4.1 Within the Cornèr Group
Within Cornèr, your data is made available strictly on a need-to-know basis for the performance of our contractual and statutory obligations.
We may transfer personal data to other Cornèr Group companies for intra-Group management purposes (including for risk management pursuant to statutory or administrative obligations) and for the processing purposes listed above. In so doing, your personal data may be processed and linked with personal data from other Cornèr Group companies for the relevant purposes.
4.2 Third parties
When we provide you with products and services, we give personal data to individuals who are acting on your behalf or otherwise participating in the transaction (depending on the type of products or services you make use of), including the following types of companies described below, where applicable.
Other lending and financial services institutions or similar establishments, with which we share your personal data (for instance, depending on the contract, correspondent banks, custodian banks, external asset managers, fund managers, brokers, securities exchanges, Central Counterparty Clearing Houses (CCP's), upstream paying agents, registers of swaps or transactions as well as clearing houses and clearing or settlement systems as well as specialized payment providers or payment institutions, such as SWIFT);
Parties who participate in a transaction (e.g., payees, beneficiaries, authorized signatories on an account, intermediaries) or assume a risk in the course of or in connection with the transaction (e.g., an insurer);
If you have a payment card with us, the relevant card organisation (Visa, MasterCard, Diners Club) and the acquiring companies that have agreements with individual merchants for purposes of acceptance of those cards;
Other financial institutions, credit or business rating agencies (for the purpose of procuring or distributing credit reference information and credit checks).
4.3 Service providers
Your data may also be received for the above-mentioned purposes by the service providers or subcontractors we hire if they enter into appropriate confidentiality agreements. Such businesses include providers of banking services (incl. investment services), IT services (including hosting service providers as well as providers of cloud services), logistics, printing, telecommunications, debt collection (this includes the engagement of debt collection companies domiciled in Switzerland or abroad), payment transactions, credit rating agencies, advice and consulting, as well as sales and marketing. In such situations, we protect your personal data in such a way as to ensure that the subcontractor complies with our data security standards.
4.4 Government authorities or regulatory authorities
If necessary, we also disclose personal data to government authorities, regulatory authorities or government agencies (e.g., Swiss National Bank, FINMA, criminal prosecution authorities), including when so required by laws or regulations or other rules of conduct, or when disclosure is demanded by such authorities or agencies.
4.5 Other cases
In the case of a sale of all or part of our business to another company or in case of the restructuring of our business, personal data will be shared to make it possible for you to continue using the relevant products and services. We usually give personal data to potential purchasers, too, if we are considering a full or partial sale or full or partial spin-off of a business unit. We take precautions to ensure that such potential purchasers will see to the security of the data.
We shall disclose personal data to the extent necessary for the exercise or enforcement of legal rights, including the rights of ourselves and of our employees and other rights-holders, or to the extent necessary in responding to inquiries by individuals or their representatives who wish to enforce their own rights or those of others.