Customer Information on Data Protection

Who does this information on data protection apply to?

This information on data protection (the "Information") is directed at customers and partners (within the framework of this information jointly referred to as “customers”) of the Business Units Cards and Payments. This Information thus applies to recipients who are customers of one or several of the following legal entities of SIX Group Ltd ("SIX Group"):

SIX Payments Services Ltd
SIX Payment Ltd
SIX Payment Services (Europe) S.A.
SIX Payment Services (Germany) GmbH
SIX Payment Services (Europe) S.A., Austrian branch

The legal entities of the SIX Group above will be referred to in the following individually as "SIX Company" or jointly as "SIX Companies" unless certain statements apply solely to (a) specific legal entity/ies. In such cases, the SIX Company in question will be referred to by name.

What is the aim of the Information?

This Information is aimed to notify customers about:

which personal data ("Data") made available by customers is being processed by SIX Companies,
for what purpose and on what basis SIX Companies are doing this,
how and how long Data is processed,
what data protection rights customers have vis-à-vis SIX Companies, and
the unit responsible for the Data processing within a SIX Company and whom customers can contact in case of questions.

What Data is processed by SIX Companies?

SIX Companies process Data that is transferred or made available to them by the customer for the purpose of contract execution within the framework of business relationships. This applies to details about contact persons such as their names, e-mail addresses or business telephone numbers.

By disclosing the above Data to the SIX Company, the customer confirms to have notified the natural persons in question (employees, agents, etc.) whose Data he/she is disclosing to the SIX Company about the transfer of Data to the SIX Company.

If the customer uses online services of the SIX Companies, the Privacy Statement of SIX shall be consulted.

Do SIX Companies process other Data?

In the context of fulfilling their obligations to prevent money laundering and terrorist financing, SIX Payment Services (Europe) S.A. und SIX Payment Services (Europe) S.A., Austrian branch are obligated by applicable Money Laundering Act regulations to collect and keep specific documents and information of persons. For this reason, SIX Payment Services (Europe) S.A. and SIX Payment Services (Europe) S.A., Austrian branch shall, among other things, determine and check the identity of customers, beneficial owners of customers or any trustors of the customers, assess the purpose pursued by the customer and the nature of the business relationship to which the customer aspires, gather and check information on the origin of deployed resources, as well as con-tinuously monitor the business relationship and transactions carried out within its framework. SIX Payment Services (Europe) S.A. und SIX Payment Services (Europe) S.A., Austrian branch must in particular keep copies of the documents and information received, which are required for fulfilling the described duty of care as well as transaction receipts and records required for the identification of transactions.

For what purpose do SIX Companies process the Data?

The Data is processed by SIX Companies exclusively for the purpose of executing contracts with customers. The specific use of the Data depends on the contract concluded between the customer and a SIX Company. The SIX Companies particularly require the Data for:

generally maintaining the customer relationship;
provide services that they are contractually obliged to provide;
sending products and information that they are contractually obliged to provide;
billing purposes;
reimbursement purposes;
processing objections or complaints made by the customer;
providing the customer with information about changes and developments of products and services.
dispatch of newsletters
voice recording

Under no circumstances do SIX Companies process the Data outside of their contractual relationships with customers.

What justification does a SIX Company provide for its processing of the Data? Is the Data also passed onto third parties?

All SIX Companies are directly or indirectly wholly owned subsidiaries of SIX Group. SIX Companies can outsource all or some of the processing of the Data and other services to SIX Group or other subsidiaries (incl. SIX Companies) of SIX Group and to external third parties in Switzerland and abroad.

If Data is transmitted to SIX Group, subsidiaries of SIX Group or external third parties as part of such outsourcing, the outsourcing SIX Company obligates the recipient in advance to wholly guarantee compliance with the existing confidentiality and data protection obligations of the outsourcing SIX Company.

Each SIX Company reserves the right to disclose personal Data to the authorities and/or third parties in Switzerland or abroad if the SIX Company is obliged to make such disclosure by the applicable legal provisions.

Do SIX Companies also transfer Data to countries outside the EU, EEA or Switzerland?

As part of the execution of their contracts with customers, SIX Companies may cooperate with third parties (e.g. suppliers) that provide some of their services or produce some of their products outside the EU, EEA or Switzerland.

If such third parties could obtain access to Data as part of the execution of the contract, a respective SIX Company and the third party provider will enter into a written agreement ensuring data protection equivalent to the data protection level required by EU and Swiss data protection regulation. Upon request, customers may view contractual arrangements (excerpts) a SIX Company has implemented with third parties that actually process such customer’s Data.

How long is the Data processed or stored by SIX Companies? What rights do affected natural persons (“Data Subjects”) have whose Data are being processed by SIX Companies as part of their business relationship with customers?

Data Subjects are entitled to the following rights concerning Data about the Data Subject:

to receive information on whether and which Data a SIX Company may save or store (categories of Data, recipients or categories of recipients, storage duration, or criteria governing such duration);
to obtain a copy of Data processed by SIX Companies;
to request the rectification of Data if it is incorrect;
to request the deletion of Data;
to request restrictions on the processing of Data;
to receive Data in a structured, accessible and machine-readable format;
to submit an objection to processing of Data, especially for the purpose of direct advertising.

The rights specified above may be denied or restricted if the interests, rights and freedoms of third parties prevail or if processing of Data is necessary to establish, exercise or defend any legal claims of SIX Companies.

Do the SIX Companies have data protection officers?

Yes. All questions concerning data protection and the rights of individuals affected can be directed to SIX’s data protection officers (DPOs) at the following contact addresses:

SIX
Compliance
Hardturmstrasse 201
8005 Zurich
Switzerland

For SIX Payment Services Ltd and SIX Payment Ltd: dataprotection.switzerland@six-payment-services.com
For SIX Payment Services (Europe) S.A.: dataprotection.europe@six-payment-services.com
For SIX Payment Services (Germany) GmbH: dataprotection.germany@six-payment-services.com
For SIX Payment Services (Europe) S.A., Austrian branch: dataprotection.austria@six-payment-services.com

Who is responsible for the processing of Data at the respective SIX Companies?

For individual SIX companies, the following entities and/or departments are responsible for handling queries related to data processing:

SIX Payment Services Ltd
Global Data Protection Support
Hardturmstrasse 201
8005 Zurich
Switzerland
dataprotection.switzerland@six-payment-services.com

SIX Payment Ltd
Global Data Protection Support
Hardturmstrasse 201
8005 Zurich
Switzerland
dataprotection.switzerland@six-payment-services.com

SIX Payment Services (Europe) S.A.
Global Data Protection Support
10, rue Gabriel Lippmann
5365 Munsbach
Luxemburg
dataprotection.europe@six-payment-services.com

SIX Payment Services (Germany) GmbH
Global Data Protection Support
Langenhorner Chaussee 92-94
22415 Hamburg
Germany
dataprotection.germany@six-payment-services.com

SIX Payment Services (Europe) S.A.
Austrian branch
Global Data Protection Support
Marxergasse 1B
1030 Vienna
Austria
dataprotection.austria@six-payment-services.com

^{In the event of a discrepancy between the German version and a translation, the German version shall prevail.}

Current Privacy Statement of SIX

myPayments

Gift cards

Information Exchange (iEx)

Follow us

Customer Information on Data Protection

Follow us