top of page


Our processing of our users' personal data is limited to the data required to provide a functioning website and our content and services. The personal data of our customers and interested parties is only processed for the purposes agreed with them or if there is another legal basis (in the sense of the GDPR). Only such personal data are collected that are actually necessary for the implementation and processing of our tasks and services or that you have made available to us voluntarily.

1.  Responsible

Responsible within the meaning of the General Data Protection Regulation (GDPR) is Dorata Finance AG, Zollstrasse 16, 9494 Schaan, Liechtenstein, E-Mail:, Tel.: +423 340 33 22.


2.  Processing of customers' personal data

Which data is processed (data categories) and from which sources does it come (origin)?

We collect and process personal data that we receive as part of our business relationship with our customers. Personal data can be processed at every stage of the business relationship and differ depending on the group of people.

In principle, we process personal data that you provide to us by means of an agreement, submitted contracts, forms, your correspondence or other documents. If necessary for the provision of the service, we also process personal data that arise or are transmitted as a result of the use of services or that we have legitimately received from third parties (e.g. a trust company) or from public authorities. Finally, personal data from publicly accessible sources (e.g. commercial and association registers, press, internet) can be processed.

In addition to customer data, we may also process personal data from other third parties involved in the business relationship, such as data from (further) authorized persons, representatives, legal successors or beneficial owners of a business relationship. Dorata Finance AG assumes that its contractual partner is entitled to disclose or disclose the data of third parties. We ask that you also inform any third parties about this data protection declaration.


By personal data, we mean the following data categories in particular:

base data

  • Personal details (e.g. name, date of birth, nationality)

  • Address and contact information (e.g. physical address, phone number, email address)

  • Legitimation data (e.g. passport or ID data) and authentication data (e.g. sample signature)

  • Data from publicly available sources


  Further basic data

  • Information on the services and products used (e.g. investment experience and investment profile, advice protocols, data on executed transactions)

  • Information on household composition and relationships (e.g. information on spouses or life partners and other family details, authorized signatories, legal representatives)

  • Information about the financial characteristics and financial situation (e.g. portfolio and account number)

  • Information about the professional and personal background (e.g. professional activity, wishes, preferences)

  • Technical data and information on electronic transactions with Dorata Finance AG (e.g. records of access or changes)

  • Image and sound files (e.g. video or telephone recordings)

In addition, portfolio data is maintained in the Bloomberg financial system.

For what purposes and on what legal basis are your data processed?

We process personal data in accordance with the provisions of the GDPR and the DSG for the following purposes or on the basis of the following legal bases:

  • To fulfill a contract or to carry out pre-contractual measures in the context of the provision of services. The purposes of data processing depend primarily on the specific service and may include strategy and business advice, control of asset management, reporting, advice on investment processes and             organization, analysis of portfolios and pension advice.   

  • To fulfill legal obligations, in particular compliance with legal requirements (e.g. compliance with the GDPR and the DSG).

  • To protect our legitimate interests or those of third parties for specifically defined purposes, in particular to determine product development, marketing and advertising, business audits and risk management, reporting, statistics and planning, video surveillance to protect domiciliary rights and to ward off danger.

  • Based on your consent, which you may have given us to provide services. You have the right to withdraw your consent at any time. The revocation of consent is only effective for the future and does not affect the legality of the data processed up to the time of revocation.


We reserve the right to further process personal data collected for one of the above purposes for the other purposes if this is compatible with the original purpose.

Who has access to the personal data and how long is it stored?

Both departments within and outside of Dorata Finance AG can have access to your data. Within Dorata Finance AG, only departments or employees may process your data if they need it to fulfill our contractual and legal obligations and to protect legitimate interests. In compliance with the relevant legal provisions, other companies, service providers or vicarious agents may also receive personal data for these purposes. Processors can be companies in the categories of distribution agreements, IT services, logistics, printing services, advice and consulting, and sales and marketing. Furthermore, the recipients of your data in this context can be financial service providers or comparable institutions to which we transmit personal data in order to carry out the business relationship (e.g. custodian banks, asset managers, information offices).

A data transfer to countries outside the EU or the EEA (so-called third countries) only takes place if

  • this is to carry out pre-contractual measures, to fulfill a contract or to provide services, or

  • you have given us your consent.


We process and store the personal data for the entire duration of the business relationship, unless there are shorter mandatory deletion obligations for certain data. It should be noted that our business relationships can last for years. In addition, the duration of the storage is determined by the necessity and the purpose of the respective data processing. If the data is no longer required for the fulfillment of contractual or legal obligations or to protect our legitimate interests (achievement of purpose) or if a given consent is revoked, it is regularly deleted, unless further processing is due to the contractual or legal retention periods and documentation obligations or necessary for reasons of preserving evidence during the period of the applicable statute of limitations.


3.  Processing of personal data in job applications

Upon receipt of your application documents, we process personal data such as name, title, address, telephone number, date of birth, education, professional experience, salary expectations and the data and images that are contained in the cover letter, CV, letter of motivation, certificates or other items sent to us Documents and evidence are included for the purpose of our personnel selection.

The processing of your data as part of the application process is based on § 1173a Art. 28a ABGB and Art. 6 Para. 1 lit. b GDPR. If an applicant would like to be included in a pool of applicants for a possible future collaboration, we require consent in accordance with Art. 6 Para. 1 lit. a GDPR.

Your data will not be passed on to third parties without your consent.

If you are not employed, we will delete your data within 6 months. During this period, the data will be stored in order to be documented for any legal proceedings.

4.  Your rights (data subject rights)

You have the right to request information about the personal data we process about you. In particular, you can obtain information about the processing purposes, the categories of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period and the origin of your data, if they were not collected from us, and the existence of a require automated decision-making, including profiling.

You also have the right to correction, deletion, restriction of processing, objection to processing and data portability (provided that the data portability does not involve disproportionate effort).

You also have the right to revoke any consent you may have given to the use of your personal data at any time without affecting the legality of the processing carried out on the basis of the consent up to the revocation. The revocation can be sent informally to our address (Dorata Finance AG., Zollstrasse 16, 9494 Schaan, Liechtenstein) or by email to

If you are of the opinion that the processing of your personal data by us contradicts the applicable data protection regulations, you have the option of complaining to the data protection office (

5.  Automated decision-making (Art. 22 GDPR)

There is no automated decision-making with personal data. If such procedures are used in individual cases, we will inform the persons concerned to the extent provided for by law.

6.  website, electronic communication

We do not conduct our own web analysis on our website and do not use any web analysis tool (such as Google Analytics). This means that there is no evaluation of visitor and usage data.

In order to optimize this website in terms of system performance, user-friendliness and the provision of useful information about our services, the provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your internet protocol address (IP address), browser and language settings, operating system, referrer URL, your internet service provider and date/time.

A combination of this data with personal data sources is not carried out. We reserve the right to subsequently check this data if we become aware of specific indications of illegal use.

We include maps from the "Google Maps" service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. In particular, IP addresses and location data of the users can be processed, but these are not collected without their consent (usually as part of the settings on their devices). The data can be processed in the USA.

A component of the LinkedIn Corporation is integrated on our website. LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection issues outside the USA.

The integrated social plugin works via the 2-click process, which means that the recording of your surfing behavior by a plugin only starts when you activate the corresponding plugin by clicking on it in the first place. If you are logged in to your LinkedIn account at the same time as you visit our website, LinkedIn will register the page visit after activating the plugin (first click) and can assign this visit to your user account.


If you send us an e-mail or any other electronic message, your details will only be saved to process the request, possible further questions related to it, and only used within the scope of the request. The legal basis for processing your request is Article 6 Paragraph 1 Sentence 1 Letter b GDPR. We will delete your email address after your request has been processed.


7.  data security

Your personal data is protected by appropriate organizational and technical precautions. These precautions relate in particular to protection against unauthorized, illegal or accidental access, processing, loss, use and manipulation.

Notwithstanding the efforts to comply with a consistently high level of due diligence, it cannot be ruled out that information that you provide to us via the Internet will be viewed and used by other people.

Please note that we therefore assume no liability whatsoever for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hack attack on e-mail account or telephone).

8th.  The data protection declaration is up-to-date and valid

This data protection declaration is currently valid and has the status of November 2020. Due to the further development of our website and offers or due to legal changes, it may become necessary to change this data protection declaration.

bottom of page