For the purposes of the Data Protection (Bailiwick of Guernsey) Law, 2017 (as may be amended from time to time) (“Guernsey Data Protection Law”) the data controllers are Lancaster Trustees Limited, Lancaster Investment Services Limited, Lancaster Management Limited, Lancaster Holdings Limited, Coningsby Limited, Scampton Limited, Veltro Limited and Whitley Limited (together referred to herein under the trading name “Lancaster Guernsey” or “we”, “us”, “our”).
Lancaster Trustees Limited, Coningsby Limited, Scampton Limited, Veltro Limited and Whitley limited are licensed by the Guernsey Financial Services Commission (“GFSC”).
Lancaster Investment Services Limited holds a license under The Protection of Investors (Bailiwick of Guernsey) 1987 (as amended).
This privacy statement aims to give you information about how your personal data (i.e. information which directly or indirectly identifies you) is processed by us both when you visit our website http://www.lancaster.gg and as a client of the company.
On this basis, this privacy statement comprises two Parts: Part 1 sets out to visitors of this website, how we process the personal data collected through this website; and Part 2 provides further information about how we process your information where you are a client of ours.
PART 1: VISITORS OF THIS WEBSITE
Information collected by you accessing our website:
All visitors may visit this website anonymously and without revealing any personal information unless they specifically contact us. We may employ the services of a third party to host the website. In some cases, the third party may receive certain information such as traffic data to find out information, such as how many people visit the website.
We may also monitor visitors’ jurisdictions, domains, browsers, internet service providers and other available data but we do not collect any personal information. We may analyse the data collected for market research purposes. We may also collect data provided to us by visitors’ browsers about the type of systems they use.
Information collected where you submit information to us (e.g. as an enquiry)
To the extent that you submit any personal information to us as a prospective client, or as an existing client in respect of a prospective matter, we will assume (unless you notify us to the contrary) that such information is not subject to confidentiality requirements owed to you unless you become a client, in which case relevant rules concerning conflicts of interest and confidentiality will apply.
If you call us: we do electronically record telephone conversations in ‘real time’, and may keep a manual record of telephone notes following any conversation. Such records may be retained, in accordance with our retention policy below (‘Retention’), to help us monitor enquiries which have been declined (for example due to conflict of interest).
If you email us: We may monitor emails sent to us, including file attachments, for viruses or malicious software and in order to help us monitor enquiries which have been declined.
If you are applying for a job, please see our heading ‘Recruitment’ below.
If you would like to apply for a job or placement with us, please email the Managing Director at firstname.lastname@example.org. This may trigger an email from us to you inviting you to send us your curriculum vitae. Any information you send us for the purpose of a job application will be treated by us with the greatest care for that purpose only. Upon receipt, our recruitment personnel will make an informed decision as to whether to proceed with your application and invite you to attend an interview. All of the information gathered during the application/recruitment process will be taken into account when making our decision.
If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained on our recruitment records for a period of 6 months. If you say yes, we will contact you should any further suitable vacancies arise during this period. Following this time, we will securely dispose of your information in accordance with our Records Retention policy.
PART 2: OUR CLIENTS: HOW WE USE YOUR DATA
Categories of personal data:
We will principally collect information from you such as name, date of birth, residential address, gender, marital status, telephone and other contact details, driver’s licence or passport details, debit or credit card details, financial information, tax status and tax identification number, and employment information. This will generally be collected directly from you, for example when you fill out a form or correspond with us.
We may also collect personal data about you indirectly from other sources as follows:
Information (such as the categories of personal data described above) received from another person (for example, where an individual or corporate provides information on your behalf).
Where we are required to ascertain the beneficial ownership of a structure, we may carry out checks against the business;
Where permitted, we may receive personal information from third parties acting on our behalf such as credit reference agencies, due diligence databases (such as WorldCheck) and other public sources (such as internet searches, an electoral register, address databases (e.g. directories) and UK Companies House).
In limited cases, we may also collect “special categories” of data. Our money laundering, sanctions, financial and fraud prevention checks may, sometimes, result in us obtaining information about actual or alleged criminal convictions and offences, as well as (for example) information relating to a person’s ethnicity, political opinions or religious beliefs. To the extent that we process such data, we will ensure that we have a lawful basis for processing. This may either be because we are required to comply with a legal obligation imposed by enactment, or because we have obtained your prior explicit consent. In the case of consent you have a right to withdraw your consent at any time.
Why we process your personal data:
Lancaster Guernsey is entitled to process your personal data on the following legal grounds:
a) where the processing is necessary to comply with our contractual obligations under the terms of our Terms and Conditions of Business and other supplemental agreements;
b) where the processing is necessary for us to comply with our legal obligations (e.g. as set out by law or imposed on us by way of a court order); and
c) where the processing is necessary to provide the services in our legitimate interests (such as those described in sub-paragraphs (i), (ii), (iv) (in the case of fraud checks), (vii) and (viii).
Personal data processed by Lancaster Guernsey may be used in a number of ways, including:
(i) providing the relevant services as defined under the Terms and Conditions of Business and any other applicable service agreement “Services” and the services ancillary thereto, including for:
a. maintaining and using relevant IT systems;
b. conducting quality and risk management reviews;
c. updating your records (including fee billing) as part of the provision of the Services;
(ii) providing you with information about Lancaster Guernsey and Lancaster Guernsey’s range of services for marketing purposes, where permitted to do so;
(iii) complying with any requirement of law, regulation or of a professional body of which Lancaster Guernsey is a member;
(iv) detecting and preventing financial crime such as fraud, money laundering, terrorist financing, bribery, corruption, tax evasion or facilitation of tax evasion and to prevent the provision of financial and other services to persons who may be subject to economic or trade sanctions, on an ongoing basis in accordance with Lancaster Guernsey’s anti-money laundering checks and procedures (“Regulatory Assessments”) as more fully described under the heading “Client Due Diligence, Anti-Money Laundering, Countering The Financing Of Terrorism And Anti-Bribery And Corruption” below;
(v) transferring personal data to competent authorities, courts and bodies in order to provide the Services, comply with law or comply with requests from such regulatory bodies;
(vi) reporting tax-related information to tax authorities in order to comply with a legal obligation;
(vii) monitoring and recording calls and electronic communications for quality, business analysis, training, investigation and fraud prevention purposes, for crime detection, prevention, investigation and prosecution, and to enforce or defend Lancaster Guernsey’s rights either ourselves or through third parties with whom Lancaster Guernsey delegates such responsibilities or rights;
(viii)retaining personal data (including personal data processed in order to conduct Regulatory Assessments) for as long as required to perform the Services, to provide future services entered into by Lancaster Guernsey, or as required by law; and
(ix) where applicable for employee services and payroll.
We do not intend to make decisions using your personal data based on automated processing.
Client Due Diligence, Anti-Money Laundering, Countering The Financing Of Terrorism And Anti-Bribery And Corruption
We are required to verify the identity, obtain and hold other information on all our clients and connected persons in relation to any type of entities we administer. In this context, ‘connected persons’ includes (as applicable) representatives, office holders, employees, beneficial owners, agents, delegates, subcontractors or, in the case of a trust, underlying beneficiaries, settlor, protector and any other person connected to a trust as may apply from time to time. Lancaster Guernsey may also provide fiduciary, corporate or investment services not listed in this section (such as foundations) which require us to identify, obtain and hold information on the clients and connected persons as may apply from time to time.
We recognise our local and international responsibilities to prevent any use of the financial system for purposes connected to the proceeds of crime or corruption. We take a zero-tolerance approach to tax evasion, bribery and corruption and are committed to upholding all applicable laws in relation to countering tax evasion, bribery and corruption. We will report to the relevant authorities any knowledge or suspicion of money laundering, including that relating to drugs, terrorism, bribery or indictable crime in line with our statutory duties. These duties override the duty of client confidentiality.
Who we share your personal data with:
This may involve the disclosure of personal information to:
(a) third party institutions such as banks or professional advisers (including those persons connected to entities we administer and those appointed by Lancaster Guernsey);
(b) external technology providers who provide certain software or tax reporting capabilities including mail filtering services;
(c) courts, governmental and non-governmental regulators and ombudsmen, law enforcement agencies, relevant tax authorities, fraud prevention agencies (as described under the heading ‘Client Due Diligence, Anti-Money Laundering, Countering The Financing Of Terrorism And Anti-Bribery And Corruption’ above);
(d) any introducers – such as financial advisers; and
(e) any third party that acquires, or is interested to acquire, all or part of our assets or shares whether by way of a merger, acquisition, reorganisation or otherwise; or where we are otherwise required by law.
All personal data supplied to and processed by Lancaster Guernsey will be processed in accordance with the Guernsey Data Protection Law. Other than where we transmit data to you in the course of providing the Services, Lancaster Guernsey may need to transfer the personal data to a jurisdiction outside of Guernsey (and in certain circumstances outside the European Economic Area (“EEA”)), to a jurisdiction which may not ensure adequate levels of protection for the rights and freedoms of data subjects).
In those circumstances, Lancaster Guernsey will take steps to ensure that a high level of protection is afforded to protect your personal data against any unauthorised or accidental disclosure, access or deletion, such as putting in place Standard Contractual Clauses as approved by the European Commission, or other appropriate data transfer mechanisms.
We will hold your personal data on our systems for the longest of the following periods:
A minimum of six years; or
as long as is necessary for the relevant activity or as long as is set out in any relevant agreement you enter into with us;
the length of time it is reasonable to keep records to demonstrate compliance with professional or legal obligations;
any retention period that is required by law;
the end of the period in which litigation or investigations might arise in respect of the services that we provide to you
Lancaster Guernsey takes the protection of your personal information seriously, and has appropriate security measures and policies in place to address this. All our staff are made aware of their information security responsibilities.
In accordance with the Guernsey Data Protection Law, you may have a right (in certain circumstances):
to access and port personal data (subject to any exemptions which may apply under the Guernsey Data Protection Law);
to rectify or erase your personal data;
to restrict the use of personal data;
to request that your personal data is erased; and
to object to having your personal data processed.
Should you wish to access a copy of your personal data, please contact us in writing at Lancaster Guernsey, PO Box 260, 2nd Floor, West Wing, Dorey Court, Admiral Park, St Peter Port, Guernsey GY1 4LL with proof of identity.
If you wish to exercise any of these rights you should contact us using the details set out under the heading ‘Contact Us’ below.
You also have the right to lodge a complaint about the processing of your personal data with your local data protection authority if you consider that the processing of your personal data carried out by us infringes the Guernsey Data Protection Law.
Complaints may be made to The Office of the Data Protection Commissioner in Guernsey. For further information about how to contact the Office or how to appeal against a decision issued by the Office, please visit the website at: https://dataci.gg/
If you have any questions about this privacy statement or our privacy related practices, please contact us at: email@example.com marking your e-mail for the attention of the Data Protection Officer or write to us at The Data Protection Officer, Lancaster Guernsey, PO Box 260, 2nd Floor, West Wing, Dorey Court, Admiral Park, St Peter Port, Guernsey GY1 4LL Channel Islands
This privacy statement was last updated on 02 November 2018 and may be updated from time to time. Where we do so, we will take appropriate steps to bring this to your attention.