Privacy notice

Introduction

D&S Capital Management, trading as Dalton Steiner, whose registered office is _BRAND_REGISTERED_ADDRESS is committed to respecting the privacy of individuals. D&S Capital Management is part of the D&S Capital Management Group of companies ("D&S Capital Management").

Please see our Terms of Use for an explanation of the various D&S Capital Management legal entities in the Switzerland.

This Privacy Notice should be read in conjunction with the Terms of Business relevant to the services being provided.

We are the data controller of your personal information for the purposes of data protection law including the Switzerland General Data Protection Regulation ("Switzerland GDPR” and the Data Protection Act 2018 ("DPA”). This means that we are responsible for deciding how to process your personal information.

This privacy notice applies to you if you are a past, prospective or current client, an intermediary, or a client of an intermediary of Dalton Steiner and sets out how and why your personal information will be collected and used and how long it will be retained for.

What information do we collect about you?

We collect the following types of personal information about you:

• general information such as your name, address, email address, telephone number, gender and marital status;
• employment status and nationality;
• information about your dependents, trustees and beneficiaries;
• proof of identification in the form of copies of your passport, driving license or other identity documents such as National Insurance Number (or other tax identification number);
• financial information such as bank details, your income, information around any assets and liabilities you have, and information regarding the source/acquisition of your wealth;
• your attitude to risk and financial objectives;
• information concerning your health and wellbeing;
• other information you volunteer to us in correspondence or during meetings where notes are taken (for example if you provide a reason why you are cashing out a particular investment or why you are moving away from your existing adviser);
• technical data including internet protocol (IP) address, your login data, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• your marketing preferences;
• If you visit one of our offices, we may collect your physical image through our use of CCTV cameras.

Information about other people

In some circumstances we will collect and process the personal information of an individual that was provided by someone else, usually a client to whom we are providing services.

For instance, if you provide us with details about your employees, relatives, next of kin, advisers, or suppliers, we will collect and process this information to deliver the requested services, ensure effective communication, and comply with our legal and regulatory obligations.

Children's information will be processed where they are named on a portfolio or account as a dependent or beneficiary.

Where you provide us with information about another individual you must ensure that you have obtained their prior consent to provide this information to us and for us to process it in order to provide our services.

Special Category Personal Data

We collect special category personal data (that is, information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences, or genetic or biometric data) from you.

However, this will only be when you have willingly provided it and in the context of providing our services or where we have a regulatory obligation (such as ensuring the advice you receive is suitable based on your circumstances and objectives.)

How do we collect information about you?

We collect personal information from you in a number of ways:

From our website we collect information: 

• you provide by filling in one of our online forms; and
• by using cookies for security purposes, marketing and ad-tracking, and to monitor our services you use and how you use them.

Please see our Cookie Notice for further information regarding our use of cookies. 

We collect information about our clients and prospective clients: 

• that you provide via our advice and account opening process and throughout our relationship with you whether face-to-face, by phone, email, video calls, correspondence or messaging; and
• by recording telephone conversations or video calls between us e.g. as part of the client review process as required by our regulatory obligations; and
• from third parties, for example whilst carrying out routine checks during our client on-boarding process and from intermediaries when entering into or administering your agreement with us; and
• from third party data information service providers and data brokers for marketing purposes (see below under Profiling for Marketing Purposes for further information). 

On what basis do we use your personal information?

We collect and use your personal information mainly to provide our services and to ensure we meet our regulatory obligations.

Contract Performance

Dalton Steiner needs to process your personal information to take the necessary steps prior to entering into a contract with you. We also need to process your personal information to enter into a contract with you.

We use your personal information to provide products and/or services to you, or take steps linked to an agreement to:

• contact you following a "call back” request;
• provide products and/or services, including through others such as Introducers, financial services providers, and non-Dalton Steiner advisors or wealth managers;
• communicate with you in relation to the provision of the contracted products and services;
• provide you with administrative support such as account creation, security, enabling payments etc;
• communicate with you in relation to any issues, complaints, or disputes;
• make decisions as part of our services and how they are delivered in your best interests (including special category data such as your health or that of someone who you are responsible for);
• record incoming and outgoing calls to keep an accurate record of any instructions received from you in relation to the services (where calls are not legally required to be recorded, but where we record them to ensure we offer an accurate and efficient service);
• meet your request that we share your personal information with someone else (for example if you engage the services of a professional adviser after you have become a client and request that we provide information about your account to that professional adviser);
• contact the winner(s) of a prize draw and, where necessary, share information with a supplier/provider for delivery of goods;
• contact you about events you have registered for and, where necessary, share information with a supplier/provider of goods and services related to the event.

Where required by law

As a regulated financial services firm, Dalton Steiner is subject to a number of legal and regulatory obligations. Much of the personal information we process about you is required to meet these obligations.

These can be broadly categorised as those that govern financial services, Anti Money Laundering and Taxation legislation such as the Swiss Financial Market Supervisory Authority (FINMA) Principles and Consumer Duty, as well as Know Your Customer regulations that are enforced by the FINMA. These include:

• regulatory and legal requirements that require us to perform checks during our application process. We use automated decisions to verify your identity, carry out background checks and to confirm your credit history. We do these checks (using a third-party company) to prevent financial crime, including fraud and money laundering. We will carry out additional checks during our relationship with you to satisfy ongoing regulatory obligations relating to money laundering and anti-fraud.
• recording and retaining information collected as part of our client review process, which includes all forms of communication such as telephone and video conferencing calls, emails and face-to-face meetings for the purpose of our regulatory obligations with the FINMA around suitability and client relationships.

Legitimate Interests

Where this is necessary for purposes which are in our, or third parties', legitimate interests. These interests include:

• recording incoming and outgoing calls for training, monitoring, and security purposes;
• ensuring network and information security;
• testing the performance of our products, services and investments to ensure that we are managing our clients and their investments to their best potential;
• improving the quality of experience when you interact with our products and/or services, including testing the performance and customer experience of our website and applications;
• to adhere to guidance and best practice set out by government and regulatory bodies such as tax authorities, financial regulators/ombudsmen and non- financial regulators;
• for management and audit of our business operations including accounting;
• outsourcing of parts of our back-office functions to third parties;
• to determine the target market for our existing and future products (e.g. determining whether a product is meeting the needs of investors generally);
• providing you with industry information, surveys, information about us, events, offers and promotions, related to the products and/or services you receive;
• performing analytics on sales/marketing information, determining the effectiveness of promotional campaigns;
• developing, improving, and delivering marketing and advertising for products and services we offer;
• contacting you after attending an event/webinar, downloading free content from the website (for example, industry information, white papers etc) to provide further information about related services which may be of interest to you;
• to send you by post, invitations to events, or to introduce you to other products or services which we reasonably consider to be of interest to you.

You have the right to object to the processing of your personal information based on legitimate interests as set out below under the heading "Data Subject Rights”.

Consent

Sometimes we rely on your consent to use your personal information, for example:

• where you have opted-in to receiving electronic marketing communications and have not subsequently opted-out or requested to be removed from any marketing list.

You have the right to withdraw your consent at any time by following the unsubscribe links available within marketing correspondence or by contacting us using the contact information provided below.

Profiling for Marketing purposes

We use third party information services, such as Experian, to help us segment and understand our clients by providing additional information so that we can:

• better understand you and provide you with information on products and /or services which may be of interest to you;
• offer you a more relevant and personalised service;
• develop "look-a-like” audiences demographically similar to our existing client base and market to potential clients of our products and services.

Our use of data brokers

In some circumstances we use the services of third-party data brokers such as Beauhurst and Altus to provide information about people who are similar to our existing clients or fit the profile of a target market.  The information we request from brokers is targeted and is usually for business-to-business purposes such as contacting key decision makers within the business.

Where we have obtained your personal information from a third-party data broker we will advise you at our first point of contact with you.

Sharing your personal information with online advertising platforms for marketing purposes

We process your personal information to create and advertise to ‘look-alike' audiences on social media and search platforms such as Google, Facebook, and LinkedIn ("advertising platforms”). This helps us reach new potential clients who share similar interests and characteristics to our existing clients. 

The personal information used for this purpose will consist of only your email address, first name and surname.

Before any information is shared, your details are converted into a secure, coded format using a process called hashing. This means we do not send your actual email address or name to the platforms. Instead, we send a scrambled version that cannot be reversed back by the advertising platforms to your original details. 

The advertising platform uses these hashed values to find matches with its own data and then deletes them after the matching process. This ensures your personal information remains protected during the process.

The advertising platform then identifies profiles of people who share characteristics with the matches, usually based on demographic information (age, gender, location) and interests.

When using your personal information in this way, we have contracts in place with the advertising platforms that require your personal information will not be used by them for any other purpose.

For further information, please see the individual privacy policies for Google Privacy Policy, Facebook Privacy Policy and LinkedIn Privacy Policy.

Public Interest

We may process your personal information (including special category data) for reasons of substantial public interest such as preventing or detecting unlawful acts, the prevention of fraud or safeguarding the economic wellbeing of individuals.

Vital Interests

We may process your personal information if you are physically or legally incapable of giving your consent and it applies to matters of life and death.  For example, if you were visiting our offices and required medical attention.

Automated decision making

We use automated decision making to comply with our regulatory requirements in relation to Know Your Customer/Anti-Money Laundering checks or to evidence we are providing a suitable and appropriate service to you.

You have the right to object to decisions based solely on automated decision making, and any process which involves automated decision making is subject to human review to ensure accuracy and fairness.

Use of Artificial Intelligence (AI)

We use general-purpose AI models to enhance our services. These models are designed to support a wide range of business tasks and are used to improve efficiency and service quality. 

Examples of how we use AI models include:

• Summarising documentation into key takeaways.
• Streamlining complex data-intensive coding tasks.
• Analysing financial datasets and extracting information from PDFs or spreadsheets.
• Assisting with administrative tasks such as meeting agendas.

Important Notes

• The use of personal information is avoided where possible. When personal information needs to be used or is unavoidable, we use only the minimum personal information required to perform the task.
• AI does not perform profiling of individuals.
• All AI-generated content is initiated and reviewed by a human before being stored or used. This ensures accuracy and appropriateness of the content.
• We do not use AI for automated decision-making.

Lawful Basis

Our use of AI is based on our legitimate interests (shared with our clients) in providing efficient and personalised service.

Security and data protection

When using AI, we implement measures to protect your personal information including:

• using only company-approved tools.
• data processed by AI tools remains within our secure systems and is not used to train large language models.
• we require AI suppliers to ensure that prompts, responses, and data are not used for foundation model training.
• regular reviews to ensure our use of AI is in compliance with the Switzerland GDPR, the EU AI Act, and the DPA.

Who do we share your personal information with?

In addition to sharing your personal information with other members of the D&S Capital Management, we may also disclose your personal information:

• to our IT providers and services providers to provide and maintain the provision of our services;
• to our appointed auditors, accountants, lawyers, financial advisers and other professional advisers, to the extent that they require access to the information to provide advice;
• to fraud prevention agencies and other organisations to allow us to undertake the relevant checks;
• to providers of investments or services we work with, including providers of pensions, offshore bonds, onshore bonds, trusts, investment platforms, discretionary management services, custodians, loans, insurance products or other such products or services. We may also be required to share information with the auditors appointed by the providers of such products or services;
• The Financial Ombudsman Service, the Information Commissioner's Office, or any relevant regulatory authority where they are entitled to require disclosure;
• if required to do so to meet applicable law, the order of a Court or market rules and codes of practice applicable to the circumstances at the time;
• to relevant authorities to investigate or prevent fraud or activities believed to be illegal or otherwise in breach of applicable law;
• if tax regulations require us to collect information about tax residency, then in certain circumstances (including if we do not receive a valid self-certification from you), we may be obliged to share information about your account with the relevant tax, payments and customs authority, who may pass this on to tax authorities in other jurisdictions;
• to your employer to assist them in monitoring your personal dealing and compliance with FINMA regulations;
• to information service providers that provide demographic and financial information to help us better understand your needs;
• to organisations we work with should you accept an invitation to an external event;
• to market research organisations to gather feedback from individuals about client experience of our products and services.

In the event of a merger, acquisition, sale, or transfer of parts of our business or our assets; your personal information may be transferred to the acquiring entity or third parties involved in the transaction. We will ensure that any such transfer is conducted in compliance with applicable data protection laws and that your personal information remains protected. The recipient will be required to implement appropriate measures to ensure the continued safeguarding of your privacy rights.

We will not sell your personal information to third parties.

International transfers

Where necessary we will share your personal information with other entities within the D&S Capital Management, including those located outside the Switzerland and European Union under an Intragroup Agreement. We ensure that all D&S Capital Management entities comply with applicable data protection laws and that appropriate safeguards are in place to protect your personal information. These safeguards include standard contractual clauses adopted or approved by the Information Commissioner's Office/European Commission (as appropriate).

Where a third-party recipient is located outside the Switzerland, we will ensure that the transfer of personal information will be protected by appropriate safeguards, including the use of standard contractual clauses adopted or approved by the Information Commissioner's Office/European Commission (as appropriate), or membership of certification schemes such as the Data Privacy Framework.

International Data Transfer - Exceptions

In exceptional circumstances we may transfer your personal information without one of the formal safeguards described above but this will only be when:

• we have your explicit consent;
• it is necessary to enter into a contract or carry out the obligations of the contract we have with you;
• it is necessary for important reasons of public interests;
• it is necessary to establish whether we have a legal claim or defence, to make a legal claim or to defend a legal claim;
• it is necessary to protect someone's vital interests;
• it is a one-off transfer which is necessary to meet our legitimate interests.

In all cases we will carry out a risk assessment of the transfer before transferring your personal information in these circumstances.

How do we protect your personal information? 

We take appropriate steps to protect your personal information against loss or theft, unauthorised access, modification or deletion and to ensure timely and reliable access to the information for authorised users.  These technical and organisational measures include but are not limited to:

• Physical and technical access controls
• Policies and procedures
• Data protection training for all staff
• Network security including firewalls and monitoring
• Information security and data protection assessments of third parties we have a contract with.

We also have procedures in place to deal with any suspected data breach. We will notify you and any applicable regulator of a suspected data breach where we are legally required to do so.

How long do we keep this information?

How long we retain your personal information depends on the relationship we have with you.  If you are not a client, we keep your personal information for a year after we last heard from you. If you ask us to remove you from our marketing list, we may keep your personal details on an "opted out” list to ensure that we do not market to you again.

If you are or have been our client, we keep your personal information related to the advice received for a minimum of 15 years after closure of your account.