This Privacy Statement explains how SIX Digital Exchange AG and SDX Trading AG (hereinafter collectively “SDX”) collect, use and disclose (hereinafter referred to together as “processes”) personal user data (hereinafter “Personal Data”) of visitors to this website (hereinafter “User”), and the means by which this is done. This Privacy Statement also describes how SDX safeguards the confidentiality of the Personal Data processed.
The User agrees to SDX processing Personal Data in accordance with the Privacy Statement. Legal or contractual duties to maintain confidentiality to which SDX is subject in relation to the User’s Personal Data are not affected by this Privacy Statement.
SDX may amend the Privacy Statement unilaterally at any time. The most recent version is published online by SDX.
The activity of SDX as a member of SIX Group, who is an infrastructure provider for securities, payments and financial information, requires us to obtain and process a large amount of data. Thus, data protection is a central issue for us. The basic principle is that wherever data is processed, a high level of data protection and security must be guaranteed. This applies to data from customers and business partners as well as to employee data. Because privacy is above all protection of the person. That is why we attribute such a high priority to compliance with the applicable laws and to protecting privacy and the private sphere of affected persons in order to adhere to national and international legal requirements.
SDX processes Personal Data about the User if the latter visits websites of SDX, applies for or uses products or services offered by SDX online; this includes, in particular, registration for specific services or web content only accessible by means of a personal login and subscriptions to print media or online newsletters, obtains, installs and/or uses apps of SDX from the relevant app stores, or takes part in a competition or survey.
In selected cases, Personal Data is processed if SDX records telephone calls with Users, whether this be to meet its own legal obligations or for training or quality assurance purposes.
SDX processes the personal data (such as name, gender, address, e-mail address, telephone and fax number) that the user expressly and actively makes available to SDX. This also applies if the user takes part in events of SDX (online or in person). The web server of SDX automatically records details of the user’s visit (such as IP address, browser type and version, operating system used, originating website, pages accessed, date, length of visit).
By processing Personal Data according to this Privacy Statement, SDX is able to improve the quality of its products and services.
Personal Data is processed for the following purposes in particular:
SDX processes your Personal Data according to the applicable laws. Depending on the processing purpose, the legal basis for the processing of the User’s Personal Data will be one of the following:
(a) necessary for the legitimate interests of SDX, without unduly affecting your interests or fundamental rights and freedoms,
(b) necessary for taking steps to enter into or executing a contract with the User for the services or products requested or for carrying out our obligations under such a contract,
(c) User’s consent.
Examples of the ‘legitimate interests of SDX’ referred to above are:
In each case provided such interests are not overridden by the User’s privacy interests.
The User authorizes SDX to transmit Personal Data to other entities of SIX Group, employees, agents or other third parties within or outside the country where the User lives in order to provide services and for the purposes indicated above. Employees, agents and other third parties which have access to Personal Data are required by SDX to ensure compliance with all applicable data protection provisions. Any person who authorizes SDX to access their Personal Data as defined in this Privacy Statement will be made aware of the data security and data protection implications. When Personal Data of the User are transferred to other countries, SDX will ensure data protection by granting the protection level required by the applicable law, e.g. by adopting EU Standard Contractual Clauses (SCC) or similar safeguards.
SDX reserves the right to disclose Personal Data to regulatory and supervisory authorities, as well as, pursuant to this Privacy Statement, to Analysis Service Providers. In so doing, SDX will comply at all times with applicable regulations, laws, court orders or official requests.
SDX protects Personal Data with appropriate physical, electronic and process-related security measures, such as firewalls, personal passwords, encoding and authentication technologies. Personal Data collected via a website owned by SDX will be encrypted during transmission using SSL Secure Sockets Layer (SSL) technology, which currently provides the best-available security for data transfers.
Users whose Personal Data are processed within the scope of this Privacy Statement have the following rights:
The rights specified above may be denied or restricted if the interests, rights and freedoms of third parties take precedence or if processing is necessary to establish, exercise or defend legal claims of SDX.
Queries in relation to processing Personal Data are to be directed to the Data Protection Officer of SIX Group:
SIX Group Services Ltd.
Data Protection Officer
SDX will only retain your Personal Data for as long as necessary to fulfil the purpose for which they were collected or to comply with legal or regulatory requirements.
The websites of SDX may contain hyperlinks to other websites which are not operated or monitored by SDX. Third-party websites are not subject to this Privacy Statement. SDX is not responsible for their content or how they handle Personal Data.
Functions (plugins) of third-party providers or social media platforms (LinkedIn, Facebook, Twitter, Google+, etc.) are embedded into the websites of SDX. These plugins enable the User to share content on the social networks mentioned. The interfaces are deactivated by default when the website is accessed. This means that no Personal Data is transmitted to the respective third-party providers without intervention on the part of the User. Once the User has activated the interfaces, data (incl. also Personal Data) is automatically transmitted to the relevant third-party providers by the plug-ins. If the User is simultaneously logged in to the network of the respective third-party provider when they visit the website, the third-party provider can assign the visit to the User’s network account. SDX has no influence on this. The purpose and scope of such a form of data collection and the further processing and usage of Personal Data are outlined in the data protection guidelines of the individual social networks. Users can also obtain information there on rights and settings options in relation to protecting their privacy.
SIX Digital Exchange AG
Anyone affected by the processing of Personal Data can withdraw their consent to this effect at any time. This must be done in writing or by e-mail to the Data Protection Officer of SIX (contact see above).
Cookies particularly serve the following purposes:
The User can control cookie specifications via their browser settings. The relevant browser options and instructions on use can generally be found in the browser manual or help file. If the User rejects, blocks or deactivates cookies, this may restrict the availability of the services offered via the website. In addition, parts of the website may not work correctly under certain circumstances.
SDX analyses how its websites are used with the help of third-party analysis tools, such as Google Analytics (hereinafter «Analysis Service Providers»). SDX assumes no responsibility or liability for any data processed by Analysis Service Providers.
SDX may use customized electronic marketing technology based on “tracking pixels” provided by LinkedIn, Facebook, Twitter, and Google. A tracking pixel collects information from the header of a webpage, such as a visitor’s IP address or browser, which is forwarded to an advertiser (Facebook, Google, etc.) for the purpose of providing advertising to its customers that is based on their personal interests. SDX may use tracking pixels to investigate the effectiveness of advertising for statistical and market research purposes. The data that is collected cannot be used to identify the User as it is anonymous. However, above advertisers do store and process this data. More information on how they process data can be found in the privacy policies of LinkedIn, Facebook, Twitter, and Google.
Last updated on: 07. April 2021