Privacy, Confidentiality & Data Protection Charter

Doctrine of Professional Secrecy and Information Stewardship

I. Foundational Principle

Custos Fidei is governed by a doctrine in which privacy and confidentiality constitute primary fiduciary obligations.
The protection of personal, patrimonial, and institutional information is regarded as an essential condition of trust and a prerequisite for the custodianship of intergenerational value.

Information entrusted to Custos Fidei is not treated as data to be processed, but as confidential knowledge to be safeguarded.

II. Scope of Application

This Charter applies to all information, whether obtained directly or indirectly, including but not limited to:

• personal identification data,

• financial and patrimonial information,

• legal, structural, and governance documentation,

• information relating to artworks, collections, and provenance,

• correspondence, records, memoranda, and internal assessments,

• data concerning correspondents, advisors, and counterparties.

The obligations herein apply irrespective of format (written, electronic, oral) and survive the termination of any mandate or engagement.

III. Principle of Professional Secrecy

Custos Fidei adheres to a doctrine of professional secrecy comparable to that historically exercised by Swiss private banks, trustees, and fiduciary institutions.

All information received prior to, during, or following a mandate is presumed confidential by default.
Disclosure is prohibited unless:

1. it is strictly necessary for the execution of the mandate, and

2. it is made to parties bound by equivalent fiduciary and confidentiality obligations.

No information is disclosed for commercial, promotional, or reputational purposes.

IV. Data Minimization & Purpose Limitation

Custos Fidei applies a principle of absolute restraint in the collection and processing of information.

Only data that is:

• relevant,

• proportionate, and

• necessary for fiduciary, legal, or protective purposes

is collected or retained.

Information is processed solely for purposes directly related to:

• mandate evaluation and execution,

• fiduciary, legal, and risk management obligations,

• institutional integrity and continuity.

Any secondary or unrelated use is strictly prohibited.

V. Storage, Security & Access Control

Custos Fidei implements stringent technical, organizational, and procedural safeguards to protect confidentiality and integrity, including:

• restricted access on a strict “need-to-know” basis,

• secure physical and digital storage environments,

• controlled authentication and authorization protocols,

• segregation of sensitive information by mandate,

• internal audit and review of access logs.

Access to confidential information is granted only to individuals whose role requires such access and who are bound by equivalent secrecy obligations.

VI. Disclosure to Third Parties

Information may be shared with third parties only where indispensable to the mandate, and exclusively with:

• trusted correspondents,

• legal, tax, or fiduciary advisors,

• insurers, appraisers, or specialists,

provided such parties are subject to confidentiality duties consistent with this Charter.

Custos Fidei does not sell, trade, or otherwise commercialize information under any circumstances.

VII. Cross-Border Data Protection

Where information must be accessed or processed across jurisdictions, Custos Fidei ensures that confidentiality and data protection standards equivalent to Swiss-grade fiduciary secrecy are maintained.

No transfer is permitted to jurisdictions or parties unable to guarantee adequate protection, integrity, and professional secrecy.

VIII. Retention & Destruction of Information

Information is retained only for as long as necessary to fulfill fiduciary, legal, or institutional obligations.

Upon conclusion of a mandate, information is:

• securely archived, or

• irreversibly destroyed,

in accordance with internal retention schedules and professional standards.

Unnecessary duplication and indefinite retention are expressly avoided.

IX. Rights of the Data Subject

Clients and counterparties may, subject to fiduciary and legal constraints:

• request confirmation that information is held,

• request correction of inaccurate or incomplete information.

Requests that would compromise:

• professional secrecy,

• third-party confidentiality, or

• institutional integrity

may be lawfully restricted or declined.

X. Confidentiality of Internal Processes

Custos Fidei does not disclose:

• internal assessments,

• risk classifications,

• admission or refusal rationales,

• internal correspondence or deliberations.

Such materials form part of the institution’s protected fiduciary processes and are not subject to external access.

XI. Breach Prevention & Response

Custos Fidei maintains preventative measures to mitigate unauthorized access, disclosure, or loss of information.

In the unlikely event of a confidentiality incident, remedial actions are taken promptly to preserve integrity and limit exposure, consistent with fiduciary obligations and applicable law.

XII. Enduring Obligation

The duty of confidentiality observed by Custos Fidei is continuous and enduring.

It does not expire with time, change of circumstance, or termination of engagement.
Silence, where required, is not an omission—it is a professional obligation.

XIII. Final Provision

Custos Fidei affirms that privacy is not a concession, but a condition of trust.

Where discretion cannot be guaranteed, engagement shall not proceed.
Where confidentiality may be compromised, restraint shall prevail.

In protecting information, Custos Fidei protects what sustains all fiduciary relationships:
confidence, dignity, and the quiet continuity of value across generations.