The content available on the www.iconomix.ch website and in the associated web applications is predominantly protected by copyright or other protective rights and is the sole property of the Swiss National Bank (hereinafter ‘SNB’) or other specifically named rights holders.
The information and data made available on the www.iconomix.ch website may be stored, printed, translated and transmitted for non-commercial purposes, provided that they are not altered and reference is made to the source. If the information or data are modified by users, this has to be explicitly mentioned.
If the information or data are identifiable as coming from external sources, users of such information or data are obliged to respect any existing copyrights and to obtain the corresponding rights of use from these external sources.
The SNB is the owner of the word mark and combined word and figurative mark ‘Iconomix’.
This privacy statement explains which personal data we process in connection with our activities and operations, including the iconomix.ch website. In particular, we inform you about why, how and where we process which personal data. We also inform you about the rights of persons whose data we process.
Additional privacy statements and other legal documents such as general terms and conditions, terms of use, or conditions of participation may apply to specific or supplementary activities and operations.
The SNB is responsible for processing your personal data as described in this privacy statement. If you have any questions about the processing of your data, you can contact the SNB using the details below:
Swiss National Bank
Data Protection Office
Börsenstrasse 15
P.O. Box
8022 Zurich
You can also contact the SNB’s Data Protection Officer using the above details.
Personal data are any information relating to an identified or identifiable natural person. A data subject is a person whose personal data we process.
Processing includes any handling of personal data, irrespective of the means and procedures used, e.g. consulting, aligning, adapting, archiving, keeping, retrieving, releasing, acquiring, recording, collecting, deleting, disclosing, structuring, organising, storing, modifying, disseminating, combining, destroying and using personal data.
We process personal data in accordance with Swiss data protection legislation such as, in particular, the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).
We process the personal data necessary to carry out our activities and operations in a sustainable, user-friendly, secure and reliable manner. Such personal data may in particular fall into the following categories: inventory and contact data, browser and device data, content data, metadata/marginal data and usage data, location data and sales data, as well as contract and payment data.
We process personal data for the period required for the purpose(s) in question or by law. Personal data that no longer require processing are anonymised or deleted.
We may have personal data processed by third parties. We may process personal data jointly with third parties or transmit such data to third parties. Such third parties are, in particular, specialised providers whose services we use. We also guarantee data protection when we work with such third parties.
We only process personal data with the consent of the data subject, unless the processing is permitted for other legal reasons. Processing without consent may, for example, be permissible in order to execute a contract with the data subject and for appropriate pre-contractual measures to safeguard our overriding legitimate interests; in cases where processing is obvious from the circumstances; or after having informed the data subject in advance.
In this context, we process, in particular, information that a data subject voluntarily provides to us when contacting us – for example by post, email, instant messaging, contact form, social media or telephone – or when registering for a user account. For instance, we may store such information in an address book or similar tools. If we receive data about other persons, the transmitting parties are obliged to guarantee the privacy of such persons and to ensure the accuracy of such personal data.
We also process personal data that we receive from third parties, obtain from publicly accessible sources, or collect in the course of our activities and operations, if and to the extent that such processing is permitted by law.
As a matter of principle, we process personal data in Switzerland. However, we may also disclose or export personal data to other countries, in particular in order to process such data, or have such data processed, there.
We may disclose personal data to all states and territories on earth, provided that the laws of those countries guarantee an adequate level of data protection in accordance with the decision of the Swiss Federal Council.
We may disclose personal data in countries whose laws do not guarantee adequate data protection provided that an adequate level of data protection is otherwise ensured. Adequate data protection may be ensured, for example, via suitable contractual agreements, on the basis of standard data protection clauses or via other suitable guarantees. Exceptionally, we may export personal data to countries that do not guarantee an adequate or suitable level of data protection if the specific requirements set out in data protection law – for example, the express consent of the data subjects or a direct connection with the conclusion or performance of a contract – are met. Upon request, we will be happy to provide data subjects with information about guarantees or to provide a copy of such guarantees.
We grant data subjects whose personal data we process all the rights provided for under the applicable data protection legislation. In particular, data subjects have the following rights:
We may delay, restrict or deny the exercise of the rights of data subjects to the extent permitted by law. We may inform data subjects of any conditions that may have to be met for the exercise of their rights under data protection law. For example, we may partly or completely refuse to provide information on trade secrecy grounds or in order to protect other persons. We may, for instance, also refuse to delete personal data, in whole or in part, due to statutory retention obligations.
In exceptional cases, the exercising of rights may generate costs. We inform data subjects in advance of any such costs.
We are obliged to use appropriate measures to confirm the identity of data subjects who request information or assert other rights. Data subjects are obliged to cooperate.
Data subjects are entitled to enforce their rights under data protection law through the courts or to lodge a complaint with a competent data protection supervisory authority.
The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).
We take suitable technical and organisational measures to guarantee a level of data security appropriate to the risk in question. However, we cannot guarantee absolute data security.
Our website is accessed using transport encryption (SSL/TLS, in particular with Hypertext Transfer Protocol Secure, or HTTPS). In most browsers, transport encryption is indicated by a padlock in the address bar.
We may use cookies. Cookies – both our own cookies (first-party cookies) as well as cookies from other parties whose services we use (third-party cookies) – are data stored in the browser. Such stored data need not be limited to traditional cookies in text form.
Cookies can be stored in your browser temporarily as session cookies or for a specific period as permanent cookies. Session cookies are automatically deleted when the browser is closed. Permanent cookies are stored for a specific period of time. Cookies make it possible, in particular, for your browser to recognise our website the next time you visit and thus, for example, to measure the reach of our website. Permanent cookies can also be used for online marketing, for example.
Cookies can be completely or partially deactivated and deleted at any time in your browser settings. However, without cookies, you may no longer be able to access all the features and functions of our website. We actively request your express consent for the use of cookies – if and to the extent necessary.
In the case of cookies used to measure performance and reach or for advertising, a general opt-out is possible for many services via AdChoices (Digital Advertising Alliance of Canada), the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
We may record the following information for each access to our website, provided that it is transmitted by your browser to our server infrastructure or can be determined by our web server: date and time including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system including user interface and version, browser including language and version, individual subpage of our website accessed including the amount of data transferred, and website last accessed in the same browser window (referrer).
We store such information, which may also constitute personal data, in server log files. The information is necessary in order for us to provide our website in a sustainable, user-friendly and reliable manner as well as to ensure data security and thus, in particular, the protection of personal data – including by or with the help of third parties.
We may use tracking pixels on our website. Tracking pixels are also referred to as web beacons. Tracking pixels – including those from third parties whose services we use – are small, usually invisible images that are automatically retrieved when you visit our website. Tracking pixels can be used to capture the same information as server log files.
We send notifications and messages via email and other communication channels such as instant messaging or SMS.
Notifications and messages may contain web links or tracking pixels that record whether an individual message has been opened and which web links have been clicked on. Such web links and tracking pixels may also record the use of notifications and messages in a person-related form. We need this statistical recording of use for performance and reach measurement, which in turn enables us to send notifications and messages based on the requirements and reading habits of the recipients in an effective and user-friendly as well as sustainable, secure and reliable manner.
In particular, we use:
As a matter of principle, you must expressly consent to the use of your email address and other contact addresses, unless the use is permitted for other legal reasons. Wherever possible, we use a ‘double opt-in’ procedure, i.e. you will receive an email containing a web link that you must click on to confirm, in order to prevent misuse by unauthorised third parties. We may log such consents, including IP address, date and time, for evidentiary and security purposes.
As a matter of principle, you may object to receiving notifications and messages, such as newsletters, at any time. By objecting, you can simultaneously object to the statistical recording of your usage for performance and reach measurement. However, we reserve the right to send all necessary notifications and messages in relation to our activities and operations.
We send notifications and messages with the help of specialised service providers.
In particular, we use:
We are present on social media and other online platforms in order to communicate with interested parties and inform them about our activities and operations. In connection with such platforms, personal data may also be processed outside Switzerland.
The general terms and conditions and terms of use, as well as privacy statements and other provisions of the individual operators of such platforms, also apply in each case. In particular, these provisions provide information on the rights of data subjects directly vis-à-vis the respective platform, including, for example, the right to information.
We use the services of specialised third parties in order to carry out our activities and operations in a sustainable, user-friendly, secure and reliable manner. With such services, we may, among other things, embed features and content in our website. With such embedding, the services used have to record the IP addresses of users, at least temporarily, for essential technical reasons.
For necessary security, statistical and technical purposes, third parties whose services we use may aggregate, anonymise or pseudonymise data in relation to our activities and operations. This includes, for example, performance or usage data in order to be able to offer the relevant service.
In particular, we use:
We use third-party services and plugins to embed features and content from social media platforms, and also to enable content sharing on social media platforms and via other channels.
In particular, we use:
We use services provided by specialised third parties to enable the direct playback of digital audio and video content such as music or podcasts.
In particular, we use:
We use third-party services to embed selected fonts, icons, logos and symbols in our website.
In particular, we use:
We use services and programs to determine how our online offering is used. In this context, we can, for example, measure the performance and reach of our activities and operations as well as the impact of third-party links to our website. For example, we may also test and compare how different versions of our online offering, or parts of our online offering, are used (‘A/B test’ method). Based on the results of the performance and reach measurement, we can in particular correct errors, enhance popular content or make improvements to our online offering.
When using services and programs for performance and reach measurement, the IP addresses of individual users must be stored. IP addresses are truncated (‘IP masking’) in order to observe the principle of data minimisation via appropriate pseudonymisation and thus improve data protection for users.
When using services and programs for performance and reach measurement, cookies may be used and user profiles may be created. User profiles include, for example, the pages visited or the content viewed on our website, information on the size of the screen or browser window and the – at least approximate – location. User profiles are generally created in pseudonymised form only. We do not use user profiles to identify individual users. Individual services of third parties with which users are registered may be able to assign the use of our online offering to the user account or user profile of the respective service.
We may amend or supplement this privacy statement at any time. We will inform you about any such changes and additions in an appropriate form, in particular by publishing the current privacy statement on our website.