Forest background

Privacy Policy

1. Introduction

This Privacy Policy explains how Wolf Ventures SWISS AG ("Wolf Ventures", "we", "us", or "our") collects, uses, stores, discloses, and protects personal data when you visit our website, contact us, apply for our services, or use any of our services related to digital assets, blockchain-based products, compliance onboarding, or other business activities.

We process personal data in accordance with the Swiss Federal Act on Data Protection ("FADP") and its implementing ordinance. Where applicable, and only to the extent required by law, we may also process personal data in accordance with the EU General Data Protection Regulation ("GDPR") in relation to individuals located in the European Economic Area ("EEA").

If our activities qualify as those of a financial intermediary or are carried out under a membership or supervisory framework of a recognised Self-Regulatory Organisation ("SRO") or other applicable Swiss supervisory regime, we may also process personal data to comply with Swiss anti-money laundering and counter-terrorist financing obligations.

2. Data Controller

Wolf Ventures SWISS AG
Company No.: CHE-479.332.912
Registered address: Gubelstrasse 11, 6300 Zug, Switzerland
Email: contact@wolfventures.ch
Website: www.wolfventures.ch

Wolf Ventures SWISS AG is the controller of personal data described in this Privacy Policy, unless stated otherwise in a specific notice or contractual document.

3. Categories of Personal Data We Collect

Depending on the nature of our relationship with you, we may collect and process the following categories of personal data:

3.1 Identification and profile data

  • full name;
  • date of birth;
  • nationality;
  • place of birth, where required by law;
  • ID or passport details;
  • selfie, photograph, video identification data, or biometric comparison outputs where used for verification;
  • company affiliation, role, beneficial ownership status, and authorised signatory information.

3.2 Contact data

  • email address;
  • telephone number;
  • residential or business address;
  • correspondence details.

3.3 Compliance and due diligence data

  • KYC documentation;
  • AML/CFT screening results;
  • sanctions, PEP, adverse media, and risk classification data;
  • source of funds and source of wealth information;
  • transaction purpose and account usage information;
  • information required to assess legal, regulatory, tax, and reputational risks.

3.4 Financial and transaction data

  • bank account details;
  • payment data;
  • wallet addresses;
  • blockchain transaction data;
  • digital asset transfer records;
  • order, trade, settlement, and account history.

3.5 Technical and website usage data

  • IP address;
  • device identifiers;
  • browser type and version;
  • operating system;
  • date/time access logs;
  • cookie and similar tracking data;
  • website navigation and interaction data.

3.6 Communications data

  • emails;
  • chat messages;
  • call notes;
  • support requests;
  • meeting records and correspondence.

3.7 Corporate and business relationship data

  • company registration documents;
  • shareholder and UBO information;
  • board or management details;
  • contractual records;
  • onboarding and service eligibility data.

4. Purposes of Processing

We process personal data for the following purposes:

  • to provide and administer our website and services;
  • to evaluate whether we can onboard you as a client, partner, investor, vendor, or business contact;
  • to perform identity verification and due diligence checks;
  • to comply with applicable AML/CFT, sanctions, fraud prevention, and reporting obligations;
  • to assess eligibility for products or services involving digital assets or related financial operations;
  • to communicate with you and respond to inquiries;
  • to conclude, perform, and manage contracts;
  • to maintain records and internal governance;
  • to manage payments, settlements, and transaction monitoring;
  • to ensure platform, network, and information security;
  • to detect, prevent, and investigate unlawful conduct, abuse, fraud, or security incidents;
  • to comply with legal obligations, requests from courts, regulators, supervisory authorities, SROs, auditors, or law enforcement;
  • to improve our website, services, controls, and customer experience;
  • to establish, exercise, or defend legal claims.

5. Legal Bases for Processing

Where relevant, we process personal data on the following grounds:

  • because processing is necessary for the initiation or performance of a contract with you;
  • because processing is necessary for compliance with legal and regulatory obligations, including obligations under Swiss AML/CFT law, supervisory rules, internal control requirements, and recordkeeping duties;
  • because we have an overriding private interest, such as ensuring security, preventing fraud, managing business operations, or enforcing our rights;
  • because you have provided consent, where consent is required or appropriate, for example for certain cookies or optional marketing communications.

If and to the extent the GDPR applies, we rely on:

  • Article 6(1)(b) GDPR – performance of a contract;
  • Article 6(1)(c) GDPR – compliance with legal obligations;
  • Article 6(1)(f) GDPR – legitimate interests;
  • Article 6(1)(a) GDPR – consent.

6. AML, KYC and SRO-Related Processing

Where applicable, Wolf Ventures SWISS AG may process personal data to satisfy obligations arising under Swiss anti-money laundering law, implementing ordinances, internal AML policies, and rules applicable through a recognised SRO membership or other Swiss supervisory framework.

This may include:

  • identifying clients, beneficial owners, controllers, and authorised representatives;
  • verifying identity documents and corporate documentation;
  • screening against sanctions, watchlists, PEP, and adverse media databases;
  • clarifying source of funds, source of wealth, and transaction background;
  • conducting ongoing monitoring of the business relationship and transactions;
  • documenting and retaining legally required records;
  • making reports or disclosures to competent authorities where required by Swiss law.

7. Cookies, Analytics and Similar Technologies

Our website may use cookies and similar technologies necessary for security, functionality, performance, and analytics.

We may use:

  • strictly necessary cookies;
  • functional cookies;
  • analytics or performance cookies;
  • security and fraud prevention tools.

Where required by applicable law, we will ask for your consent before placing non-essential cookies or similar technologies on your device. You can control cookies through your browser settings and, where available, through our cookie banner or preference center.

8. Sources of Personal Data

We may collect personal data:

  • directly from you;
  • from your employer, company, representatives, or advisers;
  • from publicly available sources and official registers;
  • from identity verification, compliance, sanctions, or corporate intelligence providers;
  • from blockchain analytics providers;
  • from banks, payment service providers, custodians, counterparties, and professional advisers;
  • from regulators, authorities, courts, law enforcement, or SRO-related channels where legally permitted or required.

9. Disclosure of Personal Data

We may disclose personal data to the following categories of recipients where necessary and lawful:

  • group companies and affiliated entities;
  • IT, cloud hosting, cybersecurity, and communications providers;
  • KYC/AML, sanctions screening, blockchain analytics, and identity verification providers;
  • banks, payment processors, custodians, brokers, liquidity providers, and other financial counterparties;
  • auditors, lawyers, consultants, and professional advisers;
  • regulators, courts, supervisory authorities, SROs, tax authorities, law enforcement agencies, and other public authorities;
  • potential acquirers, investors, or transaction counterparties in the context of a restructuring, financing, merger, sale, or acquisition, subject to confidentiality protections.

10. International Data Transfers

We may transfer personal data within Switzerland, the EEA, and to other countries where our service providers, counterparties, infrastructure providers, or group entities are located.

If personal data is transferred outside Switzerland or outside jurisdictions recognised as providing an adequate level of data protection, we will implement appropriate safeguards as required by applicable law, such as:

  • contractual safeguards, including standard contractual clauses;
  • transfer mechanisms recognised under Swiss law;
  • disclosures required for the performance of a contract, establishment or exercise of legal claims, overriding public interest, or other lawful exceptions where applicable.

11. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, regulatory, contractual, operational, and evidentiary requirements.

In particular:

  • onboarding, KYC, AML/CFT, and transaction records may be retained for at least 10 years after the end of the business relationship or completion of the transaction, if required by applicable Swiss law or regulatory rules;
  • contractual, accounting, tax, and business correspondence records may be retained for statutory retention periods;
  • technical logs and website records are retained for a period proportionate to security and operational needs;
  • where claims are anticipated or ongoing, we may retain data until the matter is resolved and any relevant limitation periods expire.

12. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction. These measures may include:

  • role-based access controls;
  • encryption and secure transmission;
  • segregated systems and audit logging;
  • due diligence on processors and service providers;
  • internal policies, training, and incident response procedures;
  • backup, resilience, and monitoring controls.

13. Your Rights

Subject to applicable law, you may have the following rights in relation to your personal data:

  • the right to request information about whether we process your personal data;
  • the right to obtain information on the categories of data processed, purposes of processing, recipients, and retention period;
  • the right to request correction of inaccurate personal data;
  • the right to request deletion of personal data where retention is no longer required and no legal basis for continued processing exists;
  • the right to object to certain processing activities;
  • the right to request restriction of processing, where applicable;
  • the right to data portability, where applicable;
  • the right to withdraw consent at any time where processing is based on consent;
  • where the GDPR applies, the right to lodge a complaint with the competent supervisory authority in the EEA.

Please note that these rights are not absolute. We may refuse or limit requests to the extent permitted by law, for example where data must be retained to comply with AML/CFT, legal, regulatory, evidentiary, or contractual obligations.

14. Complaints

If you believe that our processing of your personal data violates applicable data protection law, you may contact us first so that we can attempt to resolve your concern.

You may also contact the competent Swiss authority:

Federal Data Protection and Information Commissioner (FDPIC)
Switzerland

Where the GDPR applies, you may also lodge a complaint with the competent supervisory authority in your EEA country of residence, work, or the place of the alleged infringement.

15. Contact

For privacy and data protection inquiries, including the exercise of your rights, please contact:

Wolf Ventures SWISS AG
Gubelstrasse 11, 6300 Zug, Switzerland
Email: contact@wolfventures.ch
Website: www.wolfventures.ch

16. Changes to This Privacy Policy

We may amend this Privacy Policy from time to time to reflect changes in our services, legal obligations, regulatory expectations, or data processing practices. The latest version will always be published on our website.

Effective date: 27.02.2026