Privacy Notice

The Company can be contacted at the following address:

Beauvoir Group
1st Floor
Tudor House
Le Bordage
St. Peter Port
Guernsey
GY1 3DB

1. All personal data supplied to Beauvoir Group will be processed by Beauvoir Group in accordance with applicable Data Protection Law, the provisions set out under these Standard Terms, Beauvoir Group’s Privacy Notice and any other applicable service agreement. This notice contains further information on how Contracting Party’s information is used, how we maintain the security of Contracting Party’s information and Contracting Party’s rights to access information we hold on Contracting Party.
2. Where the Contracting Party is a natural person, Contracting Party confirm that Contracting Party have read and understood the terms in this Privacy Notice.
3. Where the Contracting Party is acting on behalf of underlying data subjects (including the Managed Entity), the Contracting Party represents and warrants that Contracting Party:
   1. have complied with and will continue to comply with the provisions of the applicable Data Protection Law in relation to any personal data that Contracting Party provide to Beauvoir Group;
   2. are satisfied that there is a legitimate basis under any applicable Data Protection Law for providing such personal data to Beauvoir Group, and where the basis relies on consent, should such consent be revoked by the data subject, the Contracting Party is responsible for communicating the fact of such revocation to Beauvoir Group;
   3. have brought this Privacy Notice to the attention of any underlying data subjects on whose behalf or account the Contracting Party may act or whose personal data will be disclosed to Beauvoir Group by virtue of the Services.
4. Beauvoir Group and the Contracting Party shall each:
   1. be responsible for and control any personal data which it processes in relation to or arising out of Beauvoir Group’s Standard Terms and any other applicable service agreement;
   2. take appropriate technical and organisational measure against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to the personal data;
   3. mutually assist the other with their respective responsibilities under the applicable Data Protection Law, especially with regard to the exercising of data subjects’ rights, the provision of notices to data subjects in accordance with clause 4.c.iii (which also includes giving notice that, on termination of the parties’ business relationship, personal data relating to such data subjects may be retained or disclosed in accordance with Beauvoir Group’s Standard Terms).
5. Beauvoir Group shall treat as confidential all information provided to it by the Contracting Party or Managed Entity that such contracting Party or Managed Entity identifies to Beauvoir Group as confidential (or which due to its nature, would reasonably be expected to be treated as confidential), including personal data, and Beauvoir Group may disclose or use such information in the following circumstances:
   1. to its Associated Companies and each of its employees, agents, delegates, subcontractors or service providers or professional advisors in order to provide the Services or services ancillary thereto or to the Contracting Party’s or Managed Entity’s auditors, accounts, legal advisers, bankers or other professional advisers;
   2. to comply with any requirement of law, regulation or of a professional body of which Beauvoir Group is a member or any request by any securities exchange, listing authority or regulatory or governmental body whether or not the requirement of the information has the force of law;
   3. where required or requested to so disclose to competent authorities, courts and bodies in order to provide the Services, comply with law or comply with requests from such regulatory bodies;
   4. where required or requested to so disclose to any tax authorities and such disclosure may include, but is not limited to, any requirement to exchange information for fiscal or other purposes or pursuant to any notices properly issued under any Tax Information Exchange Agreements or other similar arrangements and in each case whether or not any of them are strictly binding or capable of being enforced against Beauvoir Group;
   5. to provide the Contracting Party or Managed Entity with information about Beauvoir Group and Beauvoir Group’s range of services for marketing purposes, where permitted to do so;
   6. for quality, business analysis, training, investigation and fraud prevention purposes, for crime detection, prevention, investigation and prosecution, including through monitoring and recording calls and electronic communications from time to time, and to enforce or defend Beauvoir Group’s rights either ourselves or through third parties with whom Beauvoir delegates such responsibilities or rights.
6. Beauvoir Group shall retain personal data (including personal data processed in order to conduct Regulatory Assessments) for as long as required to perform the Services, provide future services entered into by Beauvoir, or as required by law.
7. Without prejudice to the generality of clause 2.a, where Beauvoir Group processes personal data as a processor on the behalf of the Contracting Party or Managed Entity, Beauvoir Group shall
   1. only process the personal data as necessary to perform its obligations under these Standard Terms and any other applicable service agreement or as required by laws applicable to it, save that where Beauvoir is required by applicable laws to process personal data contrary to Beauvoir Group’s Standard Terms and any other applicable service agreement, it shall:
      1. inform the Contracting Party of that requirement before performing the processing required by the applicable laws (unless prohibited by Enactment); and
      2. immediately inform the Contracting Party if, in Beauvoir Group’s opinion, an instruction given by the Contracting Party to Beauvoir breaches the Data Protection Law or any other Enactment applicable to it;
   2. comply with reasonable written instructions notified to it in advance by the Contracting Party with respect to the processing of the personal data
   3. maintain reasonable technical and organisational measures in order to:
      1. ensure the security of processing of the personal data; and
      2. provide reasonable assistance to the Contracting Party or Managed Entity to fulfil its obligation to respond to requests for exercising of data subject rights (including access requests) set out in Part III of the Data Protection Law (Data Subject Rights);
   4. ensure that all of its staff who have access to and/or process personal data have committed themselves to appropriate obligations of confidentiality; and
   5. subject to clause 4.8 below, not transfer any personal data outside of the EEA, save such transfers are permitted where there is a mechanism for data subjects to enforce their rights and obtain effective legal remedies and the data exporter can demonstrate that it has relied on one or more safeguards, for example, in particular, where such a transfer is required to deliver the Services or otherwise with the prior written consent of the Contracting Party;
   6. assist the Contracting Party or Managed Entity, at the Contracting Party’s cost, in responding to any request from a data subject and in ensuring compliance with its obligations under applicable Data Protection Law with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
   7. notify the Contracting Party without undue delay on becoming aware of a Reportable Breach;
   8. on termination or expiry of the Services or otherwise at the written direction of the Contracting Party, securely delete or return personal data and copies thereof to the Contracting Party or Managed Entity (in a mutually agreed format and by a mutually agreed method) on termination of these Standard Terms (and any applicable service agreement) save as required by applicable law;
   9. maintain complete and accurate records and information to demonstrate its compliance with this clause 4.6; and
   10. enter into a legally binding agreement in writing with the controller in compliance with section 34(3) of The Data Protection Law (as may be amended from time to time).
8. Notwithstanding any other provisions of these Standard Terms to the contrary, Beauvoir Group is authorised to engage other processors to process the personal data and confirms that it has entered or (as the case may be) will enter with the third party processor into a written agreement incorporating terms which are substantially similar to those set out in clause 4.6.
9. The Contracting Party acknowledges that Beauvoir may need to transfer personal data outside of the Bailiwick of Guernsey and the EEA as more fully set out in the Privacy Notice, where this is necessary to perform the Services in accordance with Beauvoir Group’s Standard Terms (and any other applicable services agreement) or to provide information to an affiliate or authorised third party in relation to the provision of the Services or services ancillary thereto.
10. The Contracting Party acknowledges that Beauvoir Group shall be entitled to disclose to any authorised third parties, such as banking and other institutions with which Beauvoir wishes to conduct or conducts a business relationship, any personal data that is required to be provided in order to further that relationship, comply with contractual obligations in respect of these Standard Terms and/or to comply with anti-money laundering and other regulatory requirements, whether or not they are mandatory. This includes information in relation to the Contracting Party or Managed Entity, as well as parties connected to the Contracting Party, the entity or any underlying customers.
11. Notwithstanding any other provisions contained in these Standard Terms, the Contracting Party shall, immediately on demand, fully indemnify Beauvoir Group and the Indemnified Parties and keep Beauvoir Group and the Indemnified Parties fully and effectively indemnified against all costs, claims, demands, expenses (including legal costs and disbursements on a full indemnity basis), losses (including indirect losses and loss of profits, business and reputation), actions, proceedings and liabilities of whatsoever nature arising from or incurred by us or the indemnities in connection with any failure by the Contracting Party to comply with the provisions of this clause 4 and/or applicable Data Protection Law in respect of the processing of the personal data
12. The Contracting Party and/or the Managed Entity, as applicable, authorises Beauvoir Group to act (and Beauvoir Group agrees to act) as levy collection agent in relation to the annual levy payable by Beauvoir Group (as levy collection agent) on the Contracting Party and/or the Managed Entity's behalf under The Data Protection (General Provisions) (Bailiwick of Guernsey) Regulations, 2018.

The personal data collected from Contracting Party or provided by Contracting Party, or on Contracting Party’s behalf in connection with Contracting Party’s application may be processed by the Company (or any of its affiliates, agents, employees, delegates or sub-contractors) for the following purposes:

1. Performance of the contract
   1. to facilitate the opening of Contracting Party’s account with the Company and any related account on an on-going basis which are necessary for the fulfilment of Contracting Party’s contract with the Company;
2. Compliance with a legal obligational
   1. in order to carry out anti-money laundering checks and related actions which the Company, considers appropriate to meet any legal obligations imposed on the Company relating to the prevention of fraud, money laundering, terrorist financing, bribery, corruption, tax evasion and to prevent the provision of financial and other services to persons who may be subject to economic or trade sanctions, on an on-going basis, in accordance with the Company's anti-money laundering and countering the financing of terrorism procedures;
   2. to report tax related information to tax authorities in order to comply with a legal obligation;
   3. to disclose information to other third parties such as service providers of the Company, auditors, regulatory authorities and technology providers;
   4. to retain AML and other records of individuals to assist with the subsequent screening of them by the Company in pursuance of the Company’s and its clients' legitimate interests;
3. Consent

Contracting Party’s consent is not required to process Contracting Party’s personal data for the purposes referenced above. However, in order to process Contracting Party’s personal data for the purposes of direct marketing, the Group seeks Contracting Party’s consent. Please see the section below which deals exclusively with consent for that purpose.

From time to time, the Company, may send Contracting Party information about other products and services that they offer by letter, by telephone, by email or by other reasonable means of communication. Contracting Party have a right not to receive such information.

If Contracting Party consent to receive such information and/or marketing material, please contact us.

Contracting Party have a right to withdraw this consent at any time. However, Contracting Party’s withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Contracting Party can withdraw Contracting Party’s consent by contacting the Company at the address above. Contracting Party also have a right to object to the processing of Contracting Party’s personal data for direct marketing purposes

The Company may share Contracting Party’s personal information as follows:

1. with third party service providers engaged by the Company in order to process the data for the above mentioned purposes. These data processors will handle Contracting Party’s information in accordance with applicable Data Protection Legislation; and
2. to competent authorities (including tax authorities), courts and bodies as required by law or requested or to affiliates for internal investigations and reporting.

The disclosure of personal information to the third parties set out above may involve the transfer of data to the USA and other jurisdictions outside the European Economic Area (EEA) in accordance with the requirements of the Data Protection Legislation. Such countries may not have the same data protection laws as Contracting Party’s jurisdiction. The Company will put in place Standard Contractual Clauses with relevant parties to whom personal data will be transferred. Please contact the Company for copies of the Standard Contractual Clauses that have been entered into on behalf of the Company.

The Company and the Administrator will retain Contracting Party’s personal information for as long as required for the Company or the Administrator to perform investigations depending on whether additional legal/regulatory obligations mandate that the Company retains Contracting Party’s personal information. The Company will keep information for the periods required by the legislation.

Please note that Contracting Party have the following rights under the Data Protection Legislation in relation to Contracting Party’s personal information. In each case, the exercise of these rights is subject to the provisions of the Data Protection Legislation.

1. Contracting Party have a right to fair processing information to be provided to Contracting Party in the form of a privacy policy or a data collection statement:
2. Contracting Party have a right of access to and the right to amend and rectify Contracting Party’s personal data:
3. Contracting Party have the right to have any incomplete personal data completed;
4. Contracting Party have a right to lodge a complaint with a supervisory authority, in particular in the Member State of Contracting Party’s habitual residence, place of work or place of the alleged infringement if Contracting Party consider that the processing of personal data relating to Contracting Party carried out by the Company infringes the Data Protection Legislation;
5. Contracting Party have a right to request that Contracting Party’s personal information is erased (in certain specific circumstances);
6. Contracting Party have a right to restrict processing (in certain specific circumstances);
7. Contracting Party have a right to data portability (in certain specific circumstances);
8. Contracting Party have the right to object to processing on grounds of public interest in two cases. The first is where an organisation says it is processing Contracting Party’s personal data based on the grounds that is in their ‘legitimate interests’. The second is where a public authority says it is processing Contracting Party’s personaldata based on the grounds that is in the ‘public interest’.
9. have the right to object to processing where personal data is being processed for marketing purposes and also where the Company is processing personal data for legitimate interests;
10. Contracting Party have the right to make a complaint in writing to the Office of the Data Protection Authority if the Contracting Party consider that the Company has breached or is likely to breach this policy, and the breach involves or affects any personal data relating to Contracting Party, or any of Contracting Party’s data subject rights.