 Zurich, Switzerland, E-Mail: dataprotection@six-group.com
Additional Provisions:
The following data protection provisions also apply on SIX websites SIX Group Privacy Statement