Privacy and Cookie Policy

Data Protection Declaration of Amber Lion Partners AG

In this Data Protection Declaration we, Amber Lion Partners AG (“Amber Lion”), describe how we collect and process your personal data pursuant to the revised Federal Act on Data Protection («FADP»). This Data Protection Declaration is not necessarily a comprehensive description of such processing; other data protection statements may be applicable.

1. Identity and Contact Details of the Controller

The “controller” of data processing as described in this Data Protection Declaration (i.e., the responsible person) is Amber Lion Partners AG, Sihlstrasse 20, 8001 Zürich. You can notify us of any data protection related concerns using the following contact details:

2. Collection of Personal Data

The term “personal data” as used in this Data Protection Declaration means any information that identifies, or could reasonably be used to identify, a natural person. They can be collected directly or indirectly.

2.1 Direct Collection from Data Subjects

We primarily process personal data that we receive from our clients and other business partners, from other individuals in the course of our business relationships with them, from candidates in connection with the recruitment process, or that we collect from users in operation of our website.

If you provide us with personal data of other persons (e.g., family members, work colleagues), please make sure that they are aware of this Data Protection Declaration and only provide us with their data if you are authorized to do so and this personal data is correct.

2.2 Indirect Collection from Third Parties

To the extent we are permitted to do so, we obtain certain personal data from publicly available sources (e.g., debt collection register, land register, commercial register, press, internet) or we obtain such information from public authorities or other third parties (e.g., World-Check).
The categories of data we receive about you from third parties include, but are not limited to, any information

  • from public registers (e.g., authority to sign for the company you represent),
  • in connection with administrative or judicial proceedings,
  • related to your professional role and activities,
  • about you provided to us by persons associated with you (family, consultants, legal representatives, etc.),
  • about business partners for the purpose of ordering or providing services to you or by you (e.g., payments, purchases),
  • that can be found in the media or on the internet,
  • relating to your use of our websites (e.g., IP address, MAC address of your smartphone or computer, information about your device and settings, cookies, date and time of your visit, pages and content viewed, applications used, referring website, localization data).

For recruitment purposes, to the extent we are permitted to do so, we also obtain certain personal data from third parties (e.g., former employers, headhunters, recruiters or other sources of candidate referrals, publicly available social media and professional networks such as LinkedIn or XING).

3. Data Processing

3.1 Purposes

We use the personal data we collect primarily to enter into and perform contracts with our clients and business partners, particularly in connection with the provision of asset management and investment advisory services and the procurement of products and services from our suppliers and subcontractors, as well as to comply with the applicable domestic and foreign legal obligations (e.g., anti-money laundering obligations).

In addition, we may process your personal data and the personal data of third parties in accordance with applicable law and, where applicable, for the following purposes that are in our interest (or, as the case may be, in the interest of third parties), such as:

  • communicating with third parties (e.g., depositaries) and authorities (e.g., supervisory authorities) and processing their requests;
  • reviewing and optimizing needs assessment procedures for the enhancement of our client services;
  • advertising and marketing unless you have objected to the use of your data for this purpose to us;
  • assertion of legal claims and defense in legal disputes and official proceedings;
  • prevention and investigation of crime and other misconduct (e.g., conducting internal investigations, data analysis to combat fraud);
  • ensuring our operation, including IT and website.

For recruitment purposes we only collect and process data that is relevant to assessing candidate’s suitability for employment (e.g., references and qualifications) or for the performance of the employment relationship. This may vary depending on the employment (management level).

3.2 Legal Basis

If we ask you for your consent for certain processing (e.g., when registering to receive newsletters), we will inform you separately about the corresponding purposes of the processing. You can withdraw your consent at any time with effect for the future. For the withdrawal of your consent for online tracking, see the cookie instructions under section 4. Once we have received notification of the withdrawal of your consent, we will no longer process your data for the purposes to which you originally consented, unless we have another legal basis for doing so. The withdrawal of your consent will not affect the lawfulness of the data processing carried out based on the consent until the withdrawal.

If we do not ask you for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the conclusion and/or performance of a contract with you (or the entity you represent) or that we (or, as the case may be, third parties) have a legitimate interest in doing so, in order to pursue the purposes set out in Section 3.1. Our legitimate interests include, but are not limited to, the marketing of our products and services, the interest to better understand our markets, as well as the ability to manage and develop our business and operations safely and efficiently. We may also process your data on the basis of other legal grounds, e.g., in the event of a legal obligation or to safeguard overriding public interests.

4. Cookies / Tracking and Other Techniques Regarding the Use of our Website

This website uses cookies. These are small text files that make it possible to store specific information related to the user on the user’s terminal device while the user is using the website. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyze behavior patterns of page use, but also to make our offer more customer-friendly.

Besides cookies that are only used during a session and deleted after your visit of the website (“session cookies”), we may use cookies in order to save user configurations and other information for a certain time period (e.g., two years) (“permanent cookies”). Notwithstanding the foregoing, you may configure your browser settings in a way that it rejects cookies, only saves them for one session or deletes them prematurely.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of the services, especially in the case of tracking, via the U.S. site or the EU site Furthermore, the storage of cookies can be achieved by disabling them in the browser settings.
By using our website and consenting to the receipt of newsletters and other marketing e-mails you agree to our use of such techniques. If you object, you must configure your browser or e-mail program accordingly.

With SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Without SSL/TLS encryption

Please note that data transmitted over an open network such as the internet or an e-mail service without SSL encryption can be viewed by anyone. You can recognize an unencrypted connection by the fact that the address line of the browser shows “http://” and no lock symbol is displayed in your browser line. Information transmitted over the Internet and content received online may be transmitted over third-party networks. We cannot guarantee the confidentiality of any communications or materials transmitted over such open or third-party networks.

If you disclose personally identifiable information over an open network or third-party networks, you should be aware that your information may be lost or potentially accessed by third parties and, as a result, the information may be collected and used without your consent. While in many cases the individual data packets are transmitted in encrypted form, the names of the sender and recipient are not. Even if the sender and the recipient reside in the same country, the data transfer via such networks often takes place without controls even via third countries, i.e. also via countries that do not offer the same level of data protection as your country of domicile. We assume no responsibility for the security of your data during transmission over the Internet and disclaim any liability for direct or indirect losses. We ask you to use other means of communication should you consider this necessary or reasonable for security reasons.

Despite extensive technical and organizational security precautions, it is possible that data may be lost or intercepted and/or manipulated by unauthorized persons. As far as possible, we take appropriate technical and organizational security measures to prevent this within our system. However, your computer is outside the security perimeter under our control. It is your responsibility as a user to inform yourself about the necessary security precautions and to take appropriate measures in this regard. As the website operator, we are in no way liable for any damage that you may suffer as a result of data loss or manipulation.

Data that you enter in online forms may be passed on to authorized third parties for the purpose of order processing and may be viewed and possibly processed by them.

Server Log-Files

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and Browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

Contact form

If you send us inquiries via the contact form, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

Contradiction email marketing

The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. Amber Lion Partners AG expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.


The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to Amber Lion Partners AG or the specifically named copyright holders. For the reproduction of all files, the written consent of the copyright holder must be obtained in advance.

Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages.

Social media plug-ins

In addition, we may use plug-ins from social networks such as Facebook, Twitter, Youtube, Pinterest or Instagram on our websites. This is visible for you (typically based on the respective symbols). We have configured these elements to be disabled by default. If you activate them (by clicking on them), the operators of the respective social networks may record that you are on our website and where on our website you are exactly and may use this information for their own purposes. This processing of your personal data lays in the responsibility of the respective operator and occurs according to its data protection regulations. We do not receive any information about you from the respective operator.

Google Maps

This website uses the offer of Google Maps. This allows us to display interactive maps directly on the website and enables you to comfortably use the map function. By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information on the purpose and scope of data collection and processing by Google, as well as further information on your rights in this regard and settings options for protecting your privacy, please visit:

5. Recipients of Personal Data

In the course of our business and in accordance with the purposes of data processing set out in Section 3.1, we may transfer data to third parties where such transfer is permitted and where we consider it appropriate for them to process the data on our behalf or, as the case may be, for their own purposes (such as the depositaries). The data transferred to third parties shall be limited to the minimum required to achieve the respective purpose. The following categories of recipients may be involved:

  • financial institutions (e.g., depositaries and brokers);
  • service providers (e.g., IT providers, cloud, legal and other services providers);
  • domestic and foreign authorities or courts;
  • acquirers or parties interested in the acquisition of (parts of) Amber Lion;
  • other parties to potential or pending legal proceedings.

6. Transfer of Data Abroad and Safeguards

Recipients of your data are generally only located in Switzerland. We do not forward your data to any recipient outside Switzerland, unless you instruct us to do so (e.g., foreign custody bank; investments outside Switzerland, mainly private equity or real estate investments). In addition, an exception exists for data processed by compliance search tools which can be transferred to other countries, in particular to the EU, USA, Australia, UK, Mauritius, Georgia and other countries to which the transfer is legal under art. 16 FADP.

7. Retention Periods for your Personal Data

We process and store your personal data for as long as it’s necessary for the fulfillment of our contractual obligation and compliance with legal, regulatory, tax and social security obligations or other purposes pursued with the processing, i.e., for the duration of the entire business relationship (from the initiation, during the performance of the contract until its termination) and beyond that in accordance with statutory retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against Amber Lion or insofar as we are otherwise legally obligated to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your data is no longer required for such purposes, it will be deleted or anonymized.

In terms of recruitment, as soon as the process has been completed, the documents of rejected applicants are returned or deleted. In some cases documents may be kept for a certain period of time, especially if there is a reason to believe that they will be used again (e.g., re-evaluated) in the near future.

8. Data Security Measures

We have taken appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse such as training, IT and network security solutions, access controls and restrictions etc.

9. Obligation to Provide Personal Data To Us

In the context of our business relationship, you must provide us with all personal data that is required for the conclusion and performance of our contractual obligations (mainly for AML reasons). Without this information, we generally cannot conclude or perform a contract with you (or the legal entity or natural person you represent).
In addition, to maintain the full functionality on all parts of the website, it can only be used if certain information to enable data traffic (e.g., the IP address) is disclosed.

10. Your Rights

The applicable data protection law grants you the right to object to the processing of your personal data under certain circumstances, in particular for the purposes of direct marketing and other legitimate interests in processing. If the statutory requirements are met and no exceptions apply, you also have the right to

  • request access to your personal data;
  • have incorrect personal data corrected;
  • have your personal data deleted or anonymized;
  • have certain personal data transferred to you in a standard electronic format or to have it transferred to another controller (“data portability”);
  • withdraw consent with effect for the future (if our processing is based on your consent).

Please note that we reserve the right to assert legal restrictions, e.g., if we are obliged to retain or process certain data, have an overriding interest or require the data to assert claims. If the exercise of certain rights is associated with costs for you, we will inform you in advance. Please also note that the exercise of these rights may conflict with your contractual obligations, and this may result in consequences such as premature termination of the contract or be associated with costs. Should this be the case, we will inform you in advance, unless this has already been contractually agreed.

Exercising these rights usually requires that you are able to prove your identity (e.g., by providing a copy of identification documents if your identity is not otherwise apparent or can be verified in some other way). To exercise these rights, please contact us at the addresses listed in Section 1.

In addition, you have the right to assert your rights in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (

11. Disclaimer

All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors can not be completely excluded, so we can not guarantee the completeness, accuracy and timeliness of information, including journalistic-editorial nature. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.

Amber Lion may change or delete texts at its own discretion and without notice and is not obliged to update the contents of this website. The use of or access to this website is at the visitor’s own risk. Amber Lion, its clients or partners are not responsible for damages, such as direct, indirect, incidental, consequential or punitive damages, allegedly caused by the visit of this website and consequently assume no liability for such damages.

Amber Lion also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. Amber Lion thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.

12. Amendments of this Data Protection Declaration

We may amend this Data Protection Declaration at any time without prior notice. The current version published on our website shall apply.