Data Protection and Web Notice

With this data protection and web notice we would like to give you a brief overview of the type, scope, and purpose of the collection and processing of personal data at EAS Liechtenstein as well as their websites. We also explain precautions we take to ensure the confidentiality of the transmitted data and the protection of your privacy.

We reserve the right to change this data protection and web notice without prior notice in order to adapt it to revised legal requirements or to changes in our range of services or our data processing. Changes enter into effect upon publication on our website.

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and the national data protection legislation is:

Deposit Guarantee and Investor Compensation Foundation PCC
Austrasse 46
FL-9490 Vaduz
Phone: +423 230 15 16
info@eas-liechtenstein.li 


General information on data processing

The protection of personal data is important to us. We collect, process, and use personal data only in compliance with the relevant data protection provisions. Data processing is limited to data actually necessary for the provision of a functioning website as well as our contents and services.

Contact with us and collection and use of personal data

We process personal data exclusively within the scope of fulfilling our legal mandate (Article 6(1)(c) GDPR) in the public interest (Article 6(1)(e) GDPR) as a protection scheme for deposit protection and investor compensation in accordance with Articles 59b et seq. of the Banking Act (BankG) and for the performance of contractual obligations (Article 6(1)(b) GDPR).

We collect, process, and use personal data on our website for the following purposes:

  • Your data will be stored if you contact us for the purpose of concluding a contract to participate in our protection scheme and in the event of follow-up questions as an e-mail message, in the customer relationship management (CRM) system, and/or in EAS's content management system (contact form data may be converted into an e-mail).
  • When access is set up for the protected participant area, username and password data are collected and stored in the CMS.
  • We do not require any personal information when you download files from our website, unless they are in the protected participant area.
  • For sending information material, provided that the user has given us appropriate consent.

Access to the participant area is reserved for EAS participants. Authorised persons must register on their first visit, specifying a username and personal password. The initial access information is provided by us, using your business email address as the username. You can then access our website on future visits by entering that username and your individual password. Your password will be encrypted before it is stored and cannot be seen by us. By completing the registration, you simultaneously agree that we may process and store your access data. You have the option of withdrawing your consent at any time without any formal requirements by notifying us of the deletion of your access authorisation. The withdrawal must be sent to the following e-mail address: mitteilungen@eas-liechtenstein.li. We use the personal data collected during registration exclusively for the proper processing of your access authorisation. 

Retention and transfer of data

Your data will be retained by us as long as there are legal retention obligations or retention is necessary to perform our legal or contractual obligations, and beyond that until the expiration of restriction.

Personal data is not transmitted to third parties unless it is passed on in accordance with the original purposes for which the data was collected, pursuant to mandatory legal provisions, or based on the express consent of the data subject.

Collection and retention of access data (web analytics and cookies)

Each time you visit our website, our content management system (CMS) automatically collects and stores data and information from the computer system of the accessing computer. The following data is collected:

  • Information about the browser type and the version used
  • The user's operating system
  • The internet service provider of the user
  • The IP address of the user
  • Date and time of access
  • Internet pages from which the user's system accesses our website

The CMS is operated by Duncrow GmbH (Christian-Hummel-Weg 46, 6710 Nenzing, Austria). Visits are counted anonymously using a CMS statistics tool. Our service provider is not in a position to identify you or to establish a connection with you personally. We have concluded an appropriate contract with the provider for order processing and obliged the provider to comply with the data protection provisions.

We retain this information for a maximum period of 30 days. The data is retained for reasons of data security in order to ensure and optimise the stability and reliability of our system. The legal basis for the temporary retention of data is Article 6(1)(f) GDPR.

Web analytics:

We do not conduct our own web analytics on our website and do not use any web analytics tools (such as Google Analytics). This means no evaluation of the aforementioned visitor and usage data takes place.

Cookies:

We use cookies on our website exclusively for access to the protected participant area in order to make our services user-friendly. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. The cookies remain stored until you delete them. This allows us to recognise your browser the next time you visit.

If you do not want this to happen automatically, you can change the settings in your browser so that it informs you about cookies and asks you for permission in individual cases. We would like to point out, however, that deactivation entails that you will not be able to use all the functions of our website.

The legal basis for the data processed by cookies is Article 6(1)(f) GDPR.

The cookies remain valid for 72 hours and are then deleted by your browser.

Integration of third-party services and content and use of plug-ins

It is possible that third-party content, such as videos on YouTube, maps from Google Maps, or graphics from other websites, may be integrated into our website. This always requires that the providers of this content use the IP address of the users, given that without the IP address no content can be sent to the user's browser.

Data security

When you visit our website, we use the widespread SSL method in connection with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is encrypted by the closed lock symbol in the address bar of your browser.

Beyond this, we also use other appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our IT infrastructure complies with international security standards.

Regardless of the measures taken to protect your data, data protection and confidentiality in data processing via universally accessible media may sometimes be restricted. When using the internet as a transmission medium via computer, mobile phone, or other device, it cannot be ruled out, given the way the internet is designed, that third parties may gain access to your data and thus draw conclusions about your person or that personal data may flow into third countries without our intervention. We reject any liability for direct and indirect damages arising in connection with the use of our website or its contents.

Your rights

You have the following data protection rights pursuant to the GDPR in respect of personal data relating to you:

  • Right to withdraw consent: You have the right to withdraw your consent to the processing of personal data concerning you for one or more specific purposes at any time, where the processing is based on your explicit consent (Article 7 GDPR).
  • Right of access: you may obtain information about whether and to what extent personal data concerning you are being processed (Article 15 GDPR).
  • Right to rectification, erasure and restriction of processing: You have the right to obtain the rectification (Article 16 GDPR) of inaccurate or incomplete personal data concerning you and to obtain restriction of processing (Article 18 GDPR). In addition, you have the right to have your personal data erased if the purpose is achieved or the consent is withdrawn, or if the data have been unlawfully processed (Article 17 GDPR).
  • Right to data portability: you have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format, and to transmit those data to another controller (Article 20 GDPR).
  • Right to object: You have the right to object, on grounds relating to your particular situation, without any formal requirements, to the processing of personal data concerning you, if such processing is in the public interest or in pursuit of the legitimate interests of the EAS or a third party (Article 21).
  • Right to lodge a complaint: You have the right to lodge a complaint with the relevant supervisory authority if you assume that the processing of personal data by the EAS do not conflict with applicable data protection law (Article 77 GDPR).

For further information on your rights and complaint submission, please find below the contact details of the competent data protection supervisory authority in Liechtenstein:
Liechtenstein Data Protection Office, Städtle 38, P. O. Box 684, 9490 Vaduz, Principality of Liechtenstein, Phone +423 236 60 90, email: info.dss@llv.li, Web: www.datenschutzstelle.li (in German only)

If you have any questions about individual data processing or want to exercise your rights, you can reach us under the above mentioned contact data.