Markant data protection policy

Markant Handels- und Industriewaren-Vermittlungs AG (MAG) and Markant European Payment Services GmbH (MEPS) (hereinafter both referred to as "Markant") thank you for your interest in the service to verify your identity as part of our business relationship with your company (contractual partner).

This service allows you to identify yourself via video identification for KYC (know your customer) purposes. For anti-money laundering reasons, identification is mandatory before the contractual partner can take part in MAG and/or MEPS payment transactions and in future may allow a digital signature to be used in the context of your contractual relationship with us.

Data protection and data security is of great importance at Markant. That's why we employ a service provider (currently Intrum AG, Eschenstrasse 12, 8603 Schwerzenbach, Switzerland) that is approved by the Swiss Financial Market Supervisory Authority (FINMA) and can provide the required security standard to perform the identification process. The service provider acts as the processor as defined by the data protection laws. We kindly ask that, in addition to this data protection policy, you also consult the privacy policy of our service provider.

Below, we would like to briefly outline which data is processed as part of the process, who the data is provided to, and for what purpose and on which legal basis we process data.

Controller and data protection officer

Markant Handels- und Industriewaren-Vermittlungs AG (MAG)
Churerstrasse 166
CH-8808 Pfäffikon SZ

The data protection officer for MAG can be contacted at the following email address: datenschutz(at)markant.com

MAG representative in the European Union :
Markant Services International GmbH
Hanns-Martin Schleyer-Strasse 2
77656 Offenburg
Germany

Markant European Payment Services GmbH (MEPS)
Hanns-Martin Schleyer-Strasse 2
77656 Offenburg, Germany
E-mail: info@markant-payment.com

The data protection officer for MEPS can be contacted at the following email address:
datenschutz@markant-payment.com

Collecting, processing and using personal data as part of the identification process

The following data is collected, verified and corrected or completed during the identification process performed by the service provider and forwarded to MAG and – depending on the contractual relationship – to MEPS after the completion of the identification process.

• Surname, first name(s)
• Private address data (street, house number, postcode, city, country)
• Place of birth, date of birth
• Nationality
• Mobile telephone number
• Email
• the data and type of identification document such as the date of validity/date of issue, the issuing authority and the identification number as proof that you have a valid, official identification document
• Photos/screenshots of the person and the front and back of the identification document, as well as an audio recording and a visual recording of the video conference

By agreeing to this data protection policy and initiating the identification procedure, you give your express consent for the above data to be collected and used by the appointed service provider and for it to be forwarded to them.

Purpose of data processing/legal basis

Data is collected and forwarded based on the user's consent on the basis of Article 6(1)(a) and, where relevant, Article 9(2)(a) GDPR and Article 13(1) FADP.

The purpose is to perform and evidence legally compliant identity verification in accordance with the Swiss and German Anti-Money Laundering Acts (hereinafter both "AMLA"). The legal basis for processing is compliance with a legal obligation (see Article 6(1)(c) GDPR).

If required, your contact details and the status of your identification will be used to complete contract data and to communicate with your company about further processes in our business relationship or those with other Markant Group companies. The basis for this processing is the direct connection to the conclusion or execution of a contract. If no such contract exists, the basis is to serve our legitimate interests (Article 6(1)(f) GDPR and Article 13(2) FADP). The legitimate interest shown by Markant comes from its interest in using the latest contact details and in knowing the customer's actual contact person.

The personal data is treated as strictly confidential and used only for the specified purpose.

If data is processed based on consent, you may withdraw your consent to future processing of this data at any time. Such a withdrawal will not affect the lawfulness of processing carried out prior to consent being withdrawn. 

Transferring data abroad

The data is processed by Markant solely in secure data centres in the European Union and/or Switzerland. An adequacy decision of the EU Commission (2000/518/EC) has determined that Switzerland ensures an appropriate level of data protection such that,

in accordance with Article 45(1) GDPR, personal data may be transmitted to Switzerland without any specific authorisation. This also applies in the opposite case, whereby according to the Swiss Federal Data Protection and Information Commissioner (FDPIC), German law ensures an appropriate level of data protection

Processing of data from contact and support queries

Information on establishing contact with Markant electronically and for direct communication can be found on this website. If a user contacts Markant by e-mail or using a contact form, the personal data sent by the user will be stored automatically for the purpose of processing and in the event that there are any follow-up questions.

The basis for this processing is the direct connection to the conclusion or execution of a contract. If no such contract exists, the basis is to serve our legitimate interests (Article 6(1)(f) GDPR and Article 13(2) FADP). The legitimate interest shown by Markant comes from the interest in offering users the best possible support and contact options for the required service.

Use of cookies

Only cookies that are necessary to run the website are generally used.

Storage period

Markant stores personal data only for the duration required to fulfil the purpose for which it was collected, or for the duration necessary to comply with supervisory or internal regulations. The criteria that Markant uses to determine appropriate periods for the storage of your personal data depend on the purpose of the data.

Where necessary, we will store your data for the duration of the business relationship in accordance with the applicable legal and regulatory standards. In certain cases, Markant may continue to store and process personal data for up to ten years after the end of the business relationship, particularly for compliance or risk management purposes, to comply with (other) legal and official requirements, or if it is in Markant's legitimate interests to do so.

User rights

You may request information on your personal data processed by us. If you believe that the information collected about you is inaccurate or incomplete, you have the right to request the correction of your personal data.

You also have the right to:

• object to the processing of your personal data;
• request the deletion of your personal data;
• request the restriction of processing of your personal data; and/or
• withdraw your consent if you gave Markant your consent to the processing of personal data (this does not affect the lawfulness of processing of your personal data performed before the withdrawal of consent).

If we process your personal data with your consent or if such processing is necessary for the conclusion of a contract with you or to meet our obligations under a contract with you, you may have the right pursuant to applicable data protection laws to request the transmission of your personal data to you or another controller ("right to data portability"). You have the right to request from Markant a copy of part or all of the personal data concerning you that we collect and process. You have these rights according to the provisions of data protection law. Certain limitations may apply, since these rights are not always applicable and exceptions can be made.

If we do not fulfil your request, we will explain the reasons for this.

Exercising your rights

To exercise the above-mentioned rights, please send us an e-mail.

If you are not satisfied with the way in which Markant processes your personal data, please contact us by email and we will look into your concerns.

If you are not satisfied with the response you receive from Markant, you have the right to lodge a complaint with the data protection authority in the jurisdiction in which you live or work, or in the location in which you believe the problem concerning your data to have occurred. Contact details for the data protection authorities are available on the following website: https://edpb.europa.eu/aboutedpb/board/members_en

Status of this data protection policy

This data protection policy was last updated in August 2022. We reserve the right to change this data protection policy from time to time. You will be able to view all changes and updates to this notice on this website. Please visit this website regularly to familiarise yourself with our data protection policy.

If you have any questions or comments regarding this data protection policy, please contact us by e-mail.