{"id":4344,"date":"2023-02-28T12:35:46","date_gmt":"2023-02-28T11:35:46","guid":{"rendered":"http:\/\/sgr-compliance.local\/privacy-policy-for-data-subjects\/"},"modified":"2026-03-13T11:27:20","modified_gmt":"2026-03-13T10:27:20","slug":"daily-control-privacy-policy","status":"publish","type":"page","link":"https:\/\/www.dataware.link\/it\/daily-control-privacy-policy\/","title":{"rendered":"Daily Control Privacy Policy"},"content":{"rendered":"

Daily Control Privacy Policy<\/h1>\n

Dataware Intelligence SA, Switzerland (\u201cDataware\u201d, \u201cwe\u201d, \u201cus\u201d, \u201cour\u201d<\/b>) produces and maintains several databases (specific collection of data) that are archives of publicly available information ordered according to different area of interest. The contents of the databases are available only to public authorities and public or private firms under the legal obligation to carry-out anti-money laundering, anti-terrorism financing (\u201cAML\u201d<\/b> and \u201cCFT\u201d<\/b>) and Know Your Customer (\u201cKYC\u201d<\/b>) screenings. Please note that Dataware does not conduct any personal investigative or factfinding activity or give any indication, assessment or score to any record we hold. International and domestic law globally are quite clear by imposing on specific activities, such as banks, financial intermediaries, fiduciaries and specific categories of businesses enhanced screening obligations to prevent the misuse of financial or professional services.<\/p>\n

This Privacy Policy is addressed to data subjects (\u201cData Subject\u201d, \u201cyou\u201d, \u201cyour\u201d) whose personal information is contained in Dataware databases (all together \u201cDatabase\u201d<\/b>).<\/p>\n

This Privacy Policy explains how Dataware collects, processes, discloses, stores and protects information about you in the
\ncontext of our Database. It also provides information about your rights and about how you can contact us if you
\nhave questions about how we handle your information.<\/p>\n

This Privacy Policy is based on the \u201cBundesgesetz \u00fcber den Datenschutz\u201d 1992 as amended (\u201cDSG\u201d<\/b>) [Swiss Federal Act on data protection: https:\/\/www.fedlex.admin.ch\/eli\/cc\/1993\/1945_1945_1945\/en<\/u>]. Dataware is authorized to treat and process personal data pursuant to those laws and regulations and by the Swiss Eidgen\u00f6ssischer Datenschutz- und \u00d6ffentlichkeitsbeauftragter (\u201cED\u00d6B\u201d<\/b>) [Swiss Federal data protection and information commissioner: https:\/\/www.edoeb.admin.ch\/edoeb\/en\/home.html<\/u>]. Although the GDPR is a regulation of the European Union, it is of relevance to us. Furthermore, this Privacy Policy is also based on the General Data Protection Regulation (Regulation EU 2016\/679: https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679&from=EN)<\/u> as amended (\u201cGDPR\u201d<\/b>), in particular on its UK implementation of the GDPR UK \u201cData Protection Act\u201d 2018 (\u201cDPA\u201d) as amended (https:\/\/www.legislation.gov.uk\/ukpga\/2018\/12\/contents\/enacted). Our European Representative and Data Protection Officer (\u201cDPO\u201d) is Moore ClearComm Ltd, 6th Floor, 9 Appold Street, London, EC2A 2AP, UK, dpo@dataware.link. In this document we shall refer to the above mentioned DSG, and GDPR as implemented by DPA definitions and rules.<\/p>\n

Content of this Privacy Policy<\/h3>\n

This Privacy Policy only refers to our Databases. For general information about privacy, please refer to our Privacy Policy for Website Users published on this website.<\/p>\n

Purposes of the processing<\/h3>\n

Dataware Databases process information in the public interest as defined and explained pursuant to DSG, GDPR and DPA provisions, since such information allows Dataware customers (or prospects under free trial) (collectively \u201cCustomers\u201d<\/b>) to better fulfil their legal obligations related to AML\/CFT, KYC and due diligence requirements, to prevent and protect themselves against bribery\/fraud\/corruption and other unlawful acts, to lower the risk of misuse of professional or financial services and to verify monetary transactions to detect suspicious money flows (all together, \u201cChecks\u201d<\/b>). Dataware Customers are Regulated entities such as banks, insurances, asset managers, listed companies, public notaries, law firms, accountancy firms or other subjects\/firms\/entities obliged pursuant to AML, CTF, KYC to perform screening activities in accordance with their regulatory obligations and risk management procedures carried out in both their legitimate interest and in the public interest (\u201cRegulated Entities\u201d<\/b> or \u201cRE\u201d<\/b>).<\/p>\n

Dataware offers a preliminary instrument to perform Checks, however Customers must carry out additional searches against names of their prospects, clients or counterparties, in order to verify, enhance or supplement their Checks. Should a Customer find information about you in Dataware Database, this does not mean that either the person named by the source is actually you or that everything contained in publicly accessible data is accurate, complete, updated or correct. Customers are obliged to take further steps to verify the identity, interpretate the information and to determine how to use it. We inform our Customers that they cannot rely solely upon personal data and information found on Dataware Database, but they must perform independent Checks and double check the identity and the accuracy of the personal data we collect and decide discretionary for themselves whether to conduct business with the individual or the entity they are verifying.<\/p>\n

The inclusion of information about you on Dataware Database does neither prevent RE from doing business with you nor should automatically be taken by the RE to draw any particular inference (negative or otherwise) about you. Customers are and shall remain solely responsible for verifying the suitability of the data provided by Dataware and for adequately analysing the information for the purposes pursued in relation to the professional use for which it is intended, compliantly with the rules and regulations governing AML and CFT and with the applicable privacy rules and regulations in force.<\/p>\n

The fact that RE make use of our Database does not exempt them from ensuring the accuracy of personal data they process, so that this must be verified with their prospects, clients or counterparties before any action is taken by the RE. Dataware shall in no way be liable for the discretionary decisions or assessments made by the Customer based on the information contained in the Database. RE are also obliged to verify multiple sources of information, such us declaration of their prospects, clients or counterparties, internet information, newspapers or media. Customers undertake to use the Database only to accomplish AML and CFT regulations, to keep access credentials safe, guaranteeing their confidentiality and preventing them from being used improperly, being the Customer solely responsible for any use and decision thereof.<\/p>\n

From which source the personal data originate \u2013 publicly accessible sources Your information is included on Dataware Database only if it is a publicly accessible data, found in publicly available, official or reliable\/reputable or authoritative sources which are relevant for Checks<\/p>\n

Special care has been taken in the selection of the sources. We put our best effort to examine the public available sources and ensure that information we hold about you is accurate, updated, relevant and not excessive, however, the correctness, completeness and update of our information depends on the correctness, completeness and update of the source of information and its constant publicly accessible nature.<\/p>\n

    \n
  1. This means personal information available to the general public and usually over the internet, for instance found on: (i) sanction
    \nor watch lists available on public authorities websites; (ii) legal enforcement, court, regulatory actions found on government
    \nwebsites; (iii) political websites and publications such as parliamentary, local government or individual politician websites; (iv) reputable news media and publications; (v) public registers, lists, deeds or documents that are knowable by anyone; (vi) websites of public, governmental, territorial and local bodies, public agencies, as well as supervisory and control authorities and (vii) websites of trade associations and professional orders, with regard to lists or registers of economic and business operators, published on their own website; (viii) information made public by an individual themselves such as on social media, personal website or blog, biographical sources; (ix) data provided under open government licence.<\/li>\n<\/ol>\n

    Legal basis for the processing of information \u2013 public and legitimate interest<\/h3>\n

    The lawful bases for Dataware processing personal data, including special category of personal data relating to criminal convictions and offences, are set out in particular under: Article 31 of the DSG; Articles 6, 9 and 10 of the GDPR; Articles 8, 10, 11 and Schedule 1 of the DPA.<\/p>\n

    At least one of these must apply whenever personal data is to be processed:<\/p>\n

      \n
    1. Consent: you have given Dataware your freely, specific, informed or unambiguous consent for your personal data
      \nto be processed for a specific purpose or, pursuant to Article 30.3 of the DSG and Schedule 1 of the DPA,
      \n\u201cthis condition is met if the processing relates to personal data which is manifestly made public by the Data
      \nSubject\u201d.<\/li>\n
    2. Contract performance: the processing is necessary for the performance of a contract you have with Dataware,
      \nwhich had asked you to take specific steps before entering a contract.<\/li>\n
    3. Compliance with legal obligation: the processing is necessary for Dataware to comply with the law in the
      \njurisdictions where Dataware operates (not including contractual obligations).<\/li>\n
    4. Compliance with legal obligation: the processing is necessary for Dataware to comply with the law in the
      \njurisdictions where Dataware operates (not including contractual obligations).<\/li>\n
    5. Protection of vital interests: the processing is vital to an individual\u2019s survival.<\/li>\n
    6. Public interest: the processing is necessary to perform a task that is in the public interest or for its official
      \nfunctions, and the task or function has a clear basis in law, so pursuant to Schedule 1 of the DPA this means
      \n\u201cpreventing or detecting unlawful acts\u201d, \u201cnecessary for the purposes of preventing fraud or a particular kind of
      \nfraud\u201d, \u201cregulatory requirements relating to unlawful acts and dishonesty\u201d and \u201csuspicion of terrorist financing or
      \nmoney laundering\u201d. With reference to the production and maintenance of its Database, Dataware falls into this
      \nscope and is authorized pursuant to Article 31 of the DSG, GDPR and DPA, laying the legal basis for the
      \nprocessing of personal data down by such Union Law and Member State law to which Dataware is subject.<\/li>\n
    7. Legitimate interests: the processing is necessary for Dataware\u2019s legitimate interests, or the legitimate interests of
      \na third-party, including Dataware Customers, unless there is a good reason to protect the individual\u2019s personal
      \ndata that overrides those legitimate interests.<\/li>\n<\/ol>\n

      As mentioned, because the RE has a specific duty to screen their clients\u2019 database and collect information about
      \nexisting client, prospect or counterpart to:<\/p>\n