Valid from December 22, 2023

Privacy Policy

This Privacy Policy (“Policy”) explains how we collect, use, and process your personal data when you use our mobile app (“App”) Varto, and email messages that we send to you (jointly called “Services”).

Version Number: 1.3

1. Definition of terms used in the Privacy Policy:

USER – a private person without the status of a legal entity using an online service through a mobile application;

PERSONAL DATA – any information relating to the identified private person or person that needs to be identified;

2. General information

2.1. The Zugersee Finance AG may receive information about users and the nature of their operations in the following way:

2.1.1. through information and data voluntarily provided in the registration form in the Mobile application;

2.1.2. through cookies stored on User’s devices;

2.1.3. by collecting information from server logs;

2.2. The Zugersee Finance AG makes every effort to ensure the protection of users’ privacy, applying the minimization policy, providing and processing data about Users, as well as transferring them for processing to third parties. The Zugersee Finance AG has introduced and is guided by the rules and procedures for the protection of Users’ personal data in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals in connection with the processing of personal data and on the free movement of such data, and on the abolition of Directive 95/46 /EC (General Data Protection Regulation – “GDPR”).

3. Registration form and data collection

3.1.1. The Zugersee Finance AG, using the registration form, collects and processes the information voluntarily provided by the User and his/her personal data, including:

  • name;
  • date of birth;
  • phone number;
  • residence country;
  • email address;
  • address;
  • financial information (including credit card, debit card, or bank account information);
  • your profile photo.

3.1.2. Information collected from your use of our products and services

  • login information;
  • the type of device;
  • unique device identifier - Device ID;
  • IP address;
  • push notification settings.

3.1.3. Information from others

We use Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses cookies and similar technologies to collect and analyse information about how user is using our App. This information may include user’s IP address, device type, operating system, app version, and usage data. Google Analytics may also collect information about interactions with the App, such as the pages visited and the features used. For more information on how Google Analytics collects and processes data, please refer to Google's Privacy Policy. We use the information collected through Google Analytics to understand how users interact with our App, improve its functionality, and provide you with a better user experience. This data helps us make informed decisions about updates and enhancements to our App.

We also work closely with third parties and may receive information about users from them. This may include: the payment service provider the user uses to transfer money to us will provide us with personal information, including name and address, as well as financial information, including bank account details.

3.2. How We Use Personal Data

3.2.1 We use your personal data to:

  • Provide you with the features and functionality of our app;
  • Send you push notifications about new features and special offers;
  • Improve our app and services;
  • Prevent fraud and abuse.

3.2.2. With Whom We Share Personal Data

We may share your personal data with the following third-party services:

  • Push notification providers;
  • Analytics providers;
  • Other Varto customers. Other Varto customers will be able to search for you through the Varto app using your mobile phone number. When they input your mobile phone number, they will be able to see your name and profile photo (if you have one).

3.3. The data collected in the registration form are protected by the Zugersee Finance AG in accordance with the rules for processing personal data set out in section 7 of this Privacy Policy.

3.4. When providing data in the Mobile Application (including user data for logging in and initiating a transfer), theft and interception protection is provided using SSL encryption with a certificate. The whole process from logging in to leaving the account is encrypted (there is a so-called end-to-end encryption).

3.5. Children’s data. Our products and services are directed at adults, and are not intended for children. We therefore do not knowingly collect data from children. Any data collected from a child before their age is determined will be deleted.

4. Logs and crash reports

4.1. Error and status logs: When you send a support request from within, a series of text files may be attached automatically to the email. These files contain information on the current state of Varto App. This data also contains your device model, your software version and your network status at the time of the error.

4.2. Crash reports: In case of a crash, Varto will submit a crash report. This report contains information about your device (model, software version, etc.) and the state of Varto App at the time of the crash. No personal data will be transmitted.

5. Direct marketing, carried out by the Zugersee Finance AG, including sending and receiving commercial offers

5.1. The Zugersee Finance AG, acting for purposes arising from the legitimate interests of the personal data controller and its business partners as third parties, conducts direct marketing activities in relation to Users, namely, sends free e-mails with marketing content (including informational messages). For the purposes of sending informational messages and other direct marketing messages, the Zugersee Finance AG processes the following personal data of the User: Name and surname, e-mail address, mobile phone number. An e-mail address and a mobile phone number are required to send information to the recipient. Name and surname allow personally address the User.

5.2. Messages contain marketing information about the Services of the Zugersee Finance AG and business partners (inform for example about promotions, sweepstakes, and activities for Users); as well as non-commercial messages (inform about changes in the service, send greetings or wishes, personally contact the User, etc.).

5.3. Persons who are not Users and wish to receive information messages from the Zugersee Finance AG may express their consent to receive such information messages.

5.4. Users interested in obtaining information and commercial offers regarding the products of the Zugersee Finance AG or its business partners may submit applications for the following consents:

5.4.1. consent to the processing of personal data by the Zugersee Finance AG in order to obtain commercial information about the products and services of the Zugersee Finance AG or its business partners defined in Article 6 paragraph 1, section a, of Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and on the repeal of Directive 95/46 / EC (General Data Protection Regulation – “GDPR”),

5.4.2. consent to receive commercial information from the Zugersee Finance AG or its business partners by electronic means (including using the provided e-mail address and mobile phone number), which is specified in Art. 10 of the Law of July 18, 2002 on the provision of electronic services (Legislative Journal 2016, Article 1030 as amended).

5.4.3. Using the Varto mobile application (settings menu, Account item), Users can manage their consent to receive information and commercial offers by submitting applications described in clauses 5.4.1 and clause 5.4.2 in digital format.

5.5. Users interested in obtaining direct marketing from the Zugersee Finance AG or its business partners using telecommunication devices, within the meaning of Art. 172 sec. 1 of the Law of July 16, 2004 of the Telecommunications Act (Legislative Journal 2016, Article 1489 as amended), may express consent to receive calls and SMS/MMS messages to the mobile phone number specified in the registration form.

5.6. All consents given by Users to the Zugersee Finance AG, regardless of the grounds for obtaining them, are always voluntary, and the User has the right to withdraw them at any time. Expressing consent to marketing, refusal or revocation of such consent does not affect the use of the Zugersee Finance AG’s Services, does not limit or suspend them.

5.7. The User may at any time prohibit the processing and use of his personal data for the purposes of direct marketing specified in Art. 21 paragraph 2, general data protection regulation – “GDPR”.

5.8. The application prohibiting the processing and use of personal data for direct marketing purposes is submitted in any form, but the Zugersee Finance AG recommends sending it by e-mail to the e-mail address: privacy@zuger-see.com.

5.9. Regardless of marketing activity and sending commercial information, the Zugersee Finance AG reserves the right to send users messages relating directly to the Zugersee Finance AG’s Services and the operation of its service, as well as highlight technical information (interruptions or changes in the work of the Services, new functionalities) and legal and organizational changes (including information on changes to the regulations or organizational changes of the Zugersee Finance AG).

6. Principles of data processing and protection

6.1. Personal data are processed by the Zugersee Finance AG only for the purposes for which they were collected, are subject to proper protection and are provided to external companies only to the extent permitted by law.

6.2. The Zugersee Finance AG is the Administrator of users’ personal data.

6.3. During all activities related to the processing of personal data, the Zugersee Finance AG assures that personal data:

6.3.1. processed in accordance with the law, fairly and transparently for the data subject;

6.3.2. adequately, relevantly and limited to the amount necessary for the purposes of the processing;

6.3.3. all data are correct and up-to-date;

6.3.4. are stored for a period allowing identification of a person no longer than necessary for the purposes of the processing;

6.3.5. are processed in compliance with all security measures.

6.4. Personal data are processed by the Zugersee Finance AG only for the following legally permitted purposes:

6.4.1. for a purpose consistent with the consent granted – subject to prior, separate and voluntary consent, in accordance with Article 6, paragraph 1, section b, of General data protection regulation – “GDPR”);

6.4.2. to perform a service for the User or fulfil a request at the request of a person interested in the Zugersee Finance AG’s proposal, including answering questions, correspondence and handling complaints, in accordance with Article 6, paragraph 1, section b, of General data protection regulation – “GDPR”);

6.4.3. to perform legal obligations defined by legal norms, for example, tax and accounting, in accordance with Article 6, paragraph 1, section c, of General data protection regulations – “GDPR”);

6.4.4. to exercise the legitimate interests of the Administrator or third parties, to directly market the services of the Administrator or his business partners, or to conduct an investigation and protection against claims, in accordance with Article 6, paragraph 1, section f, of General data protection regulation – “GDPR”);

6.5. Recipients of personal data may be:

6.5.1. entities entrusted by the Zugersee Finance AG with the processing of personal data, for example, entities providing accounting, legal, IT or marketing services at the request of the Zugersee Finance AG, including personalization services for contact with the User;

6.5.2. entities and bodies authorized in accordance with the law;

6.5.3. other organizations, such as postal Zugersee Finance AGs;

6.5.4. entities cooperating with the Zugersee Finance AG, for example, Zugersee Finance AGs of electronic payment systems or business partners.

6.6. The Zugersee Finance AG grants all persons whose data are processed the right to:

6.6.1. access to their data and obtaining a copy thereof;

6.6.2. correction of their data;

6.6.3. data deletion, data processing restrictions;;

6.6.4. objections to data processing;

6.6.5. data transfer;

6.6.6. filing a complaint to the supervisory authority about the Zugersee Finance AG’s actions regarding data processing.

6.6.7. opt out of receiving push notifications at any time by changing your notification settings in your device's settings menu.

6.7. In relation to data processing based on consent, the Zugersee Finance AG informs that the consent is completely voluntary each time, and regardless of the time of submission of such consent, there is always the right to withdraw it. The withdrawal of consent does not affect the legality of the processing that has been carried out so far.

6.8. The Zugersee Finance AG informs that the processing of personal data does not provide for automated decision-making, including profiling of Users.

6.9. The Zugersee Finance AG provides direct and constant access to up-to-date information on the rules and procedures for processing and protection of personal data. The Zugersee Finance AG informs users of any changes in this regard. Access to information is carried out by providing on the pages of the Website and in the Mobile Application the current version of the Privacy Policy, including the Cookie Policy. In addition, the User can at any time receive information and answers to questions by e-mail, as well as submit all applications and requests for the processing of his personal data.

7. Data retention and deletion

7.1. Zugersee Finance AG retains user’s personal data only for as long as is necessary to fulfil the purposes for which it was collected. Zugersee Finance AG is required by law to store some of your personal and transactional data beyond the closure of your account with us. Zugersee Finance AG accesses user’s data internally on a need-to-know basis, and we’ll only access or process it if absolutely necessary.

7.2. Zugersee Finance AG always deletes data that is no longer required by a relevant law or jurisdiction in which it operates. It is done automatically, so the user doesn’t need to contact us to ask us to delete your data. Deletion methods include shredding, destruction and secure disposal of hardware and hard-copy records, and deletion or over-writing of digital data.

7.3. User’s personal data will be processed for the following period:

  • data processed in order to provide user with the functionality and maintain the connection - for the duration of the connection;
  • data processed in order for Zugersee Finance AG to perform Our obligations under an Agreement for the provision of Services - for the period necessary for the conclusion and performance of the Agreement concluded with User.
  • data processed for the purpose of establishing, investigating or defending claims - for the period relevant to the limitation period of the claim;
  • data processed for accounting and taxation purposes - for a period of no less than 5 years, with specific periods defined by law, e.g. tax legislation;
  • data processed on the basis of the pursuit of Zugersee Finance AG legitimate interests - until the fulfilment of the legitimate interests giving rise to that processing or until User objects to such processing.

In the situation of processing on the basis of consent, the processing will take place no longer than until you withdraw your consent, or until the purpose of the processing is completely fulfilled (where possible).

7.4. User may also delete his/her account from the application following the instructions https://zuger-see.com/delete-account.html.

8. Use of Camera

8.1. The App may require access to your device’s camera for certain features to function properly.

8.2. We do not store or transmit any images or videos captured through the camera without your explicit consent.

8.3. You have the option to enable or disable camera access through your device settings.

9. Use of Storage

9.1. The App may request access to your device’s storage to save and retrieve data necessary for its functionality.

10. Further Questions, Feedback, Inquiries or Complaints

If you have any questions, inquiries or feedback about this Privacy Notice or how we handle your personal information, please contact the Privacy Officer at privacy@zuger-see.com or by writing to Zugersee Finance AG, Alpenstrasse 2, 6300 Zug.

11. Final provisions

11.1. The Privacy Policy enters into force on November 20, 2023.

11.2. The Zugersee Finance AG reserves the right to change the Privacy Policy and Cookie Policy at any time. The unified text of the Privacy Policy after making changes will be available on the main page of the Website and in the Mobile Application in the “Settings” menu.