Our Services

  • About Us
  • Contact Us

Data Protection Policy

PDF

The website bitcoinsuisse.com is produced and published by Bitcoin Suisse AG, Grafenauweg 12, 6300 Zug, Switzerland ("Bitcoin Suisse", "we", "us") registered in the Commercial Register of the Canton of Zug under No. CHE-472.481.853.

We are therefore responsible for the collection, processing and use of your personal data in accordance with the law. We take data protection very seriously and are committed to the protection of your personal data. Consequently, we comply with the applicable data protection laws of Switzerland and the European Union (in particular the General Data Protection Regulation, GDPR).

We would like to inform you below about how we handle your personal data. Please be aware that the following information may be reviewed and amended from time to time. We therefore recommend that you consult this Data Protection Policy on a regular basis.

1.     Extent and purpose of the collection, processing and use of personal data

a.     When visiting our website

When you visit our website, our servers temporarily store each access in a log file. The following data is collected and stored, without any action on your side, until it is automatically deleted after 12 months:

  • the IP address of the requesting computer,
  • date and time of access,
  • name and URL of the data accessed,
  • the website from which access is made to our domain,
  • your computer's operating system and the browser you use,
  • the country from which access to our website is made,
  • the Status-Code, and
  • the name of your Internet provider.

This data is collected and processed for the purpose of allowing the use of our website (establishing a connection), ensuring system security and stability in the long term, and allowing the optimization of our Internet offering as well as for internal statistical purposes.

The aforementioned information is not linked to or stored with any personal data. Only in the event of an attack on the website's network infrastructure or where unauthorized or abusive use of the website is suspected will the IP address be evaluated for clarification and defensive purposes and, where necessary, used within the framework of criminal proceedings for identification and to bring legal action against the users concerned under civil and criminal law.

We rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR to process the data for these purposes.

b.    When using the contact form for general inquiries

In order to get in touch with us using the form, it is essential that you enter the following personal data truthfully:

  • Name*,
  • E-mail address* and
  • Message*.

Personal data marked with* must be provided truthfully and mandatorily.

We use this data in order to be able to process your contact request, in particular to answer to your questions or to provide the required services and, if necessary, to contact you by E-mail.

We rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR to process your above data for the mentioned purposes. You can object to this data processing at any time (see "Contact" Section 12).

c.     When using the contact form for brokerage inquiries

In order to get in touch with us using the form, it is essential that you enter the following personal data truthfully:

  • Company Name*,
  • First and Last Name*,
  • E-mail address*,
  • Phone Number,
  • Additional Information and
  • Language*.

Personal data marked with* must be provided truthfully and mandatorily.

We use this data in order to be able to process your contact request, in particular to answer to your questions or to provide the required services and, if necessary, to contact you by E-mail.

We rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR to process your above data for the mentioned purposes. You can object to this data processing at any time (see "Contact" Section 12).

d.    When you contact us via E-mail

You may contact us by using the E-mail address info@bitcoinsuisse.com. In this case we collect the personal data you provide us. We need this information to process your contact request. You are responsible for any communications or content you transmit to us. We recommend that you do not transmit sensitive information via E-mail. Personal data is only collected if you voluntarily provide it to us. It is therefore up to you what information you provide us with. In order to be able to answer your contact inquiries, we may require additional information from you, e.g. your address, your telephone number, etc.

We will only collect personal data from you if required to process and answer your enquiry or to deliver the services you request.

We rely on our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR to process your above data for the mentioned purposes. You can object to this data processing at any time (see "Contact" Section 12).

e.     When you contact us through the "Chat”

You may contact us through the chat on our website. In this case, we collect the personal data you provide us. We need this information to process your chat request. You are responsible for any communications or content you transmit to us. We recommend that you do not transmit sensitive information via the chat. Personal data is only collected if you voluntarily provide it to us. It is therefore up to you what information you provide us with. In order to be able to answer, we may require additional information from you, e.g. your address, your telephone number, etc. We will only collect personal data from you if required to process and answer your enquiry or to deliver the services you request.

We use the Zendesk chat system. Zendesk is a customer service platform of the company Zendesk Inc., 989 Market Street 300, San Francisco, CA 94102, US. For more information about Zendesk's data processing, please refer to the Zendesk Privacy Policy.

The legal basis for our processing of your request for contact exists within the meaning of Art. 6 para. 1 lit. f GDPR and therefore lies in our legitimate interest in providing you the best service when inquiring information and/or asking for support. You can object to this data processing at any time (see "Contact" Section 12).

f.      When you register to become a client

In order to benefit from our financial services, you can register as a client (either as a private individual or a corporate client).

When you contact us to register as a new corporate client, we collect the following data:

  • Company Name*,
  • Name (First and Last Name)*,
  • E-mail address*,
  • Phone Number*,
  • Additional information you want to provide us with, e.g. desired asset allocations
  • Language*.

When you contact us to register as a new private individual client, we only collect your E-mail address*.

Personal data marked with* must be provided truthfully and mandatorily.

We use this data to enable you to use our financial services and to get in contact with you. We collect these data to fulfil our pre-contractual and contractual obligations within the meaning of Art. 6 para. 1 lit. b GDPR.

g.     When you use Google Authenticator and reCAPTCHA

We use Google Authenticator and reCAPTCHA, as services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, in order to make the registration process as save as possible and protect our website from spam software and abuse by bots. When using the Google Authenticator the following data will be collected:

  • The E-mail address you register with and
  • The Referrer URL (the previously visited page).

The data will be transmitted to and stored on a Google server in the United States (see Section 5) for information about data transfers to the USA). Further information can be found on the Google website: https://policies.google.com/privacy

The legal basis for processing the data lies in our legitimate interest in ensuring the security of the website within the meaning of Art. 6 para. 1 lit. f GDPR. You can object to this data processing at any time (see "Contact" Section 12). This would however, result in a revocation of the account.

h.    When you register for the Bitcoin Suisse Online Platform

To use our online financial services, you can open a client account. When registering a new client account, we collect the following data:

  • Title,
  • Name (First Name and Surname)*,
  • Birthday* (day/month/year),
  • Nationality*,
  • E-mail address*,
  • Phone Number*,
  • Street*,
  • Zip Code*,
  • City*,
  • State,
  • Country*,
  • Citizenship*,
  • Regulatory Requirements (in particular KYC and AML requirements)*,
  • Photo of international passport or European ID (incl. document number, expiration date (month/year) and issuing country of your government ID)*,
  • Photo of you and your document of identification*,
  • Proof of residency, no older than 6 months (e.g. utility bill, bank statement etc.)*,
  • Name of your notary public*,
  • Your profession and industry/sector*,
  • Purpose of business relationship*,
  • Expected trading volume*,
  • Annual income*,
  • Type of income assets*,
  • Origin of funds used in business relationship with Bitcoin Suisse*,
  • Your wallet ID*.

Personal data marked with* must be provided truthfully and mandatorily.

We use this data to establish your account and to enable you to use our financial services. Furthermore, we collect this data to comply with our legal obligations. We collect these data to fulfil our pre-contractual and contractual obligations within the meaning of Art. 6 para. 1 lit. b GDPR and to comply with legal obligations to which we are subject to (Art. 6 para. 1 lit. c GDPR).

i.      When you apply for Token and Coin Offerings

When you apply for our advice on Token and Coin Offerings, we process the data listed in the relating type form. We collect these data to fulfil our pre-contractual and contractual obligations within the meaning of Art. 6 para. 1 lit. b GDPR and to comply with legal obligations to which we are subject to (Art. 6 para. 1 lit. c GDPR).

j.      When you apply for an open job position

We use Prescreen, an online application process provided by Prescreen International GmbH, Mariahilfer Strasse 17, 1060 Vienna, Austria, in order to make the application process as save and easy as possible. When using the application, the provider will collect the data you provide for the purpose of examining your job application on behalf of us. The provider's privacy policy can be found at the beginning of the application process.

If you do not explicitly consent to the further processing, the data is deleted after the respective application process. We rely on your issued consent within the meaning of Art. 6 para. 1 lit. a GDPR. You may withdraw your consent at any time (See "Contact" Section}.

k.    When using Vimeo

We use Vimeo to display videos on our website or for event participation. Vimeo is provided by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. Vimeo is a video platform provider which we use on our website and makes it easier for you to access interesting content for educational and information purposes.

When opening a Vimeo video on our website your browser connects to the Vimeo servers. Whereas this causes a transfer of data. Vimeo collects the following data, independent whether you have a Vimeo account or not:

  • IP address
  • Browser information
  • Operating system
  • Session activities
  • URL which lead to our website

If you access a video or a link while logged in to your Vimeo account, the contents of our page may be linked to your Vimeo account, which means that the network can link your visit to our website directly to your Vimeo user account. If you want to prevent this, you should log out before clicking on the relevant video/links. An assignment takes place in any case, if you log into the relevant network after clicking on the link.

For more information about Vimeo's data processing, please refer to the Vimeo Privacy Policy.

The legal basis for the aforementioned data processing lies in our legitimate interest according to Art. 6 para. 1 lit. f GDPR to make our services more user friendly and to optimize them or in the consent you have given when entering a Vimeo event in the meaning of Art. 6 para. 1 lit. a GDPR respectively. You can object to the processing at any time (see Section 12).

2.     Tracking Tools and re-targeting

a.     Facebook Pixel

We use Facebook Pixel. Facebook Pixel is an analytics tool offered by Facebook that allows us to measure the effectiveness of our advertising by understanding the actions users take on our website.

Facebook Connect is a service provided by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are an EU resident, Facebook Ireland, Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data will be transmitted to and stored on a Facebook server in the United States or Ireland (see Section 5) for information about data transfers to the USA).

Visit the Facebook website to find out more about the re-targeting tool we use. You can refuse this form of advertising by adjusting your browser settings here.

The legal basis for the aforementioned data processing lies in the consent you have given us via cookie-banner within the meaning of Art. 6 para. 1 lit. a GDPR. You can object to the processing at any time (see Section 12).

b.    Google Analytics

We use Google Analytics by Google LLC. Google Analytics is a web analytics service that analyses the user behaviour on our website and mobile app and helps us make appropriate performance optimisations.

  • Google Analytics obtains and processes the following data:
  • Anonymized IP address and location (city and country)
  • Our websites, you are visiting
  • Browser information
  • Session duration, actions, frequency and recency
  • Language settings
  • User ID
  • Aggregated data if Ads Personalization turned on

To collect this data when you use a web browser, Google Analytics stores a Cookie in your device via your internet browser. However we use Google Analytics with the anonymization function, which shortens your IP address by two bytes and a salt of at least 8 characters, making it impossible to assign it to you or to the internet connection you are using. This data will be stored for 14 months.

When using our mobile app local storage of the above mentioned information in the browser occurs. The data serves as the basis for statistical, anonymous evaluations, so that trends can be identified, which can be used to improve our services accordingly. The user can deactivate the use of Google Analytics at any time in the app.

Further information about the web-analysis services can be found in Google Analytics' data privacy policy.

The legal basis for the aforementioned data processing lies in the consent you have given us via cookie-banner within the meaning of Art. 6 para. 1 lit. a GDPR respectively our legitimate interest according to Art. 6 para. 1 lit. f GDPR to make our services more user friendly and to optimize them. You can object to the processing at any time (see Section 12).

3.     Disclosure of personal data to third parties

We will only transfer your personal data to third parties if you have given us your explicit consent, if there is a legal obligation to do so, or if it is necessary for the enforcement of our rights.

In addition, we will disclose your personal information to third parties as far as it is necessary for the use of the website, the processing of your contact requests and the providing of any services you requested. The use of this data by third parties is strictly limited to the mentioned purposes.

Several service providers to whom your personal data is forwarded, are already mentioned above. Another service provider to whom personal data collected on the website is forwarded, or who has or could have access to said data, is our website hosting company. The website is hosted on servers based in Switzerland and Ireland (operated by Microsoft Ireland Operations Limited, Ireland, Flow Swiss AG, Switzerland and Secustor, Germany). The data is shared for the purpose of providing and maintaining the functionalities of our website.

4.     Transmission of personal data abroad

We are entitled to transfer your data to third-party companies located abroad to the extent this is required in connection with the processing described in this Data Protection Policy. Any such third-party companies are obliged to respect the privacy of users to the same extent as the provider itself. If the level of data protection in a country does not correspond to the Swiss or European level, we will ensure, by means of a contract (Standard Contractual Clauses, SCCs), based on a adequacy decision in the meaning of Art. 45 GDPR or upon your explicit consent in the meaning of Art. 49 para. 1 lit. a GDPR, that the protection of your personal data corresponds to that in Switzerland or the EU at all times.

5.     Information on data transfers to the USA

For the sake of completeness, we would like to point out that under US law, the US authorities may carry out surveillance measures that allow the general storage of all data transferred from the European Union and Switzerland to the USA. This is done without distinction, restriction or exemption on the basis of the objective pursued and without objective criteria that would make it possible to restrict the US authorities' access to personal data and its subsequent use for specific, strictly limited purposes that would justify access to that data.

We wish to point out to users with domicile in a Member State of the EU or the EEA or Switzerland that the USA does not have a sufficient level of data protection from the perspective of the European Union and Switzerland - among other things due to the topics mentioned in this section. To the extent we have explained in this privacy statement that recipients of data (such as Google) have its registered office in the USA, we will ensure by contractual regulations (Standard Contractual Clauses) with these companies that your data is protected by our partners at an appropriate level.

6.     Cookies

In many respects, cookies help to make the visit of our website easier, more pleasant and more useful. Cookies are information files stored automatically by your browser on the hard disk of your computer when you visit our website. Cookies neither damage the hard disk of your computer nor do they transmit your personal data to us.

Most Internet browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or a notice always appears when you receive a new cookie. The following pages explain how to configure the processing of cookies for the most common browsers:

  • Microsoft Windows Internet Explorer
  • Mozilla Firefox
  • Google Chrome for Desktop
  • Google Chrome for Mobile
  • Apple Safari for Desktop
  • Opera for Desktop

In addition to your browser settings, you have the option of selecting or deselecting the analytical cookies in the cookie-banner. The cookie-banner appears upon your visit on our website.

Please note that deactivating cookies may prevent you from using all the features of our website.

The legal basis for processing the data for the above purposes lies in the consent you have given us via the cookie banner within the meaning of Art. 6 para. 1 lit. a GDPR or respectively in our legitimate interest in ensuring the functionality and optimization of the website (Art. 6 para. 1 lit. f GDPR). You can object to the processing at any time (see Section 12).

7.     Offline processing of customer data

We collect data about our customers (corporate as well as private individuals). Customer data may be collected offline. In particular, in case of corporate clients, we collect the contact details of the contact persons of our customers. We collect the following data of corporate and/or private individuals:

  • company name,
  • company address, postcode, town/city,
  • contact (name of contact person and business telephone number, copy of passport),
  • history of customer relationship (in particular KYC-information),
  • contract conditions,
  • Standardized Forms to ensure compliance with KYC/AML requirements
  • (Art. 6 para. 1 Anti-Money Laundering Act, AMLA),
  • Form 1A, Business profile (Art. 6 para. 1 AMLA),
  • Google inquiries,
  • commercial register extracts
  • further information collected via public sources.

The customer data is either stored on paper or in digital form in our CRM system, which runs on our own servers based in Switzerland and Ireland.

The data stored in the CRM system is generally used to manage the customer relationship, for the customer history, for billing of operational services, for altering customers in the event of technical problems or necessary technical adjustments, and in some cases also for inviting customers to technical occasions of events.

The legal basis for the processing of your data for these purposes lies in the fulfilment of a contract according to Art. 6 para. 1 lit. b GDPR and to comply with legal obligations to which we are subject to (Art. 6 para. 1 lit. c GDPR).

8.     Social Media Links

On our website, we have incorporated links to our social media profile on the following social networks:

  • Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, if you are a resident in the EU or EEA or Switzerland, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland,
  • Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA and
  • Linkedln Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

If you click on the relevant social network icon, you will be automatically redirected to our profile on the relevant network. In order to use the functions of the relevant network, you must partially log in to your user account for the relevant network.

Furthermore, we have incorporated a link to You Tube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, where you can find more information on Bitcoin Suisse.

When you open a link to our social media profile or YouTube, a direct connection is established between your browser and the server of the relevant social network. This gives the network the information that you have visited our website with your IP address and accessed the link. If you access a link to a network while logged in to your account on the relevant network, the contents of our page may be linked to your profile in the network, which means that the network can link your visit to our website directly to your user account. If you want to prevent this, you should log out before clicking on the relevant links. An assignment takes place in any case, if you log into the relevant network after clicking on the link.

9.     Information, deletion, revocation, correction, limitation of processing and data transferability rights, right to complain to a supervisory authority

You can object to data processing at any time. You also have the following rights:

Information right: You have the right at any time to request access to your personal data stored by us. This gives you the opportunity to check which personal data we process about you and that we use it in accordance with applicable data protection regulations.

Correction right: You have the right to have inaccurate or incomplete personal data corrected and to be informed of the correction. We will inform each recipient to whom the personal data have been disclosed of the adjustments made to any incorrect data, unless such notification is impossible or involves a disproportionate effort.

Deletion right: You have the right to require us to delete your personal data, as long as there is no legal basis that allows us to further process such data.

Right to limitation of processing: You have the right, under certain conditions, to request the processing of your personal data to be restricted.

Data portability rights: Under certain circumstances you have the right to receive from us the personal data that you have provided to us, free of charge and in a readable format.

Right to complain: If you are resident of an EU or EEA member country, you have the right to lodge a complaint with a competent supervisory authority against the way in which your personal data is processed at any time.

Right of revocation: You can withdraw your consent to certain data processing at any time, with effect for the future.

Right to object: You can object to certain data processing at any time.

10.  Data retention

We only store personal data for as long as is necessary to carry out the above tracking services and further processing in the context of our legitimate interest. We keep contract data for longer, as this is required by legal storage obligations. Obligations to store data, which oblige us to store data, result in particular from accounting and tax regulations. According to these regulations, business communication, concluded contracts and accounting documents must be stored for up to 10 years. If we no longer need this data to perform the services for you, the data will be archived. This means that the data may then only be used for accounting and tax purposes and deleted after the statutory retention period.

11.  Data security

We take all the reasonable technical and organizational security measures that we deem appropriate in order to protect your stored data against manipulation, loss, or unauthorized third-party access. Our security measures are continually adapted to technological developments.

We also take internal data privacy very seriously. Our employees and the service providers are required to maintain secrecy and to comply with applicable data protection legislation. In addition, they are granted access to personal data only insofar as this is necessary for them to carry out their respective tasks or mandate.

12.  Contact

If you have any questions on data protection on our website, would like more information or would like to arrange for your data to be deleted, please get in touch with us by sending an E-mail to dataprotection@bitcoinsuisse.com.

If you are an EU or EEA resident, you also may contact our EU-Data Protection Representative BWB Rechtsanwalte AG based in Liechtenstein, by sending an E-Mail to philipp.mittelberger@bwb.li.

Last update: January 2023

Bitcoin Suisse AG Grafenauweg 12 6300 Zug Switzerland

Our Services

  • For Individuals

  • For Corporations

  • For Financial Service Providers

  • For Crypto Foundations & Firms

  • For Funds

  • API

  • Invest

  • STOXX® Digital Asset Blue Chip Index

  • Bitcoin Suisse App

  • Bitcoin Suisse Online

  • CryptoFranc (XCHF)

Bitcoin Suisse

  • About Us

  • Our Team

  • Investor Relations

  • Media Relations

  • Company News

  • Career

Info

  • Impressum

  • Legal Notice

  • Security at Bitcoin Suisse

  • Privacy Settings

Support

  • Support Center

  • Contact Us

Client Area

  • Log in

Copyright © Bitcoin Suisse – 2025

    Our Services
    See options...
  • Language

    English

  • Theme
Become a Client
Cookie Disclaimer

This website uses cookies. Some cookies are necessary and enable core functionalities such as security, network management and accessibility. We also set analytics cookies to help us improve our website by collecting and reporting information on how you use it. Below you find your options for your cookie settings. For more information on how these cookies work please see our Privacy Notice.