Powered by Smartsupp

Data & Legal Policy

Purpose

This Data & Legal Policy describes our KYC/AML program, sanctions compliance, recordkeeping, breach response, and other legal commitments relating to the Services offered by GLOB INVEST ASSET MANAGEMENT.

Effective date: 2023

KYC/AML & Sanctions Compliance

  • We implement a risk-based AML/CFT program, including customer due diligence (CDD), enhanced due diligence (EDD) where required, and ongoing monitoring.
  • We screen customers and transactions against applicable sanctions lists and politically exposed persons (PEP) databases.
  • We may request additional information at onboarding and throughout the relationship to maintain accurate records.
  • We may decline, restrict, or terminate services if we cannot complete required checks or detect elevated risk.

Data Processing Roles

GLOB INVEST ASSET MANAGEMENT acts as a data controller for account and compliance data. Certain vendors act as processors under written agreements that include confidentiality and security obligations.

Subprocessors & International Transfers

We may engage vetted subprocessors (e.g., cloud hosting, KYC providers). Where data is transferred internationally, we use lawful transfer mechanisms (e.g., SCCs) and require comparable protections.

Recordkeeping & Retention

To meet AML and legal requirements, we retain identity, transaction, and verification records for the period mandated by applicable law (often 5–7 years) or longer if necessary for legal defense or regulatory inquiries.

Transaction Monitoring & Reporting

We monitor transactions for suspicious activity. Where required, we file regulatory reports with competent authorities and may place temporary holds during reviews.

Security Measures

  • Encryption in transit and at rest, key management, access controls, and logging.
  • Segregation of duties, multi-signature approvals for treasury operations, and periodic audits.
  • Vendor security reviews and contractual security obligations for processors.

Incident & Breach Response

We maintain an incident response plan that includes detection, containment, investigation, remediation, and—where legally required—timely notifications to users and regulators.

Data Subject Requests

Individuals can request access, correction, deletion, or portability of personal data where applicable. We may retain certain data to meet legal obligations (e.g., AML) even if deletion is requested.

Children & Restricted Users

We do not knowingly onboard users under 18, residents of restricted jurisdictions, or sanctioned individuals/entities.

Legal Notices

  • No Guarantee of Returns: performance figures are illustrative and not guaranteed.
  • Tax: users are responsible for reporting and paying applicable taxes.
  • Jurisdiction: This Policy is governed by the laws of Switzerland.

Contact Compliance

Compliance/DPO: info@globinvestam.com · GLOB INVEST ASSET MANAGEMENT, Kastellstrasse, Switzerland.