Privacy Statement - June 2015
At SWIFT, we are committed to protect and respect your personal data.
This Statement explains how we use personal data collected from you on our websites. Our websites include:
- our Sibos website, available at sibos.com
- http://www.3skey.com/ , and
- other URLs that redirect to swift.com.
We invite you to carefully read this Statement to understand our data processing practices.
For the purpose of the Belgian Act on Privacy Protection in relation to the Processing of Personal Data of 8 December 1992 (the Belgian Act), the data controller for personal data collected on our websites is S.W.I.F.T SCRL, Avenue Adèle, 1, 1310 La Hulpe, Belgium (‘SWIFT’ or ‘We’ in this Statement).
We may modify this Statement from time to time. Please check it periodically for changes, in particular when you submit personal data on our websites.
This Statement only applies to the processing of personal data collected by us on our websites. Our other data processing activities are covered by other SWIFT policies. They are:
- The SWIFT Personal Data Protection Policy: it explains how we process our customer contact details (when collected on our websites - this part is common to this Statement - or on paper) and personal data that our customers encapsulate in SWIFT messages or files (“message data”). Where relevant for the purposes of this Statement, we will explicitly refer to that Policy.
- The SWIFT Safe Harbor Policy: it explains how we mirror message data in our US Operating Centre. It is not relevant for the purposes of this Statement.
- The SWIFT Data Retrieval Policy: it explains how we retrieve, use, and disclose message and traffic data. It is not relevant for the purposes of this Statement.
We process personal data collected on our websites for the following purposes (together “SWIFT Purposes”):
- SWIFT governance
- The provision of SWIFT services and products
- Organisation of Sibos and other events
- Newsletters and other customer communications
- The operation of our websites (IP addresses, cookies, web acceleration)
More information on the use of your personal data (as a SWIFT customer) for SWIFT governance and for the provision of SWIFT services and products is available in the SWIFT Personal Data Protection Policy.
More information about the use of your data for the other purposes is given below.
When you use our online recruitment tool, we collect personal data relating to the position you apply for, such as your name, home or business address, e-mail or other contact details, and other relevant personal data. We also require potential candidates to submit their résumés online.
We do not require any 'sensitive' data in our online recruitment process. We therefore kindly request you not to communicate any personal details revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health or sex life, litigation or judicial convictions. If you nevertheless provide us with such sensitive data, you agree that we may process it for our recruitment purposes.
We will process your data for the sole purpose of assessing your application. We will keep all your data confidential. We will not share your data with third parties outside the SWIFT group, with the exception of recruitment counsels and other processors acting on our behalf.
You may always delete your data by using your login and password.
Sibos and Other Events
When you register for Sibos or other events, we collect personal data related to your participation to the event.
We process your data for purposes relating to event registration, administration, security management, accounting, records keeping, to offer event-related products (such as the Sibos Networkbook) and services (such as Sibos on line) and for conducting satisfaction surveys.
The list of participants is sent in advance of the event to the exhibiting companies to allow them to present their products and services directly to you, and may be used by us for our own advertising and marketing purposes. You may opt out of this list in the online registration process.
Further information regarding processing of your personal data can be available in the respective registration forms and policies (such as the Sibos Registration Policy).
Newsletters and Other Customer Communications
We may use personal data that we collect on our websites to provide you with newsletters and to invite you to participate in customer consultations and satisfaction surveys.
We only send you newsletters, customer consultations or satisfaction surveys that relate to SWIFT services and products.
In each mailing, we remind you about your right to opt-out of our newsletters, customer consultations or satisfaction surveys mailing lists.
You may opt-out or unsubscribe from the above mailings at any time by sending an e-mail to:
- firstname.lastname@example.org for all our SWIFTSupport newsletters
- email@example.com for all our customer consultations and satisfaction surveys
- the unsubscribe e-mail address specific for each regional training newsletter (for example firstname.lastname@example.org for the North American newsletter), or to email@example.com in case of difficulties to retrieve the regional unsubscribe e-mail address.
Some of these newsletters and communications are sent to you on our behalf by suppliers specialised in mass mailings. We request those suppliers to provide us with the appropriate data protection and data security commitments (see ‘Sharing Data’ section below).
Operation of our Websites
When you browse our websites, you do so anonymously. For our internal purposes, we may use IP addresses (the Internet address of your computer) stored in web logs to generate aggregate statistics on surf behaviour, such as traffic patterns and time spent on a page.
The third-party add-ons that we use to collect statistics of our sites’ resources usage may also rely on cookies for their operation.
The information stored with cookies may include your name, first name, registration number on http://www.swift.com/ , language preference, login ID, and IP addresses.
Web Acceleration Services
For purposes of accelerating the consultation of our websites, we use the services of a supplier specialised in web acceleration services. This requires caching the content of our websites on a substantial number of servers worldwide.
This supplier only processes data on our instructions, provides sufficient guarantees in respect of technical and organisational data security measures, and has committed to notify us in case of a security breach compromising your personal data (see also ‘Sharing Data’ section below).
Tracking of URL activation
Upon registration to certain services (such as SWIFT Index), we will send you by e-mail a dedicated URL where you can download the relevant materials. For purposes of measuring and following-up on the use of the service, we will track the identity of persons who activated such URL as well as the moment of download.
We are committed to protect your personal data against accidental or unlawful destruction, accidental loss, alteration, and unauthorised disclosure or access. Therefore, we monitor and record the traffic, both incoming and outgoing, in order to preserve the security, integrity and availability of our infrastructure. These data are kept for up to one year.
Please be aware that we cannot ensure the security of your data on your computer or during transmission over the Internet. In this regard, we advise you to take every possible precaution to protect personal data stored on your computer and transiting on the Internet.
Data Submitted on Behalf of Someone Else
When you provide us with personal data relating to someone else, please make sure to collect and supply such personal data in accordance with local applicable law.
For example, you may have to inform that other person about parts of this Statement in order to comply with local applicable law.
With regard to personal data collected on our websites, you may use the e-mail addresses provided in this Statement to:
- exercise your access and correction rights
- object to the processing for direct marketing purposes
We will handle all requests with care and diligence, and take corrective actions in accordance with the Belgian Act.
The SWIFT Privacy Officer carries out internal supervision in connection with our responsibilities under this Statement.
You may exercise your rights and address any questions to the Privacy Officer:
- by letter to S.W.I.F.T. SCRL, attention of Privacy Officer, Avenue Adèle 1, 1310 La Hulpe, Belgium
- by e-mail to firstname.lastname@example.org.
We will not allow third parties to use your personal data for their own purposes without your consent.
When required for the SWIFT Purposes, we may share your data with other offices in the SWIFT group (see the SWIFT Offices page), carefully selected suppliers, or other selected third parties (typically SWIFT partners or sub-contractors).
Before sharing your data, we require such third parties to only process your personal data on our instructions and to provide sufficient guarantees in respect of the technical and organisational security measures protecting the data processing activities.
Such SWIFT offices or third parties may be located in or outside the European Economic Area (EEA), including in countries that do not offer a level of data protection considered as adequate under the Belgian Act.
In the latter case, we ensure the lawfulness of such transfers by:
- agreeing with other SWIFT offices on the standard contractual clauses approved by the European Commission Decision 2004/915/EC of 27 December 2004
- agreeing with third parties on the most appropriate statutory, contractual, or self-regulatory basis (for example Safe Harbor adherence) to allow such transfers.