Data protection policy

The controller responsible for the processing of personal data within the meaning of the Data Protection Act is::

PolyReg General Self-Regulatory Organisation
Florastrasse 44
8008 Zürich

Phone: +41 (0)43 488 52 80
Fax: +41 (0)43 488 52 88

General information

Based on Article 13 of the Federal Constitution of the Swiss Confederation and the data protection provisions of the Swiss Confederation (Data Protection Act, FADP), every person has the right to protection of their privacy as well as protection against misuse of its personal data. The operators of these pages take the protection of personal data very seriously. We treat personal data confidentially and in accordance with the legal data protection regulations as well as this data protection policy.

In cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorised access, loss, misuse or falsification.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

By using this website, you consent to the collection, processing and use of data in accordance with the following description. This website can generally be visited without registration. Data such as pages accessed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to an identified or identifiable person. Personal data, in particular name, address or e-mail address, are collected on a voluntary basis as far as possible.

Processing of personal data

Personal data is any information relating to an identified or identifiable natural person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, keeping, use, modification, disclosure, archiving, deletion or destruction of data.

Data processing is carried out in accordance with the principles of good faith and proportionality. SRO PolyReg does not process any personal data in an automated manner (no automated individual decision).

SRO PolyReg processes personal data in connection with its tasks as a recognized self-regulatory organisation under Article 24 of the Anti-Money Laundering Act (AMLA), its activities and association relationships (e.g. with third-party service providers) and training.

Purpose of processing

The main purpose of the processing of personal data by SRO PolyReg is the supervision of its affiliated members in their capacity as financial intermediaries who carry out one or more of the activities listed in Art. 2 para. 3 AMLA. In this context, SRO PolyReg processes personal data for the purpose of verifying compliance with the obligations of its members under the Anti-Money Laundering and Terrorist Financing Act, the Statutes of SRO PolyReg, the Regulations of SRO PolyReg and all other applicable directives, circulars and recommendations.

SRO PolyReg may also process personal data in order to pursue its interests as an association, to provide information via this website, to conduct training courses, to ensure the security of the information disseminated and the data processed, for administrative management and archiving purposes and to fulfill its legal obligations, the legal system and for its own judicial or extrajudicial protection.

Processing period and retention

SRO PolyReg processes personal data for the duration required for the respective purpose or purposes, in particular with regard to the fulfilment of its supervisory and training tasks as well as for the fulfilment of contractual obligations entered into or for the protection of its rights in or out of court.

In the event of longer statutory or judicial retention obligations to which SRO PolyReg is subject, the processing is carried out accordingly, but is limited to a minimum by deleting or anonymizing the data as soon as it is no longer required for the above-mentioned purposes.

Right to information and limitations

Upon presentation of proof of identity, the natural person whose personal data is processed (data subject) has the right to access, rectify or erase their personal data, including particularly sensitive personal data. This does not affect the legal obligations regarding processing and retention to which SRO PolyReg is subject.

To assert their right to information, correction or deletion, the data subject can use the contact details given above.

In principle, access to and disclosure of personal data to third parties is prohibited, unless this is necessary to fulfill the legally prescribed duties of SRO PolyReg or the disclosure has been expressly authorized by the data subject. Data may also be disclosed to third parties on the basis of an enforceable official order or a court order.

In order to fulfill the above-mentioned purposes, SRO PolyReg may disclose personal data to third parties, in particular to service providers:

  • in connection with IT, correspondence, communication or printing services, real estate management, business and accounting services, security services, cleaning and event organization;
  • to consulting services, lawyers, banks, insurance companies and telecommunications companies;
  • to providers of remote communication platforms for conducting online meetings and training sessions.

If personal data is disclosed to natural or legal persons abroad (usually service providers), they are responsible for ensuring adequate data protection.

The right to information can be denied, restricted or postponed, in particular if overriding private or public interests require this.


This website uses cookies. These are small text files that make it possible to store specific information related to the user on the user's terminal device while the user is using the website. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyse behaviour patterns of page use, but also to make our offer more customer-friendly. Cookies remain stored beyond the end of a browser session and can be retrieved when the user visits the site again. If the user does not wish this, he should set his internet browser to refuse the acceptance of cookies.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US site or the EU site Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case not all functions of this online offer can then be used.

SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that are sent to us as the site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data transmitted to us cannot be read by third parties.

Server log files

The provider of this website automatically collects and stores information in so-called server log files, which the browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

This data cannot be assigned to identified or identifiable persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. If the data controller on this website is located outside the European Economic Area or Switzerland, then the Google Analytics data processing is carried out by Google LLC. Google LLC and Google Ireland Limited are hereinafter referred to as "Google".

The statistics obtained enable us to improve our offer and make it more interesting. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under "My data", "Personal data".

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. We would like to point out that on this website Google Analytics has been extended by the code "_anonymizeIp();" in order to ensure anonymised collection of IP addresses. This means that IP addresses are processed in abbreviated form, which means that they cannot be linked to a specific person. If the data collected is related to a person, this is immediately excluded and the personal data is deleted immediately.

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating the use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield,

Google Analytics uses cookies. The information generated by the cookie about the use of this website is generally transmitted to a Google server in the USA and stored there. Use of cookies may be refused by selecting the appropriate settings on the browser, however please note that if you do this you may not be able to use the full functionality of this website anymore. In addition, the collection of data generated by the cookie and related to the use of the website (incl. the IP address) can be prevented to Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: Deactivate Google Analytics.

The use of Google Analytics can also be prevented by clicking on this link: Deactivate Google Analytics. This will save a so-called opt-out cookie on the data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your terminal device, these opt-out cookies will also be deleted, i.e. you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.

Google Tag Manager

Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus integrate e.g. Google Analytics and other Google marketing services into our online offer. The tag manager itself, which implements the tags, does not process any personal data of the users. With regard to the processing of users' personal data, please refer to the following information on Google services. Usage guidelines:


The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named rights holders. The written consent of the copyright holder must be obtained in advance for the reproduction of any files.

Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.

General disclaimer

All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and up-to-dateness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.

SRO PolyReg may change or delete texts at his own discretion and without notice and is not obliged to update the contents of this website. Use of or access to this website is at the visitor's own risk. SRO PolyReg, its principals or partners are not responsible for direct or indirect, incidental, consequential or punitive damages, allegedly caused by the use of this website and consequently assume no liability for such damages.

SRO PolyReg also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. SRO PolyReg thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.


We may amend this policy at any time without prior notice. The current version published on our website will apply. Insofar as the data protection policy is part of an agreement with the visitor or the user of this website, they will be informed of the change by e-mail or other suitable means in the event of an update.

Questions to the data protection officer

If you have any questions about data protection, please write to us by e-mail or contact the organisation mentioned above.

Becoming a member Contact