Privacy Policy

Gentian Investments AG (“Gentian”) provides this Data Protection Declaration to inform you of our policies and procedures regarding the collection, use, protection and disclosure of personal information received from your use of this website

1. General notes

This Data Protection Declaration (https://gentian.investments/privacy-policy) applies to the usage of our website only. Gentian cares about your privacy. We respect your identity and privacy and ensure that they are protected and that your personal data is processed in accordance with the applicable laws.

This Data Protection Declaration is to help you understand what data we collect, why we collect it, and what we do with it. It is important that you take time to read it carefully.

When we refer to the processing of your personal data in this Data Protection Declaration, we mean all the ways in which your personal data is handled. This includes data storage, processing, use, deletion, etc.

The provisions related to GDPR apply only to cases, which are subject to GDPR.

2. Responsibility

Gentian is responsible for processing your data on this website.

If you have any concerns or questions regarding our Data Protection Declaration or have questions about how we process your personal data or you would like us to remove your personal data held by Gentian, you may contact us via our e-mail address below. The same applies if you want to access your personal data or want to have them corrected, blocked or removed. We will use all reasonable efforts to comply with your request.

This Data Protection Declaration applies to the processing of data by:

Gentian Investments AG

Seestrasse 139

8802 Kilchberg

Switzerland

or by e-mail: contact@gentian.investments

Supervisory authority:

Eidgenössischen Öffentlichkeits- und Datenschutzbeauftragter, EDÖB
Feldeggweg 1
3003 Bern
Switzerland

https://www.edoeb.admin.ch/edoeb/de/home.html

3. Data collection on our website

3.1. Visit of the website

We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.

We process the aforementioned personal data for the purpose of:

Connection establishment of our website
Usage of our website
System security and system stability

Art. 6 Para. 1 lit. f GDPR serves as the legal basis for the aforementioned processing operations. This legal basis is used for processing operations, if processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Our legitimate interest lies in improving this website and providing our services and solutions in the digital field.

3.2 Third parties

Gentian does not transfer any personal data to third parties.

3.3 Cookies

Gentian uses cookies on this website. Cookies are small text files that your browser automatically creates and stores on your device when you visit or use our website. A cookie does not mean that we can identify you in any case.

Cookies are used to track the browsing activities (i.e. the frequency of use and the number of users) on our website. Furthermore, cookies are used to improve the security of the website and allow our web server to present you with customised web pages that make your experience with visiting the Gentian website more personal and better responding to your individual needs.

We use session cookies on our website. Session cookies are temporary cookies that remain in the cookie file of your browser until you leave our website. The session cookie will also expire if you do not access the site for a period of time.

Furthermore, we use persistent cookies to improve the user-friendliness of our website. Persistent cookies remain in the cookie file of your browser for a much longer period. This time-period will depend on the choice you make in the settings of your internet browser. Persistent cookies allow information to be passed to a web server each time someone visits the site. We use persistent cookies to remember your preferences and various settings.

You have the ability to accept or decline cookies by changing the settings in your internet browser. Please refer to your browser instructions or visit the About Cookies website https://www.aboutcookies.com/ to learn more about how to modify your browser settings. Please note that certain features of the Gentian website will not be available once cookies are disabled.

Your continued use of our website and/or your consent to this Data Protection Declaration shall be deemed your acceptance of the use of cookies and the corresponding processing, storing and using of personal data even beyond the end of the browser session. You may withdraw your consent at any time with future effect if you activate the blocking of third-party cookies in your browser settings.

3.4 Server log files

The provider of the pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:

browser type
language setting
operating system

We use this information to manage our websites efficiently, learn more about our visitors' behaviour across our websites, analyse trends and gather demographic data about our users as a whole. The information collected may be used in our marketing and advertising services and communications.

3.5 WIX services

We are using services of WIX for our online presence.

For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information provided by the providers linked below.

- WIX (WIX.COM LTD., 2601 Mission Street, San Francisco, CA, USA)

We use Adobe Analytics to safeguard our legitimate interests according to Art. 13 Abs. 1 DSG and Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in providing our services and solutions in the digital field.

5. Social Media

We maintain online presence within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services. We use plugins of those social networks and platforms on our website.

We would like to point out that user data can be processed outside the European Union. This can pose risks for users because, for example, the enforcement of users' rights could be made more difficult.

Furthermore, user data is usually processed for market research and advertising purposes. Thus, for example, user profiles can be created from the user behavior and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user's computer, in which the user's usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to these). The responsibility for the compliance of the data processing on those platforms with the respective data protection laws bears the respective social network or platform. Your use of the plugins shall be deemed your acceptance of the corresponding data processing.

For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information provided by the providers linked below.

- Crunchbase (Crunchbase Inc., 564 Market Street, Suite 700, San Francisco, CA 94104, USA)

- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)

- LinkedIn (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA/LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)

Art. 6 Para. 1 lit. f GDPR serves as the legal basis for our aforementioned processing operations. Our legitimate interest lies in advertising our services and solutions in the digital field.

6. The rights of users and data subjects

With regard to the data processing to be described in more detail below, users and data subjects have the right

to obtain from us confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
the purposes of the processing;
the categories of personal data concerned;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
the right to lodge a complaint with a supervisory authority;
where the personal data are not collected from the data subject, any available information as to their source;
the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject (Art. 15 GDPR).

Proof of identity and advance compensation for the appropriate costs is required if the request involves a disproportionate amount of effort;

to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her (Art. 16 GDPR);
to have incomplete personal data completed (Art. 16 GDPR);
to the immediate deletion of data concerning them (Art. 17 GDPR), or, alternatively, if further processing is necessary for exercising the right of freedom of expression and information, for the compliance with a legal obligation, for reasons of public interest, for the establishment, exercise or defence of legal claims, to restrict said processing per Art. 18 GDPR;
to obtain from the controller restriction of processing where one of the following applies:
the accuracy of the personal data is contested by the data subject, for a period enabling us to verify the accuracy of the personal data;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
the data subject has objected to processing pursuant to Art. 21 Para. 1 GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (Art. 20 GDPR);
to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. (Art. 7 Para. 3 GDPR).
to lodge a complaint with a supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (Art. 77 GDPR).

In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller's future processing of their data pursuant to Art. 6 Para. 1 lit. f GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

7. Data security

We use technical and organisational measures to protect our website against unauthorized use.

8. Storage period for data

We will only retain personal data for as long as necessary to fulfil the purpose for which it was collected or to comply with legal or internal policy requirements. Personal data which is not required anymore will be deleted. In any event, the personal data will be deleted after the expiration of the respective statutory retention period (5 or 10 years).

Personal data which is not required anymore and is not applicable to any statutory retention period will be deleted after the purpose or the corresponding ground for the legal basis is not applicable anymore.

9. Updates to this Data Protection Declaration

This Data Protection Declaration may be updated from time to time for any reason; each version will apply to information collected while it was in place. We will notify you of any modifications to our Data Protection Declaration by posting the new Data Protection Declaration on our website and indicating the date of the latest revision.

You are advised to consult this Data Protection Declaration regularly for any changes. The current version of the Data Protection Declaration can be found on https://gentian.investments/privacy-policy.

Last updated: Kilchberg, January 24, 2023

10. Applicable law

This Data Protection Declaration shall be governed by the substantive law of Switzerland excluding its conflict of laws provisions.

If you have any questions about this Data Protection Declaration please let us know.