Saffery Trust (Cayman) Limited (“STCL”) is committed to protecting the privacy and security of your
personal information.
We are responsible for deciding how we hold and use personal information. We are required under data protection legislation to notify you of the information contained in this privacy notice.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
In accordance with the Data Protection Act (2021 Revision), personal data means any information relating to a living individual who can be identified and includes data such as location data, physical, physiological, mental, economic, cultural, or social identity, an expression of opinion about the individual, and any indication of the intentions of STCL or any other person in respect of that individual. It does not include data where the identity has been removed (anonymous data). There are also categories of “sensitive personal data”, which require a higher level of protection.
STCL will typically gather the personal information about you through our client take-on process and on-boarding process, either directly from you as you complete our mandatory forms, from a third-party advisor (such as your lawyer), from publicly available sources or a subscription identification verification database. STCL also collects or generates personal data when you communicate with our staff, sign up to receive information by e-mail, or participate at a meeting, seminar, or any other event and while providing our services, and STCL may collect personal data from other sources for example to keep your information up to date using publicly available sources. STCL may collect personal information in the course of its
business relationship with you.
STCL may collect, store, and use the following categories of personal information about you:
- Personal contact details including name, title, addresses, telephone numbers, and personal email addresses.
- Former names.
- Date of birth.
- Place of birth.
- Nationality.
- Passport number and country of issue.
- Tax Identification Number.
- Tax Residency.
- Occupation (including any past occupation), name of employer, nature of employment.
- Business address.
- Whether you have held a public position or office.
- Source of funds, source of wealth information.
- Copy of driving licence or ID card, where applicable.
STCL may also collect, store, and use the following sensitive personal information:
- Information about your racial or ethnic origin.
- Medical data and information about your physical and mental health, including any medical condition, health, and sickness records.
- Information about criminal convictions and offences committed or alleged to have been
committed, including information about any proceedings, the disposal of any proceedings and any sentence imposed.
STCL uses your personal data:
- to perform the services, you contracted STCL to provide;
- to verify your identity and protect against fraud and to fulfil our Anti-Money Laundering,
Combating the Financing of Terrorism, Counter Proliferation Financing and Targeted Financial Sanctions obligations; - to communicate with you;
- to provide and improve our services our customers, including personal data of others provided to STCL or collected by STCL on behalf of our clients, for example processing identification and background information as part of our on-boarding, finance, administration, and marketing processes;
- to provide and improve our websites, including monitoring and evaluating its use;
- to promote our services, including by sending alerts, updates, event invitations etc.;
- to appoint property or other asset managers and agents in relation to the services contractually provided to you;
- to allow for the appointment of third parties who may have their own due diligence
requirements; - to comply with our legal, fiscal, regulatory and risk management obligations, including
establishing, exercising, or defending legal claims.
STCL process personal data on the following grounds:
- It is necessary for the performance of a contract with STCL to which you are a party;
- It is necessary for STCL to process personal information on your request with a view of entering into a contract;
- It is necessary for compliance with any legal obligation to which STCL is subject.
STCL may also use your personal information in the following situations, which are likely to be rare:
- Where STCL needs to protect your interests (or someone else’s interests).
- Where it is needed in the public interest (or for official purposes).
STCL processes sensitive personal information in the following circumstances:
- the data subject provides STCL with consent to process this data;
- processing this data is necessary for the purpose of, or in connection with, any legal proceeding;
- processing this data is necessary for the purposes of obtaining legal advice; or
- is otherwise necessary for the purposes of establishing, exercising, or defending legal rights.
If you fail to provide certain information when requested, STCL may not be able to provide the services you have requested, as this may prevent STCL from complying with a legal or regulatory obligations.
STCL is committed to retaining the accuracy of your personal information for as long as it is being used for the purposes set out in the policy, and provided that you keep STCL up to date. Prompt notification of any changes, such as your address, email address or telephone number, will help STCL provide you with the best possible service. Should you discover, upon a review of the personal information that you have provided, that amendments are required, please advise STCL immediately. STCL will use its best efforts to advise others of any important amendments to your personal information that STCL may have released to them.
Your personal information will solely be used for the purposes for which STCL has collected it, unless STCL reasonably considers that STCL needs to use it for another reason and if that reason is compatible with the original purpose. If STCL needs to use your personal information for an unrelated purpose, STCL will notify you and STCL will explain the legal rationale that permits STCL to do so.
Please note that STCL may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Data will be shared with third parties, including third-party service providers and entities associated with STCL. Third parties will be obliged to respect the security of your data and to treat it in accordance with the law in the jurisdiction in which they operate. Information will only be shared with Third Parties when STCL is required by law to do so or in order to provide the requested services.
‘Third parties’ includes third-party service providers (including contractors and designated agents). The following are examples of the types of third-party services that may require data from STCL:
- Archive data storage
- Registered office/agent facilities
- Regulatory Compliance
- Legal advice
- Tax advice
- Investment advice
- Banking and brokerage services
In order to provide the requested services, STCL may transfer your personal data to recipients abroad, including but not limited to Guernsey and Switzerland. STCL may sometimes transfer data to countries that do not provide the same level of protection as Cayman Islands law. STCL may also transfer personal data with your explicit consent and in certain other situations as permitted by applicable law.
Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. STCL does not envisage that any decisions will be taken about you using automated means, however STCL will notify you in writing if this position changes.
STCL has put in place appropriate security measures to prevent your personal information from being accidentally lost or destroyed or used or processed in an unlawful way. STCL is proactive on security threats. Security controls designed to protect client data are implemented. Replication of key system data, backup and regular maintenance provide security, fault tolerance, and tightly controlled limited access. Enhanced security controls further protect client data from external threats.
In addition, STCL limits access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and where they have agreed to treat the information confidentially and keep secure. STCL has put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where STCL is legally required to do so.
STCL is obliged to retain your personal information for at least 5 years after the termination of our business relationship. The length of time STCL retains your personal information will depends on:
- the purposes for which STCL processes your personal data.
- any legal or regulatory requirement STCL may have to meet.
Once STCL’s legal obligations are completed, STCL will securely destroy your personal information in accordance with applicable laws and regulations.
You are entitled to:
- Request access to your personal information (commonly known as a ‘data subject access request’) and any information available to STCL about the source of that data.
- Request correction of the personal information that STCL holds about you. This enables you to have any incomplete or inaccurate information STCL holds about you corrected.
- Request the transfer of your personal information to another party.
The above requests must be made in writing.
If you request access to your information, STCL will endeavour to fulfil your request within 30 days of the request being made and any fee being paid. However, the 30 day period will be suspended if STCL requires additional time to locate the information requested or if STCL requires any additional information from you in order to process your request. If additional time is required, STCL will inform you in writing.
STCL reserves the right to request specific information from you to help STCL confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who is not entitled to receive it.
STCL will not charge you any additional fees to access to your personal information if your request is substantiated and you wish to exercise your rights. However, STCL may charge a reasonable fee if your request for access is repetitive, fraudulent, manifestly unfounded, or excessive. Alternatively, STCL may refuse to comply with the requests that STCL deems unfounded or excessive.
Please note that your rights to request access may differ from those stated above if the data held by STCL consists of information:
- In respect of which legal professional privilege applies; or
- Related to any structure that is an ordinary trust, any structure or arrangement established pursuant to the Trusts Act, or any wills made pursuant to the Wills Act.
At any time, you can make a request in writing to STCL to request that STCL cease processing, not begin processing or cease processing for a specified purpose or in a specified manner, your personal data.
STCL will comply with this request within 21 days unless the processing is necessary:
- For the performance of a contract to which you are a party or the taking of steps at your request with a view of entering into a contract; or
- For compliance with any legal obligation to which you are subject.
In such circumstances, STCL will notify you in writing of the reason for non-compliance with your request.
This Notice does not form part of any contract to provide services.
STCL reserves the right to update this Privacy Notice at any time.
STCL has appointed a Data Protection Officer to oversee compliance with this Privacy Notice.
If you have any questions about this Privacy Notice or how STCL handles your personal information, please contact the following:
Sonia Bowditch – Data Protection Officer
Email: [email protected]
Telephone: 44(0)1481 705346