Skip to main content

Privacy Policy

Last updated: May 2026

Data Controller

Newton Advisory Group GmbH
Baarerstrasse 43
6300 Zug
Switzerland

Email: contact@newtonag.ch

Overview

Newton Advisory Group GmbH ("we", "us", "our") operates the Isaac platform and the website at corebank.ch. This privacy policy explains how we collect, use, and protect personal data in accordance with the Swiss Federal Act on Data Protection (DSG / nDSG, in force since 1 September 2023). Where users are located in the EU/EEA, the EU General Data Protection Regulation (GDPR) applies additionally.

Data We Collect

Contact and Inquiry Data

When you submit a contact form or request a demo, we collect your name, email address, company name, and the content of your message.

Usage and Technical Data

We automatically collect technical data including IP address, browser type, operating system, referring URL, and pages visited in order to operate and improve this website.

Cookies

We use strictly necessary cookies for website operation and — with your explicit consent — analytics cookies to understand how visitors interact with our site. You may withdraw consent at any time via the cookie settings.

Legal Basis for Processing

PurposeLegal basis (DSG)Legal basis (GDPR, where applicable)
Responding to inquiriesContractual necessity / legitimate interestArt. 6(1)(b)(f) GDPR
Website analyticsConsentArt. 6(1)(a) GDPR
Security and fraud preventionLegitimate interestArt. 6(1)(f) GDPR
Legal complianceLegal obligationArt. 6(1)(c) GDPR

How We Use Your Data

  • Communication: to respond to inquiries, provide product information, and arrange demonstrations.
  • Platform operation: to operate, maintain, and improve Isaac and this website.
  • Legal compliance: to comply with applicable Swiss and EU legal obligations, including FINMA supervisory requirements and AMLO-FINMA record-keeping.

Data Sharing

We do not sell or rent personal data to third parties. We may share data with:

  • Service providers: trusted processors (hosting, analytics, email delivery) acting under data processing agreements and bound by confidentiality obligations.
  • Legal authorities: where required by Swiss law, a court order, or a FINMA supervisory request.

International Data Transfers

Our infrastructure is operated in Switzerland and the European Economic Area (EEA). Switzerland is recognised by the EU as providing an adequate level of data protection. For any transfers to countries without adequate protection, we rely on the EU Standard Contractual Clauses (SCCs) as a safeguard.

Data Retention

We retain personal data only for as long as necessary for the purposes described in this policy or as required by law. Contact inquiry data is retained for a maximum of 3 years. Financial and compliance data, where applicable, is retained in accordance with AMLO-FINMA and applicable Swiss and EU retention requirements (minimum 10 years for AML records).

Your Rights

Under the Swiss DSG and, where applicable, the GDPR, you have the following rights:

  • Access to the personal data we hold about you (DSG Art. 25 / GDPR Art. 15)
  • Rectification of inaccurate or incomplete personal data (DSG Art. 32 / GDPR Art. 16)
  • Erasure of your personal data, subject to legal retention obligations (GDPR Art. 17)
  • Restriction of processing in certain circumstances (GDPR Art. 18)
  • Data portability in a structured, machine-readable format (GDPR Art. 20)
  • Object to processing based on legitimate interests (GDPR Art. 21)
  • Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at contact@newtonag.ch. We will respond within 30 days. If you are located in the EU/EEA and believe your rights have not been respected, you may lodge a complaint with your local supervisory authority. Users in Switzerland may contact the Federal Data Protection and Information Commissioner (FDPIC / EDÖB) at www.edoeb.admin.ch.

Data Security

We implement appropriate technical and organisational security measures to protect personal data against unauthorised access, loss, alteration, or disclosure, in accordance with DSG Art. 8 and industry best practices. These include encryption in transit (TLS 1.3), access controls, and regular security assessments.

Policy Updates

We may update this policy from time to time to reflect changes in our practices or applicable law. Material changes will be indicated by updating the date at the top of this page.