Privacy Policy

Preamble

Welcome to the Beauclerc Group’s data protection privacy notice.

The Beauclerc Group respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data that we hold and tell you about your privacy rights and how laws protect you.

1. Purpose of this privacy notice

This privacy notice aims to give you information on how the Beauclerc Group collects and processes your personal data. Beauclerc Group is subject to data protection law under the Data Protection (Bailiwick of Guernsey) Law, 2017 (“DP Law”), as amended to incorporate legislation equivalent to EU Regulation 2016/679 (the General Data Protection Regulation or “GDPR”).

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your data. This privacy notice is intended to deal with information you provide to us.

2. Controller

The Beauclerc Group is made up of two different legal entities:

  • Beauclerc Limited, incorporated and registered in Guernsey (no. 53935);
  • Beauclerc Advisory Services Limited, incorporated and registered in the United Kingdom (no. 07759898).

This privacy notice is issued on behalf of the entire Beauclerc Group, so when we mention “we”, “us” or “our” in this privacy notice, we are referring to the relevant company in the Beauclerc Group responsible for processing your data.

Beauclerc Limited is the controller of data provided to the Beauclerc Group.

Our Data Protection Officer is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the Data Protection Officer using the details set out below.

Beauclerc Limited
Suite 9, Second Floor, La Plaiderie Chambers
La Plaiderie, St Peter Port, GY1 1WG Guernsey

Data Protection Officer: Ms Rozalia Maubec Email address: Rozaliak@beauclerc.gg

If you are unhappy with our treatment of your personal data, you have the right to make a complaint at any time to the Data Protection Officer or Information Commissioner’s Office in the jurisdiction in which you live or the data controller responsible for your personal data operates. We would, however, appreciate the chance to deal with your concerns before you approach such authorities so, please contact us in the first instance.

Contact details for the relevant authorities:

Guernsey:
The Office of the Data Protection Authority
Block A, Lefebvre Court, Lefebvre Street, St Peter Port, GY1 2JP
https://www.odpa.gg/contact

United Kingdom:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
https://ico.org.uk/make-a-complaint/

3. Changes in the privacy notice and your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

4. Data we collect about you 

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity of the individual has been removed (anonymous data).

In the course of providing services to you, we may collect, use, store and transfer different kinds of personal data about you which we have grouped together, but is not necessarily limited to, as follows:

  • Identity Data (first name, maiden name, last name, title, date of birth and gender, marital status, occupation);
  • Information which we need to conduct ‘know your client’ checks such as details relating to your passport;
  • Contact Data (postal and email address and telephone numbers);
  • Financial information, including investments, account details, risk appetite and evidence of ownership of financial assets;
  • Technical Data (internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website).

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data); with the very limited exception where our money laundering, sanctions, financial crime and fraud prevention checks may result in us obtaining information about political opinion, actual or alleged criminal convictions and offences.

5. How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To register you as a potential new client
  • Where we need to fulfil the contract agreement we are about to enter into or have entered into with you;
  • To manage our relationship with you which will include:
    • Notifying you about changes to our terms or privacy policy
    • Informing you of the performance of your portfolio
  • In connection with the Company’s internal management and reporting, and to administer and protect our business, including:
    • Troubleshooting
    • Data analysis
    • Testing
    • System maintenance
    • Support
    • Hosting of data
  • To communicate with you and to charge for our services in accordance with our agreement with you;
  • In order to send you further information about our services; and/or make suggestions and recommendations to you about our services that may be of interest to you;
  • To use data analytics to improve our website, products/services, marketing, client relationships and experiences;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  • Where we need to comply with a legal or regulatory

We do not make use of automated processing or decision making.

6. Third-party marketing

We will never share your personal data with any company outside the Beauclerc Group for marketing purposes.

7. Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact the group Data Protection Officer.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

8. Disclosures of your personal data

We may have to share your personal data with external third parties, such as:

  • Service providers (acting as processors) who provide services to the Beauclerc Group, its clients and employees such as IT and system administration services and company registrations or agencies
  • Professional advisers (acting as processors or joint controllers) including lawyers, bankers, auditors and insurers who provide services to the Beauclerc Group, its clients and employees such as consultancy, banking, legal, intelligence, insurance and accounting services

where this is required by law, where it is necessary to fulfil our contract with you, or where we have another legitimate interest in doing so.

We require all external third parties to treat your personal data in accordance with the European Economic Area (EEA) data protection laws.

9. International transfers of data

We may share your personal data with external third parties domiciled or operating in countries outside the EEA, only after having taken action to ensure that your personal data will be treated with a similar level of protection than in the EEA and Guernsey.

If you want further information on the specific mechanism used by us when transferring your personal data out of the EEA, please contact the Group Data Protection Officer.

10. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you without undue delay and any applicable regulator of a breach where we are legally required to do so.

Sending information over the internet to us is generally not completely secure, and we can’t guarantee the security of your data while it’s in transit. We have procedures and security features in place to keep your data secure once we receive it.

11. Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete your data.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

12. Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

  • Right of subject access: the right to make a written request for details of information about you held by the Company and a copy of that information.
  • Right to rectification: the right to have inaccurate information about you rectified. You must provide any relevant updates to your personal data held by the Company promptly to ensure its accuracy.
  • Right to erasure (‘right to be forgotten’): the right to have certain information about you erased.
  • Right to restriction of processing: the right to request that your information is only used for restricted purposes.
  • Right to object: the right to object to the use of your information, including the right to object to marketing.
  • Right to data portability: the right, in certain circumstances, to ask for information you have made available to us to be transferred to you or a third party in machine-readable formats.
  • Right to withdraw consent: the right to withdraw any consent you have previously given us to handle your information. If you withdraw your consent, this will not affect the lawfulness of the Company’s use of your information prior to the withdrawal of your consent.

If you wish to exercise any of the rights set out above, please contact the Data Protection Officer.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. These rights are not absolute: they do not always apply and exemptions may be engaged.

13. What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

14. Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.