Privacy policy

1. identity and contact details of the provider

The following is responsible for data processing:

Forma Futura Invest AG
Bederstrasse 49
8002 Zurich

We determine the purposes and means of processing and are therefore responsible for the processing and use of personal data. If you have any questions regarding this privacy policy or the processing of personal data, you can contact us at any time by email at info@formafutura.com.

2. terms

a) Personal data

Personal data (synonymous with the term "personal information") refers to all information relating to an identified or identifiable natural person. This includes, for example, name, email address, date of birth, telephone number, and IP address. Data about personal preferences, such as leisure activities or memberships, also counts as personal data.

b) Data processing

The term "data processing" refers to any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification, disclosure, archiving, deletion, or destruction of personal data.

3. Data processing in general

3.1 Legal basis and purposes of data processing

We collect and process personal data carefully and for the purposes described below. The provision of this personal data is expressly voluntary. We ensure that processing is transparent and proportionate.

We only collect, use, and possibly pass on personal data if the processing is necessary to fulfill (pre)contractual obligations, to protect legitimate interests, to comply with legal requirements, or if you consent to the processing. This includes the following purposes in particular:

• Conclusion and execution of contracts, including but not limited to the provision of (contractual) services in the context of asset management (e.g., account opening, stock exchange transactions, investments, transactions);
• Monitoring and controlling risks, including those related to opening and managing a business (e.g., risk and investment profiles, anti-money laundering, counterparty, market, or operational risks);
• Marketing, communication, network maintenance, consulting, and information about our services (e.g., advertising, events for prospective and existing customers, website);
• Provision, maintenance, protection, optimization, and further development of the business and our services (e.g., development of new services, processes, and technologies, or evaluation of existing ones);
• Compliance with legal and other regulatory requirements, including disclosure, information, or reporting obligations (e.g., reporting obligations to supervisory authorities, clarifications in connection with the prevention of money laundering and terrorist financing);
• For the purpose of processing an inquiry after contact has been established (e.g., via contact form or email);
• Processing of an incoming application;
• Justification, exercise, and/or defense of actual or potential legal claims, investigations, or similar proceedings (e.g., defense of legal claims).

If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of this consent, unless we have another justification or another legal basis applies.

You can revoke your consent at any time in the future by sending an email to the address specified in section 1. Data processing that has already taken place is not affected by the revocation and remains valid.

3.2 Recipients of personal data

We take the necessary measures to ensure that only authorized employees or auxiliary persons who have the necessary knowledge and who undertake to comply with data protection regulations have access to your personal data in order to fulfill the above-mentioned purposes.

In accordance with the legal and regulatory requirements, we are authorized to disclose personal data to the following possible recipients or categories of recipients in accordance with the purposes and bases of processing described above, insofar as this is appropriate for the intended data processing:

• Other financial services institutions and comparable institutions for the purpose of conducting business relationships and executing orders, i.e., the use of products and services (e.g., custodian banks, brokers, stock exchanges, transaction registers);
• Authorities, government agencies, courts, or other state institutions due to legal obligations, justifiable reasons, or official orders (e.g., to supervisory authorities, money laundering reporting office, child and adult protection authority (KESB));
• Other parties in potential or actual legal proceedings to the extent necessary to protect the legitimate interests of Forma Futura;
• Swiss authorities responsible for re-establishing customer contact after contact has been broken off (dormancy);
• Experts and other service providers from Forma Futura as part of an inquiry;
• Service providers who process personal data on our behalf and on our instructions (so-called contract processors, e.g., in the IT sector, hosting, and support);
• Other business partners and auxiliary persons (e.g., attorneys).

We guarantee to you that our business partners and processors have suitable organizational and technical measures in place to comply with data protection regulations. Furthermore, those business partners and processors who process customer data are contractually obliged to maintain confidentiality and customer secrecy.

3.3 Categories of personal data processed

Depending on which of our services you use, the following categories of personal data will be processed:

• Personal master data (e.g., name, date of birth, nationality, address, etc.);
• Contact details (mobile phone number, email address, etc.)
• Data relating to tax status (e.g., information on tax domicile, tax identification number (TIN));
• Data concerning professional and family situation (e.g., information about occupation, education, and family and personal background)
• Financial data (e.g., information on income and asset situation, origin of assets, and assets to be invested);
• Data for suitability assessment/risk profile (e.g., information about knowledge and experience, investment objectives, including risk capacity and risk tolerance);
• Transaction data (e.g., information on the background of the transaction and beneficiaries)
• Marketing data (e.g., preferences, needs);
• Technical data related to the website (e.g., access data/server log files, cookies, IP address).

The personal data processed is usually provided to us by you. Without such data, we are unable to execute a contract. The website cannot normally be used either if certain information required to secure data traffic, such as your IP address, is not disclosed. In connection with the use or provision of services, we also obtain certain data from publicly accessible sources (e.g., commercial registers, the Internet, media) or receive it from third-party providers, insofar as this is legally permissible.

3.4 Transfer of personal data abroad

In principle, your personal data will be processed in Switzerland. If, in exceptional cases, we disclose personal data abroad, we ensure that the countries concerned guarantee an adequate level of data protection (so-called adequate level of data protection).

If your personal data is transferred to countries that do not have an adequate level of data protection (e.g., outside the EU or the European Economic Area), we ensure adequate data protection by taking appropriate measures to comply with data protection regulations. To this end, we oblige recipients to comply with adequate data protection by entering into contractual guarantees. If there are no contractual guarantees, we will only transfer your data to a country without an adequate level of data protection if you expressly consent to the disclosure, if it is necessary for the conclusion or execution of a contract (e.g., securities orders), it is required by law (e.g., tax reporting obligations), or it is necessary for the establishment, exercise, or enforcement of legal claims.

3.5 Retention period

In principle, your personal data will be deleted as soon as it is no longer required for the purpose for which it was collected. A longer storage period is permissible if this is necessary to fulfill legal, contractual, or pre-contractual obligations or legitimate business interests (e.g., in connection with the assertion, exercise, or defense of legal claims), or if you expressly consent to a longer storage period that has been specified in advance.

3.6 Data security

We take appropriate technical and organizational measures to ensure the integrity and confidentiality of your data, in particular by protecting it from unauthorized access, accidental or intentional manipulation, loss and/or destruction. Our data security measures are continuously adapted and optimized in line with technological developments.

4. Data processing in connection with website use

When you visit our website, information, including personal data such as your IP address, is processed. In addition, data about the type, duration, and date of your visit is also collected. The primary purpose of this processing is to ensure data traffic, the security of our website and systems, the proper display and optimization of our website, our content, and our offers. Below, we describe in detail which data is processed by which services, for what purposes, and to what extent when you visit our website.

4.1 Provision of the website and creation of log files

When you visit our website (formafutura.com), the web server automatically records the data that your browser automatically transmits to our server (known as access data/server log files). This data is technically necessary for the operation of the website.

For security reasons and to protect personal data and other content, we use SSL (Secure Socket Layer) technology in conjunction with the highest level of encryption supported by your browser on our website. You can recognize an encrypted connection by the string "https://" (https stands for "Hypertext Transfer Protocol Secure") at the very beginning of the address line in your browser and by the lock symbol in your browser line.

In order to provide the website and create log files, the name of the Internet service provider, your IP address, the referrer URL, the date and time of access, and technical information about the browser, operating system, and screen resolution are processed.

This data cannot be assigned to a specific person and is not merged with other data sources. The log files are processed to guarantee the functionality of the website and to ensure the security of our information technology systems.

The data will only be stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data will be deleted after each session has ended. The storage of log files is essential for the operation of the website, so you have no option to object to this unless you do not visit our website.

4.2 Cookies

Our website uses cookies. Cookies are text files that are stored on your device's operating system with the help of your browser when you visit our website. Cookies do not cause any damage to your computer and do not contain viruses. Some cookies are technically necessary for the website to function. Most of the cookies we use are so-called "session cookies." They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them or their term expires.

We use cookies so that we can use the data collected to make our website more user-friendly, effective, and secure. In particular, we use cookies to store your preferences (e.g., language and location settings), to quickly provide and attractively display website content (e.g., through content delivery networks), and to analyze the use of this website for statistical evaluation and continuous improvement (usually using third-party cookies).

Cookies are stored on your computer. You can delete them completely or deactivate or restrict their transfer by changing the settings in your browser. If you deactivate cookies for our website, you may no longer be able to use all of the website's functions to their full extent.

Below you will find instructions for the most common browsers:

• For Google Chrome
• For Apple Safari
• For Microsoft Edge
• For Mozilla Firefox

The technically necessary cookies are essential for the basic functions and proper operation of the website and can therefore only be deactivated by changing your browser settings.

You can revoke the use of technically unnecessary cookies (i.e., marketing cookies and statistics cookies) at any time by adjusting your settings in our consent platform. Furthermore, for cookies used to measure success and reach or for advertising, a general objection ("opt-out") is possible for numerous services via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).

4.3 Tracking pixels

We may use tracking pixels on our website or in our emails. Tracking pixels are also known as web beacons. Tracking pixels are small, usually invisible images that are automatically retrieved when you visit our website or open our emails.

Counting pixels can be used to collect the same information as log files. In addition, movement profiles for the entire session can be collected. Counting pixels are used in particular by third parties whose services we use.

Tracking pixels are used by various tracking services to analyze the use of this website for statistical evaluation and continuous improvement. Tracking pixels can also be used for email tracking.
To prevent data processing using tracking pixels, you can install suitable browser extensions such as uBlockOrigin and block external graphics in your email program.

Please also note the information in this privacy policy regarding the individual tracking services.

4.4 Google Tag Manager

We use Google Tag Manager from Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; responsible for Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.

Google Tag Manager is a tag management system that allows website tags to be managed efficiently without interfering with the source code of our website. These tags can be used, for example, to integrate and manage code for web analytics services such as Google Analytics.

Google Tag Manager collects data on the website and forwards it to the analysis tools integrated via Tag Manager, such as Google Analytics, for data storage and evaluation. Google Tag Manager itself only processes personal data for technical purposes and does not store any data.

Further information about Google Tag Manager can be found in Google's privacy policy and the Google Tag Manager terms of use.

4.5 Google Analytics 4

We use Google Analytics from Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; responsible for Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.

Google Analytics is an analysis tool that enables the evaluation and analysis of your usage behavior using cookies stored on your device. The insights gained from the evaluation of your activities on our website are consolidated in the form of reports and used to optimize the content of our website. The information collected includes, in particular, your IP address, information about your interaction with our website, data about your approximate location, and information about your browser and operating system.

The collected IP address is truncated by Google Analytics within Switzerland, the member states of the European Union (EU), and the signatory states of the European Economic Area (EEA) as standard. Accordingly, your IP address is anonymized so that it can no longer be traced back to you. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.

If you are logged into your Google account, Google may be able to draw conclusions about your identity based on the data collected, create usage profiles, and assign the collected data to your account. If you do not want this data to be assigned to your Google profile, you must log out before visiting our website.

If you wish to prevent Google from processing this data, you must download and install the browser add-on to deactivate Google Analytics. Further information on the data used by Google can be found in Google's privacy policy and the terms of use for Google Analytics.

4.6 Google Ads

We use Google Ads from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; responsible for Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, "Google") as an online marketing measure.

Google Ads is an online advertising program that uses cookies to analyze the use of our website. A cookie is set when you arrive at our website via a Google ad.

As part of Google Ads, we use Google Ads Conversion Tracking, a web analytics service that collects information about a Google Ads advertising campaign. Data processing only takes place if you have accessed our website via a Google Ads advertisement.

The information collected is used to evaluate and optimize Google Ads marketing campaigns and offers, in particular by processing information about how our ads are interacted with and which ads lead to high conversion rates. However, we do not receive any information that can be used to personally identify users.

 Further information on the data used by Google can be found in Google's privacy policy and under "Conversion analysis – Google Ads Help."

4.7 Google reCaptcha

We use Google reCAPTCHA from Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; responsible for Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, "Google") on our website.

Google reCAPTCHA is a verification service for websites that distinguishes human users from bots by analyzing their usage behavior. We use it to protect entries (e.g., via contact forms) from automated attacks and spam.

For this purpose, your behavior as a visitor to our website is analyzed based on the information collected. This includes, in particular, your IP address, interactions on our website, and information about the browser and operating system you are using.

The IP address is anonymized by Google reCAPTCHA so that it can no longer be linked to a specific person. When a visitor visits our website for the first time, Google reCAPTCHA can generate an identifier to recognize the visitor when they visit the website again.

reCPATCHA is used exclusively for the analysis and improvement of the security of our website. The information collected is not used for advertising purposes or to identify individual users.

Further information on the data used by Google can be found in Google's privacy policy and terms of use.

4.8 Web fonts from Monotype

We use web fonts from Monotype Image Holdings Inc. (600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA, "Monotype") on our website.

Web fonts from Monotype are used to ensure that selected fonts are displayed consistently and correctly, in order to ensure that our website is presented in an appealing manner.

When you visit our website, the necessary web fonts are loaded into your browser cache to display fonts and text correctly. To do this, Monotype uses a web font tracking script to identify the licensee and the licensed web fonts. Each time you visit our website, your IP address is transmitted to Monotype without being stored or used in any other way.

For more information about the data used by Monotype, please refer to Monotype's Web Font Tracking Privacy Policy.

4.9 Gravity Forms

On our website, we use Gravity Forms from Rocketgenius, Inc. (1620 Centerville Turnpike, Suite 102, Virginia Beach VA 23464-6500, USA, "Rocketgenius").

Gravity Forms is a self-hosted WordPress plugin. With Gravity Forms, website operators can create and manage forms such as contact forms, surveys, or payment forms using drag-and-drop functionality.

Gravity Forms does not transfer or store any submitted form data outside of the website operator's hosting environment. All form submissions (including personal data) are stored in the operator's WordPress database. Gravity Forms (Rocketgenius) does not have access to or provide access to form data collected on our website.

Further information on the data used by Gravity Forms (Rocketgenius) can be found in the privacy policy and terms of use of Gravity Forms (Rocketgenius).

4.10 OpenStreetMap

We use OpenStreetMap from the OpenStreetMap Foundation (St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom, “OpenStreetMap”) on our website.

OpenStreetMap is used to display our location and provide user-friendly directions.

When you visit subpages that incorporate the OpenStreetMap map, information about your use is collected. This includes, in particular, your IP address, information about your interaction with the map, and information about the browser and operating system you are using.

Further information on the data used by OpenStreetMap can be found in OpenStreetMap's privacy policy and terms of use.

4.11 Weglot

We use the Weglot translation service from Weglot SAS (7 cité Paradis, 75010 Paris, France, "Weglot") on our website.

Weglot enables our website to be displayed in multiple languages. To this end, the content of our website is transmitted to Weglot's servers, where it is processed and delivered in the selected language.

Weglot is loaded when you visit the website, allowing you to change the language via the icon in the footer of our website by establishing a direct connection between your browser and the Weglot server when you visit our website. To do this, Weglot processes your IP address and information about the browser and operating system you are using.

For more information about the data used by Weglot, please refer to Weglot's privacy policy and terms of use.

4.12 Cookiebot by Usercentrics

We use the consent management platform Cookiebot from Usercentrics A/S (Havnegade 39, 1058 Copenhagen, Denmark "Usercentrics") on our website.

The consent management platform is used to manage your consent to the use of cookies and similar technologies. The platform enables us to obtain, manage, and document consent for the use of cookies and tracking and analysis technologies.

When you visit our website, a connection is established between Cookiebot's servers in order to obtain your consent or revocation of your consent. A cookie is then placed in your browser to store your selection and assign it to you. To do this, Usercentrics processes your IP address, your consent status (i.e., granted, denied, or revoked), and information about the browser and operating system you are using.

Further information on the data processed by Usercentrics can be found in Usercentrics' privacy policy and terms of use.

4.13 Links to other websites

We use links on our website to other websites that are not operated by us (e.g., Google Maps, LinkedIn). Clicking on the links establishes a direct connection with corresponding data transmission (e.g., IP address) to the individual websites, which are neither operated nor monitored by us. We are not responsible for the content or for the principles applied in the handling of personal data. We have no knowledge of the content of the transmitted data and no influence on the processing of this data. The respective providers or operators of the websites are responsible for the linked websites in all cases.

5. Video and telephone conferences with Microsoft Teams

For online meetings and conference calls, we use Microsoft Teams, which is offered by Microsoft Corporation (One Microsoft Way Redmond, WA 98052-6399, USA, "Microsoft").

In particular, Microsoft collects profile data (e.g., your email address, your profile picture, if applicable, and your phone number) as well as data about the content of the meeting (e.g., chats, recordings, and shared files), which may be transferred to servers in the US and stored there.

The use of Microsoft Teams is subject to Microsoft's terms of use and privacy policy. By using Microsoft Teams, you consent to the collection, processing, and use of automatically collected data by Microsoft, its representatives, and third parties.

For more information about the data used by Microsoft, please refer to Microsoft's privacy policy and terms of use.

7. Applications

When you apply for one of our advertised positions, we collect the information specified in the job advertisement as well as any information you voluntarily provide. This includes, in particular, information about your education, professional experience, skills, and personal and contact details. In addition, all documents you submit in connection with your application, such as your resume and references, will be processed.

Your details will be collected and stored solely for the purpose of processing your application. Once the recruitment process has been completed, any documents that are no longer required will be deleted or, in the event of employment, transferred to your personnel file.

8. Your rights

You can assert your claims against us at any time based on data protection regulations. In particular, you have the right to receive information from us free of charge about your stored personal data. You also have the right to correct incorrect data and to delete your personal data, provided that there are no legal or contractual retention periods that prevent this.

We reserve the right, to the extent permitted by law, to restrict your rights or not to provide you with complete information if, for example, we are obliged to store or process certain data.

Please note that exercising the aforementioned rights may conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g., premature termination of the contract or cost implications).
If you are affected by the processing of personal data, you have the right to enforce your rights in court or to lodge a complaint with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

9. Changes to the privacy policy

We reserve the right to change the privacy policy at any time and to adapt it to changed circumstances and data processing. The changes will be published on formafutura.com.

Last update: January 2026