Payment solutions that save you time and money.

Legal Notices and Privacy Policy

CompanyCards and CompanyOnline

Legal Notices and Privacy Policy.

Last modified: [May 2018] 

Please read the following statements. By accessing this website and its pages (the “Website") as well as the products, services, information, tools, and documentation (the “Content") contained or described therein, you declare that you have understood and acknowledge these legal notices and the privacy policy (collectively “Terms and Conditions of Use") in the version current at any given time.

The Terms and Conditions of Use can be amended at any time. Any amendment will be published and becomes effective upon publication. You will find a reference to the last update date at the beginning of this document.

User access and the use of this Website and its Content as well as the Terms and Conditions of Use are subject to substantive Swiss law. The courts of Horgen (Switzerland) shall have exclusive jurisdiction and venue, subject to mandatory provisions with different content.

I. Legal Notices

1. No Offer

This Website and its Content do not represent any offer or any invitation to acquire a means of cashless payment (e.g. charge card and/or credit card), to take out a loan or acquire any other financial services product, to enter into a contract dealer contract (merchant contract), or any other legal and/or other transaction, and only serve informational purposes. Products and/or services featured on the Website are only addressed to persons established or domiciled and with their habitual abode in Switzerland. The fact that you access this Website or Content does not make you a contracting party with Swisscard AECS GmbH (“We" or "Us").

2. No Assurance

Although We make an effort to ensure the correctness of the information on this Website and of the Content when publishing it, neither We nor our contracting parties can provide you or other persons an express or implied assurance, guarantee, or warranty regarding the currency, correctness, accuracy, dependability, or completeness of the information or its suitability for a particular purpose.

We provide no express or implied assurance, guarantee, or warranty that the functions on this Website will not be interrupted or are error-free, that errors will be corrected, or that the Website or the infrastructure necessary for you is free of viruses or other harmful software (malware). Furthermore, We cannot ensure that information on this Website will not be falsified by technical faults or access by unauthorized third parties. Please contact Us if you have any questions about the acquisition or use of your means of cashless payment and/or other products or services offered or brokered by Us. Insofar as our partners introduce themselves or their offers on our site, We assume no responsibility for these representations, also not with regard to correctness, completeness, or the legality of these representations.

All information on the Website and in the Content may be modified or removed at any time and without notice. We are not obligated to remove information that is no longer current from the Website or from the Content or to label it as such.

3. Liability exclusion

We exclude any and all liability for damages and losses of all kinds, effective for Us and for our managing directors, employees, agents, and other vicarious agents, that arises from the use of or access to the Website and its Content or from links to third-party websites (or arising from the impossibility or failure to access or to use), regardless of the legal basis of any liability, subject to the reservation of intentional or grossly negligent damage caused by Us. We exclude liability for actions by our vicarious agents.

Specific links on this Website lead to third-party websites. Such links are only made available for information purposes. We have not reviewed the websites linked to this Website and are not responsible for their content. The use of such links occurs at your own risk. We recommend that you read the legal notices and privacy policy of the individual website and review how those websites protect your own personal data and – if accessing from a company – personal data of that company.

4. Security Measures

We hereby notify you of the danger emanating from viruses or other harmful software (malware) or from hacking, phishing or other comparable attacks. We recommend that you use antivirus software, a spam filter, and other software to protect your system (e.g., a firewall) and to keep them up-to-date. We reject any and all liability for manipulations of your IT system by unauthorized parties in connection with accessing our Website.

Phishing: fraudsters use "phishing" in order to obtain personal data. Should you receive a request by telephone, email, fax or SMS to provide any card data (e.g. the card number, expiry date) or any other confidential information, this may constitute a phishing attempt. Such requests often look deceptively authentic. Do not answer them, do not click any links contained in them, and do not open any attachments to such requests. If you have any doubt as to the authenticity of such a request, please call us.

5. Intellectual property rights

Swisscard and other brand names and logos on this Website (e.g., Credit Suisse, American Express, Mastercard, and VISA) are registered brands. Unless otherwise specified, the Website and all Content are protected by copyright. We reserve all rights (particularly copyrights and trademark rights) to the Website and to all Content and will exercise all legal opportunities to enforce these rights as necessary. The user receives no rights of any kind whatsoever to the use of images or other content or to brands or logos. Downloading, saving, copying, and printing individual pages and Content are only permitted for personal use. Such action does not transfer any rights to you. If Content is reproduced in whole or in excerpts in electronic or written form, expressly naming Us as the source is required. In addition, our express written consent must be obtained for any reproduction, further publication, or sale of Content.

II. Privacy Policy (Data Protection and Data Security)

We treat personal data which you provide to us and/or which We collect about you during the use of this Website or in the context of a customer or other business relationship ("Contractual Relationship") confidentially. Please note the special provisions on data protection included in the terms and conditions of business applicable from time to time and, where applicable, in separate data protection notices. 

1. Data categories and sources

We process personal data received from you (e.g. with regard to the commencement of the Contractual Relationship or during the course of the Contractual Relationship) or in the course of the implementation of the Contractual Relationship (e.g. transaction-related data), in particular:

basic data including personal details (e.g. name, address and other contact details, date and place of birth and nationality, data regarding third parties, e.g. authorized persons who are also affected by the data processing, contract number and account number);

transaction-related data (e.g. information regarding the point of acceptance, transaction amount and 


data in connection with other secondary and additional benefits (e.g. insurance services or loyalty programmes connected to means of cashless payments, online services);

data required for purposes of risk management (e.g. credit ratings, origin of assets);

marketing data (e.g. preferences)

To the extent that this is required for us to provide our services, We also process personal data that We obtain from permissible public sources (e.g. commercial register, the press, the internet) or that is legitimately provided to us by other companies within the Credit Suisse or American Express group or from any other third party (e.g. a credit agency, the Central Office for Credit Information or a public authority). 

2. Processing purposes

We process personal data in accordance with Swiss data protection laws:

a. In order to perform contractual obligations

Personal data is processed with regard to the conclusion of contracts with our customers as well as for purposes of fulfilling a contract. The purposes of the data processing depend primarily on the specific product (e.g. charge or credit card, merchant contract) and include, among other things, the performance of transactions. For further details regarding the purposes of the data processing, please refer to the applicable contractual documents and terms and conditions of business.

b. Based on statutory requirements

As a financial service provider We are subject to a variety of legal obligations (e.g. the Swiss Consumer Credit Act [Konsumkreditgesetz], the Swiss Money Laundering Act [Geldwäschereigesetz], applicable circulars issued by the Swiss Financial Market Supervisory Authority FINMA, tax laws).

Depending on the product/service, the processing purposes linked to these obligations include inter alia credit checks, ID and age checks, fraud and money laundering prevention, the fulfilment of control and reporting obligations under tax law as well as archiving obligations.

c. Based on your consent

Insofar as you have given consent for the processing of personal data for particular purposes, this processing is legitimate on the basis of your consent. Consent provided may be revoked in writing at any time. 

The revocation of consent does not affect the processing of the data that has occurred until consent was revoked. 

d. For other purposes

We are also entitled to process personal data for other purposes such as, for instance, in order to ensure IT security, for training and educational purposes, for internal administrative purposes and in order to enforce our rights and defend against any claims brought against Us. 

We may compile customer, consumption and transaction profiles and, to that end, also link personal data with other data for purposes of processing the Contractual Relationship, complying with statutory obligations (e.g. to combat money laundering), risk management (e.g. prevention of credit defaults and fraudulent transactions) as well as for marketing purposes (e.g. to optimise offers and services for the customer). 

3. Bringing in third parties / transferring data abroad

In the provision of our services, We work with third parties both within and outside of Switzerland (commissioned data processing). These third parties are subject to contractual and statutory confidentiality and data protection obligations.

When processing card transactions via the international card networks of American Express, Mastercard and VISA, data may be transmitted via third countries or processed in third countries. You acknowledge that data transmitted abroad may potentially not be protected to the same extent as under Swiss law.

Except where provided by our terms and conditions of business or by statute, We do not transfer any data to third parties for their own purposes.

4. Data processing / retention period

The duration of the processing and retention of personal data is governed by the statutory retention obligations and the purpose of the data retention. 

5. Right of access and right to correction

Every data subject has the right to access personal data pursuant to article 8 Swiss Federal Act on Data Protection (Datenschutzgesetz, "FADP") and the right to correction of any incorrect data pursuant to article 5 FADP. 

Please direct any requests for information or correction (in writing and with a clearly legible copy of a valid ID card) to:

Swisscard AECS GmbH

Request for information

Neugasse 18


8810 Horgen

6. Security of Data Transfers

Please note that data transmitted over a public network such as the Internet or an email service can be viewed by anyone. We cannot guarantee the confidentiality of messages or documents transmitted through such open networks. If you disclose person-related information over an open network, you should be aware of the fact that third parties can potentially access this information and consequently can collect and use the data without your consent. Cardholder data and means of identification (e.g., card number, card expiration, verification number [CVC/CVV], PIN) should therefore never be transmitted by email. Your data will be transmitted encrypted for specific services, but not the name of the sender and the receiver. Third parties can thus reach conclusions as to existing or future charge card / credit card relationships or other business relationships. Even if the sender and recipient reside in the same country, data transfer across such networks frequently also occurs without monitoring via third countries, i.e., including countries that may in some circumstances not offer the same level of data protection as that offered in Switzerland.

Your data could be lost during transmission or could be intercepted by unauthorized third parties. We assume no responsibility for the security of your data during its transmission via the Internet and reject any and all liability for indirect and direct losses. We request that you use other means of communication if you consider this necessary or reasonable for reasons of security.

7. Data processing in the use of this Website

We automatically collect anonymised user data when you visit this Website. This information helps Us to determine in aggregated form how visitors use the Website and how often and how long they visit individual pages. Personal data in non-anonymized form (e.g., name, address, email address, or telephone number) relating to you (or in case of companies, also to your company) is acquired and processed only when you have provided this information to Us (e.g., when you access password-protected areas of this Website or send us an email).

8. Cookies 

This Website uses cookies. Cookies are computer files that are stored on your computer in order to capture, e.g. your Website visit and your preferences, or to store settings for your next visit. Cookies help us to collect statistical data about the use of the Website (e.g., how often specific pages are visited) and thus help in making the Website more useful and user-friendly.

One of the cookies that We use primarily serves the operation of portions of the Website and was already placed.

You can decide against using cookies at any time by deleting the cookies that were set by the Website. This is possible using the settings in your Internet browser and by deleting all cookies. However, not all parts of this Website will function without cookies.

We use the cookies that We store on our Websites for the following purposes:

Recording the number and type of visits on the Website and its sub-pages so that We can determine whether and what parts of the Website must be improved

Displaying personalised Content on this Website or for Google Remarketing adverts

Collecting statistical data on the number of visitors and their usage habits and to improve the speed and performance of the Website pages

9. Services from Google

This Website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses cookies, i.e. text files that are stored on your computer and help analyse how you use the Website. The information generated by the cookies on your use of this Website is generally transferred to a Google server in the USA and stored there.

Google's IP anonymization feature has been activated on this Website. Please note that the Google Analytics Tracking Code has been extended on this Website to allow the anonymized collection of IP addresses (known as IP masking). This means that Google truncates your IP address within European Union Member States or in other parties to the Agreement on the European Economic Area or in Switzerland to the extent necessary to prevent it from being matched to a specific connection.

On behalf of the operator of this Website, Google will use this information to analyse your usage of the Website, compile reports about Website activities and provide the Website operator with further services related to the Website and internet usage.

The IP address transferred by your browser as part of Google Analytics will not be combined with other Google data. You can prevent cookies being stored by adjusting your browser software accordingly; however, We make you aware that you may then not be able to make use of the full scope of functions available on this Website. In addition, you can prevent the transfer to Google of the data generated by the cookie and related to your use of the Website (including your IP address), as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link.

Google Analytics Opt-Out Browser Plug-In

Moreover, you can prevent your data being collected by Google Analytics by clicking on the following link. An opt-out cookie will be placed, which prevents any future collection of your data when visiting this Website. Please note that you need to repeat this process when you delete your cookies:

Deactivate Google Analytics by cookie

Additional information on the Terms and Conditions of Use and on data protection can be found at

This Website uses the online advertising program "Google Adwords" to improve the Website and its advertising activities and in that context, conversion tracking. The cookie for conversion tracking is set when a user clicks on an advertisement placed by Google. These cookies become invalid after 30 days and are not used for personal identification. If the user visits particular pages of this Website and the cookie has not yet expired, We and Google can detect that the user has clicked on the advertisement and was forwarded to this page. Each Google AdWords customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of AdWords customers. The information obtained using the conversion cookie is used to prepare conversion statistics for AdWords customers that have decided for conversion tracking. The customers receive the total number of users that have clicked on their advertisement and were forwarded to a page provided with a conversion tracking tag. However, they do not receive any information that allows the user to be personally identified. If you do not wish to participate in tracking, you can deactivate the cookie for Google conversion tracking using your Internet browser under user settings. In this case, you will not be included in the conversion tracking statistics. Additional information on the Terms and Conditions of Use and data protection can be found at

This Website uses DoubleClick Digital Marketing Suite, a web analysis service from Google. DoubleClick sets cookies when you look at an advertisement or click on an advertising banner from Us that is located on partner websites. This occurs in order to display banners that are more interesting to you. Using the cookie, We can register specific data regarding the interaction of your browser with a particular overlay. It also records whether you have looked at an advertisement, clicked on it, and whether this resulted in registration with Us. The data are collected and stored in anonymized form. If you do not wish for this information to be collected, you can deactivate the use of cookies in your browser.

Image credits

Image sources: Fotolia, iStockphoto

These terms of use ("Terms of Use") govern the use of the Online Card Management Application CompanyOnline ("Website"). They shall take precedence in the event of discrepancies with the terms for charge cards and credit cards of Swisscard AECS GmbH («GTCB»), and shall be regarded as a special agreement in addition to the Legal Notices and the Privacy Policy, which can be found at The Terms of Use, the Legal Notices, and the Privacy Policy may be viewed each time the Website is used. By accessing the Website, the Client confirms his understanding and acceptance of the Terms of Use, the Legal Notices, and the Privacy Policy. These Terms of Use may be updated or changed at any time. Any change shall be publicized on the Website and/or brought to the Client’s attention in another suitable form. The changes shall be regarded as approved in the absence of a written objection within one month from their announcement, and in any case with the next use of the Website. The Client warrants that he regularly reads the current version of the Terms of Use.


1.    Restrictions

The Website may be used only by corporate clients («Company») whose employees («Employees») are holders of company cards issued by Swisscard AECS GmbH («Issuer»), and by the Employees themselves. In doing so, the Company shall be represented by one or more of its specified card administrators («Administrator/s») in all rights and duties associated with the use of the Website.
The Company, its Administrator/s, and each individual Employee (hereinafter jointly referred to as the «Client») acknowledge that the use of the Website from abroad may violate provisions of foreign law under certain circumstances. The Client further acknowledges that import and export restrictions may exist for the encryption algorithms, which he may violate under certain circumstances if he uses the Website outside of Switzerland. The Client is therefore responsible for keeping informed as to whether the use of the Website from abroad is legal, and must refrain from such use in case of doubt. The Issuer declines any liability in this respect.
The Issuer reserves the right to temporarily or permanently restrict or cease or block the operation of the Website at any time, in whole or in part, without prior announcement, either universally or for individual Clients.


2.    Use of the Website

2.1    Registration

The Company shall be activated by the Issuer for use of the Website. Following activation of the Company, individual Employees shall be able to register independently. The Client acknowledges that this registration is performed without additional means of identification provided by the Issuer. The Employee registers himself with his company card data and date of birth («Employee Key Data»). He then creates a user ID and a password during registration, and enters his email address and his mobile telephone number in the Website.

2.2    Login
The Client logs in to the Website with his user ID, password, and an additional means of identification provided by the Issuer. The means of identification provided may be supplemented, changed, or replaced by the Issuer at any time. Use of the Website without agreement to these Terms of Use and to the Legal Notices and the Privacy Policy is not possible.
Anyone who logs in pursuant to these Terms of Use shall be regarded by the Issuer as authorized for use of the Website and/or for initiating the services contained therein.

2.3    Management of Company Card Accounts

The Website allows the online management of certain basic accounts and linked employee card accounts (jointly referred to as the «Company Card Account/s») provided by the Issuer. The administrative rights of the Company are comprehensive and relate to all Company Card Accounts.
 The Employee can manage only his own employee card account, and acknowledges that the Company has access at any time to all information on the employee card account, including transaction data.

2.4    Electronic statements

The Website allows the Company (for the Company Card Accounts), and the individual Employee (for his employee card account) to decide to receive monthly statements/ extracts («Statement/s») electronically rather than in hard copy. The Client will then be notified via email or in another suitable form as soon as a new statement is available. Electronic statements shall be regarded as delivered in any case when they are made available on the Website for the first time. The respective time limits, particularly the time limit for objections pursuant to section 2.5 below, shall begin as of this date. The Client shall be obligated in any case to access the Website and check the statements at regular intervals, although at least once per month. If he is unable to fulfill this obligation, he must promptly report this circumstance to the Issuer. If the Client finds that he has not received any new statements for one month from the receipt of the last statement, even though charges have been incurred during this period or there is still an outstanding balance on the account, he must promptly notify the Issuer of this circumstance.
 The Issuer shall have the right to send statements exclusively or even supplementally in hard copy, without stating any reasons, to the provided postal address.

2.5    Objections to statements

Any objections by the Client regarding statements must be submitted in writing as soon as the Client becomes aware of an issue, and within 30 days after the time the statement is accessed on the Website. If this period expires without objection, then the statements shall be presumed to be correct.

2.6    Retention and use of statements

Because statements are retained on the Website only for a limited time, the Client is advised to save statements on his own data media or to print out hard copies of the statements as soon as they are made available. There may be a charge for delivery of hard copies of previous statements.
The Client himself is responsible in accordance with any statutory regulations for the maintenance of records, appropriate retention, and the further use, including the integrity, of the accessed statements.
The Issuer cannot guarantee that the electronically provided statements will be recognized as evidence by domestic and foreign authorities. The Client is responsible for the use of such statements in communications with the authorities.

3.    Confidentiality

The Client expressly agrees that the Issuer may communicate with him using electronic means, including the Internet, email, and SMS, within the context of use of the Website. He acknowledges that data transmitted through an open network such as the Internet or an email service are in principle publicly accessible. The Issuer cannot guarantee the confidentiality of messages or documents transmitted through such open networks. Third parties may access this information, and may consequently collect and use the data without the Client’s consent. Under certain circumstances, third parties could therefore make conclusions regarding existing or future card relationships or other business relationships (such as banking relationships). Even if the sender and recipient are located in the same country, data transmission within such networks frequently also occurs through third countries, i.e. including countries do that do not offer the same level of data protection as does the Client’s country of domicile. The Client’s data could be lost during transmission or could be intercepted by unauthorized third parties.


4.    Security notices and duties of care

4.1    Access to the Website

The Client acknowledges that during the initial registration of individual Employees pursuant to the foregoing section 2.1, there is a risk that an unauthorized third party who has gained access to the Employee Key Data will obtain access to the corresponding employee card account. The Company must verify the registration of Employees at regular intervals, and must promptly report to the Issuer any unauthorized registration, even if only suspected.
 The Client must keep his user ID and password, as well as additional means of identification provided or accepted by the Issuer («Login Data») secret, must refrain from recording them on his computer or elsewhere, even in modified form, and must take all measures necessary to prevent unauthorized use of the Login Data. He may not disclose the Login Data to or make them accessible by third parties or store them in any other manner that allows third parties to gain knowledge thereof. The Client shall be responsible for the security of the information on his computer. It is important that the Client work only with software from a trusted source. The Client shall ensure that his computer does not remain unsupervised when it is turned on, and shall ensure that no unauthorized third parties are in a position to read information being displayed on the screen. The Client must implement appropriate security measures to minimize the risk of unauthorized access to his computer. In particular, the operating system and browser must be kept up to date at all times. The Client must also undertake all security precautions as customary and in accordance with the current state of the art for the use of public electronic networks, particularly the use of continuously updated antivirus programs and the installation of a firewall. Should the Client fear that third parties have obtained unauthorized knowledge of the Login Data, he must promptly report this to the Issuer. The Client shall bear all consequences resulting from the disclosure or use, including misuse, of his Login Data or means of identification. The Issuer shall regard all actions that occur via the Website with the use of the Client’s Login Data and means of identification as having been performed by the Client.

4.2   Use of the Website
The Client’s terminal is part of the overall system, but is outside the control of the Issuer and may become a weak point in the system. Absolute security cannot be guaranteed. Despite all security measures, therefore, the Issuer cannot assume any responsibility for the terminal.

In particular, the Client acknowledges the following risks:

  • Insufficient knowledge of the system and lack of security precautions on the terminal could facilitate unauthorized access (e.g. insufficient protection for data stored on the hard drive, file transfers, screen radiation, failure to log out after using the Website, deletion of Login Data and means of identification from data storage devices)
  • It is impossible to preclude the creation of a traffic profile of the Client by the network operator (e.g. Internet, SMS provider), i.e. it is possible for the network operator to trace with whom the Client is in contact and when.
  • There is a risk that a third party could gain undetected access to the terminal during the use of the Website.
  • There is a risk that viruses and other malware could be transmitted to the terminal when using a network (e.g. the Internet).

If security risks are ascertained, the Issuer reserves the right to interrupt the use of the Website at any time for the Client’s protection until such risks are resolved. The Issuer assumes no liability for any damages incurred as the result of such an interruption.


5.    Exclusion of warranty and liability

The Issuer cannot guarantee either undisrupted access at any time or uninterrupted access to the Website. The Issuer does not facilitate technical access to the Website. This is the Client’s sole responsibility. In particular, the Client acknowledges that the Issuer does not distribute the special security software required for the use of its Website. The Issuer therefore assumes no responsibility for either network operators (e.g. Internet Service Providers) or the required security software. The Issuer assumes no responsibility for the accuracy, precision, reliability, completeness, confidentiality, and transfer time of all electronically transmitted data.
 To the extent permitted by law, the Issuer precludes all liability for any damages incurred from the use of the Website. This also includes in particular damages incurred by the Client as a result of transmission errors, technical defects, overload, disruptions (including system-related maintenance work), malfunctions, or illegal interventions and willful blocking of telecommunication equipment and networks, or other inadequacies on the part of the telecommunications equipment and network operators.


6.    Changes to the Terms of Use

These Terms of Use may be updated or changed at any time. Any change shall be publicized on the Website and/or brought to the Client’s attention in another suitable form. The changes shall be regarded as approved in the absence of a written objection within one month from their announcement, and in any case with the next use of the Website. The Client warrants that he regularly reads the current version of the Terms of Use.


7.    Termination

The Company may terminate its use of the Website at any time by telephone or in writing by post. The right of use shall also be automatically canceled when the company card relationship is effectively terminated.


8.    Statutory regulations

These Terms of Use shall remain subject to any statutory provisions that govern the operation and use of the telecommunications equipment and networks, and such provisions shall also apply for the use of the Website as soon as they come into effect.


9.    Fees

The Website is currently available for use by the Client at no charge. The Issuer reserves the right to introduce fees at any time for the use of the Website or for access to specific services, or to change existing fees at any time.