Information on data protection website
The following information provides you, as a visitor of the website (www.sgkb.ch or alternatively one of our subpages, with an overview of the processing of your personal data by St.Galler Kantonalbank AG (SGKB) and your rights under data protection law.
The data protection information is based on the relevant provisions of the EU General Data Protection Regulation (GDPR) and the current as well as future Swiss Data Protection Act (DSG). The type of data that is processed and the manner in which it is used is based primarily on the services used by you.
1. Who is responsible for data processing and who can you contact?
Responsibility for data processing lies with:
St.Galler Kantonalbank AG
St. Leonhardstrasse 25
9001 St. Gallen
Telephone: 071 231 31 31
UID (enterprise identification number): CHE-105.845.146
If you have any questions relating to the subject of data protection at SGKB, please contact our data protection officer:
St.Galler Kantonalbank AG
Data Protection Officer
St. Leonhardstrasse 25
9001 St. Gallen
Individuals in the European Union (EU) or the European Economic Area (EEA) can also contact our representative based in Germany:
Swiss Infosec (Deutschland) GmbH
Unter den Linden 24
10117 Berlin / Deutschland
2. Visit to the Website
When you visit our website, our web server records information about your visit automatically on the basis of our legitimate prevailing interest (e.g. information on the browser that is used, the operating system, Internet service provider (ISP), IP address, date and time of the access). This data is used to make continuous improvements to the user-friendliness of our website as well as optimisations in connection with the content. As a rule, the information does not make it possible to deduce information about your identity, so that it is not personal data.
3. Google Analytics
Based on our legitimate prevailing interest (interest in the optimisation of our online offer), this website uses Google Analytics, a Web analysis service of Google LLC (“Google”). Google Analytics uses so-called cookies, which are text files placed on your computer to enable an analysis of how you use the site. The information generated by the cookie about your use of this website is generally transmitted to and stored by Google on a server in the United States. Due to the IP anonymisation on this website, your IP address is truncated first of all by Google and thereby anonymised. Google is certified under the Privacy Shield agreement.
You can prevent the storage of cookies by making the respective setting in your browser. Moreover, you can prevent the recording of the data generated by the cookie that is related to your use of the website by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at this following link.
|AL_SESS||Session||Session matching for portal services|
|BRSINFO (multiple)||Session||Anti-phishing cookies|
|X-UNBLU-CLIENTDATA||Session||Client state during co-browsing|
|CLX_EB_LOGIN (multiple)||90 days||Saves default settings within e-banking applications|
|EB_DESKTOP_LOGIN||90 days||Enables a simplified login process within e-banking applications|
|_GA||2 years||Google Analytics cookie to differentiate between users and optimise usability. See Google Analytics section.|
For the administration and sending of our newsletters, we record (based on your consent) your identification data (title and name), your contact data (e-mail, place of residence, country of domicile) as well as information on which newsletter you have subscribed to. We delete your personal data as soon as you have unsubscribed from our newsletter. Your information is stored encrypted by our service provider in the EU.
The bank uses a system that is equipped with functions for statistical user analyses. In the process, your clicking behaviour in your personal e-mail is registered in order to subsequently optimise the structure and content of the newsletter if need be and thereby be able to better cover the information needs of all recipients. We also measure whether an HTML mail is opened. The time of the opening is only recorded anonymously and not stored in your profile.
Additional conditions when registering for the investment magazine / view
When registering to the subscription to the investment magazine / view (it is sent as a newsletter), the postal address is also recorded for non-customers in addition to the e-mail address. This data is also used to contact you and to offer products and services.
6. Contact forms and calculators
When using our contact forms or calculators (mortgage calculator, saving calculator, budget calculator, savings 3 calculator, pension calculator), depending on the respective service, your identification data (e.g. title, name), contact data (e.g. e-mail, telephone number, address), financial circumstances (e.g. income) can generally be transmitted to us as well as your message. We use this information to fulfil a contract or for pre-contractual measures, e.g. in order to contact you, process your specific concern, or to inform you about certain services and products. The personal data is deleted at regular intervals if this is technically possible.
When using our chat function, we are sent your identification data (based on your consent) (e.g. title and name), your chat log as well as technical data (e.g. IP address, browser that was used). We use this data to be able to process your inquiry in the chat session, for training purposes and to improve the chat function. The personal data is generally deleted after 12 months.
In the chat session, we also use the co-browsing functionality, which means that during an active chat session, employees of the bank see the website of the bank that you call up as well as any input. Additional information, such as other opened websites, is not shown.
8. Surveys and contests
During surveys and contests on our website, you will be informed separately about the processing of your personal data.
9. Is data disclosed to third parties or sent out of the country?
Your personal data is not disclosed to third parties or sent out of the country. An exception to this is Google Analytics (see Section 3) and the newsletter (see Section 5).
10. What are your data protection rights?
Based on and in the scope of applicable data protection law (Swiss Data Protection Act (DSG) or European General Data Protection Regulation (GDPR)), as an affected person you have the following rights: the right to information according to Art. 8 DSG (Art. 15 GDPR), the right to rectification according to Art. 5 DSG (Art. 16 GDPR), the right to deletion according to Art. 5 DSG (Art. 17 GDPR), the right to the restriction of processing according to Art. 12 and 15 DSG (Art. 18 GDPR), the right to oppose processing according to Art. 4 DSG (Art. 21 GDPR) as well as the right to data portability according to Art. 20 GDPR (for data subjects in the EU). Every data subject also has a right to complain to a data protection supervisory authority (Art. 77 GDPR).
As a data subject, you can also revoke any granted consent to the processing of personal data by us at any time, with the revocation applying only to the future.
You can contact the data protection officer at SGKB or our data protection representative to assert your data protection rights. The relevant contact details can be found in Section 1 of this information.
Version 1.2 (as of: 4 October 2021)