PRIVACY POLICY

1. Scope

This privacy policy applies when you interact with Axios Trustees SA
("Axios Trustees", "we", "us" or "our") as:

A customer or prospective customer,
Visitor to our website,
Partner or service provider,
Employee,
Candidate in a recruitment process.

It describes how we collect, use, disclose, store and protect your personal data in accordance with applicable data protection laws and regulations. We may amend this policy at any time. The current version is the one published on our website. In the event of a significant change, we will notify you in an appropriate manner.

2. Definitions

For the purposes of this policy, the following definitions apply:

"Personal data" Any information relating to an identified or identifiable natural person, directly or indirectly, such as a name, e-mail address, telephone number, postal address, IP address or any other data that allows you to be identified.

"Data controller"

The entity that determines the purposes and means of processing personal data. For the processing operations covered by this policy, Axios Trustees acts as the Data Controller.

"Processing"

Any operation or set of operations performed on personal data, whether automated or not, such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, restriction, erasure or destruction.

3. Personal data we collect

The categories of personal data we collect depend on your relationship with us.

3.1. If you are a customer or prospect

We collect the data necessary for the management and monitoring of our fiduciary, corporate

governance and accounting solutions, including:

Identification information: first name, surname, date and place of birth, nationality(ies), contact details (address, telephone number, e-mail address);
Financial and tax information: financial situation, income, bank details, tax returns, tax identification number, tax residence;
Official documents: copies of identity documents, proof of address, tax certificates, legal deeds and documents;
Information from regulatory checks: results of KYC/AML checks, information from screening tools, sanctions lists, risk profiles, beneficial owners, politically exposed persons (PEPs);
Other data necessary for the performance of our contractual obligations or required by applicable laws and regulations.

3.2. If you are a visitor to our website

When you visit our website, certain data is collected automatically through cookies and other technical trackers, including:

IP address,
Browser type and operating system,
Pages viewed,
Date and time of connection,
Technical data used for security, performance or anonymised statistical purposes.

3.3. If you are an Axios Trustees employee

We process, among other things:

Identification data: surname, first name, date of birth, contact details;
Professional data: position, role, qualifications, career history, evaluations;
Administrative and contractual data: employment contract, authorisations and residence permits, social security data;
Financial data: salary, bank details, tax information related to the employment relationship;
Sensitive data where applicable: for example, certain health information (e.g. medical certificates) to the extent necessary and permitted by law;
Connection data to internal IT systems and tools (logins, technical logs) for security and system usage purposes.

3.4. If you are applying for a position at Axios Trustees

We collect the data necessary to review and manage your application, including:

Surname, first name, contact details,
CV and cover letter,
Information about your professional experience, training and qualifications,
Professional references,
Any other data you provide to us as part of the recruitment process.

4. Purposes and legal bases for processing

We process your personal data for the following purposes and on the following legal bases:

4.1. Performance of a contract or pre-contractual measures

When processing is necessary for the performance of a contract concluded with you or for the implementation of pre-contractual measures at your request, we use your data in particular for:

Manage the contractual relationship, including the opening, administration and closure of our advisory, fiduciary or wealth management services;
Implement the agreed services, such as the creation or administration of companies, trusts or other legal entities;
Ensure the invoicing, accounting management and administrative follow-up of our services;
Respond to your requests for contact or information prior to entering into a contract;
Manage the employment contract lifecycle for our employees (HR management);
Processing applications in the context of recruitment.

4.2. Overriding interest of Axios Trustees

Where necessary for the pursuit of a legitimate overriding interest of Axios Trustees (or a third party) and where your interests or fundamental rights do not prevail, we use your data in particular to:

Ensure the security of our IT infrastructure, prevent unauthorised access, and combat fraud and malicious acts;
Meet our internal compliance and risk management requirements (documentation, quality controls, archiving of certain data);
Manage relationships with our partners and service providers (contract monitoring, service evaluation, operational coordination);
Maintain professional communication with our existing contacts and customers (e.g. invitations to events, institutional communications, professional news, within reasonable limits).

4.3. Compliance with a legal obligation

We process and, where applicable, disclose your personal data when necessary to comply with our legal or regulatory obligations, in particular:

Cooperation with the relevant supervisory, regulatory or governmental authorities;
Compliance with legal obligations related to our field of activity (e.g. anti-money laundering, taxation, prudential supervision, etc.);
Disclosure obligations to tax authorities, including the Swiss Federal Tax Administration (FTA) in connection with the automatic exchange of information (AEOI) in accordance with OECD standards (Common Reporting Standard – CRS).

The information transmitted in this context may include identification data, financial information and data relating to the structures or accounts concerned.

The updated list of reportable jurisdictions can be found on the FTA's official website.

Before any information is transmitted in this context, we undertake, where required by law, to notify the persons concerned individually by means of a written notice specifying the nature of the data to be transmitted, the legal basis for the communication and the contact details for any further questions.

4.4. Consent

In certain cases, we may process your personal data on the basis of your explicit consent, for example:

when you accept the use of cookies that are not strictly necessary for the functioning of our website;
when the law requires specific consent for certain types of processing.

When processing is based on your consent, you may withdraw it at any time, without retroactive effect, by contacting us (see the section "Exercising your rights and contacting us").

5. Data retention period

Your personal data is retained only for the period necessary for the purposes described in this policy or for the period required by applicable legal and regulatory obligations.

The criteria used to determine these periods include, in particular:

The nature of the contractual or pre-contractual relationship;
Legal retention requirements (e.g. for tax, commercial or prudential purposes);
The limitation periods applicable to any legal proceedings.

Once these periods have expired, the data is deleted or anonymised, unless otherwise required by law.

6. Recipients and sharing of your personal data

In the course of managing our services and our website, we may use external service providers and subcontractors (e.g. IT suppliers, compliance service providers, auditors, external advisers).

When we transfer personal data to these third parties:

They may only use it for the purposes strictly defined by Axios Trustees;
They are bound by contractual confidentiality and security obligations (in particular through Data Processing Agreements);
We implement appropriate measures to ensure that they comply with applicable data protection requirements.

We also reserve the right to disclose your personal data in the following situations:

When permitted or required by law;
When necessary to protect ourselves against actual or potential fraud, or to prevent it;
When necessary in connection with an investigation of suspected or actual fraud or other illegal activities.

We do not and will never sell your personal data.

7. International transfers of personal data

Where possible, your personal data is collected, processed and stored in Switzerland.

When personal data is transferred to countries outside Switzerland, the European Union or a country recognised by the Federal Council as offering an adequate level of protection, we ensure that these transfers are subject to appropriate safeguards, for example:

Standard contractual clauses or standard clauses approved by the competent authorities;
Other mechanisms recognised by applicable data protection legislation (e.g. Art. 16 et seq. of the Federal Data Protection Act).

8. Use of cookies and other trackers

Axios Trustees uses cookies and other tracking technologies when you browse our website. Cookies are small text files placed on your browser that may contain a unique identifier, an IP address, and the date and time of your visits.

Cookies enable us to:

Ensure our website functions properly;
Secure access to certain features;
Analyse website usage for statistical purposes
(in aggregate and, where applicable, anonymised form);
Remember some of your preferences (e.g. language).

We use different types of cookies:

A. Strictly necessary cookies

Essential for the functioning of the site and the provision of the services you request. Without these cookies, the site cannot function properly.

B. Performance cookies

These collect information about how visitors use our site (most visited pages, any error messages, etc.) in order to improve the site's functionality and usability.

C. Functionality cookies

These cookies remember your choices (e.g. your language or region) and offer personalised features.

D. Advertising or targeting cookies (if applicable)

These may be used to display content or information relevant to your interests.

You can manage your cookie preferences via:

your browser settings (blocking, deleting cookies, etc.);
the cookie preferences centre available on our website, where available.

Please note that disabling certain cookies may affect the proper functioning or certain features of our site. Cookies may be temporary (session cookies, deleted when you close your browser) or persistent (stored until they expire). The retention period varies depending on the type of cookie and your browser settings, with a maximum duration of 13 months.

9. Personal data security

We implement appropriate technical and organisational measures to protect your personal data against:

Loss,
Unauthorised access,
Misuse,
Modification,
Unauthorised disclosure or destruction.

Access to your data is limited to employees and contractors who need it to perform their duties and who are subject to a contractual obligation of confidentiality and data protection.

We regularly review our security practices and adapt our measures to changing risks, technologies and legal requirements.

10. Your rights

Subject to applicable data protection laws, you have the following rights:

Right of access
You may request information about the personal data we hold about you, as well as information about how it is processed.
Right of rectification
You may request the correction of inaccurate or incomplete personal data.
Right to erasure ("right to be forgotten")
You may request, under certain conditions, the deletion of your personal data, for example when it is no longer necessary for the purposes for which it was collected or when you withdraw your consent.
Right to restriction of processing In certain cases, you may request that the use of your data be restricted (for example, while the accuracy of your data is being verified or while an objection is being examined).
Right to object
You may object, for reasons relating to your particular situation, to certain processing operations based on an overriding interest. You may also object at any time to the processing of your data for institutional or similar communication purposes, where such processing is based on our legitimate interests.
Right to data portability
Where provided for by law, you may request to receive some of your personal data in a structured, commonly used and machine-readable format, or to have it transferred to another data controller where technically feasible.
Right to withdraw your consent
Where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out prior to withdrawal.
Right not to be subject to automated individual decision-making
Where applicable, you have the right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or significantly affects you, except in cases provided for by law.

Depending on the applicable legislation, you may also have the right to lodge a complaint with the competent data protection supervisory authority.

11. Exercising your rights and contacting us

If you have any questions about this privacy policy, our data protection practices or to exercise your rights, you can contact us at the following address:

By email: data.protection@axios-trustees.ch

By post : Axios Trustees SA Boulevard Georges Favon 19, 1204 Geneva Switzerland

We will process your request as soon as possible, in accordance with the applicable legal requirements regarding data protection.