Click on the relevant link below to access our Privacy Notices:
Mourant Group - Privacy Notice
Mourant Services (Jersey) Limited - Client Feedback Privacy Notice
Mourant Governance Services (Jersey) Limited – Client Administered Entities Privacy Notice
MourantGS Fund Services (Jersey) Limited – Client Administered Entities Privacy Notice
Mourant Group - Privacy Notice
General
This Privacy Notice sets out how the Mourant Group processes data, whether on individuals (including personal data in respect of individuals who are clients, intermediaries or other third parties we interact with, or any individual who is connected to those parties) or otherwise. Where the data held are on individuals, this document also sets out the rights of those individuals in respect of that data.
In this Privacy Notice, "Data Protection Legislation" means all applicable legislation relating to privacy or data protection in force from time to time in any of the jurisdictions in which we operate (as the same may be amended and/or updated from time to time), including without limitation, the EU General Data Protection Regulation 2016/679 (GDPR), Hong Kong's Personal Data (Privacy) Ordinance (Ch.486) (PDPO) and Singapore's Personal Data Protection Act (No.26 of 2012) (PDPA). The terms "controller" or "processor" will have the same or equivalent meaning as given to it under applicable Data Protection Legislation, save in respect of Hong Kong where "controller" should be construed as meaning "data user" as defined in the PDPO and, in Singapore, where "controller" should be construed as meaning the "organisation" and "processor" should be construed as meaning "data intermediary" as respectively defined in the PDPA. We use the terms "controller" and "processor" throughout this Privacy Notice for consistency.
Any questions in relation to this Privacy Notice or requests in respect of personal data should be directed to dataprotection@mourant.com in the first instance. Alternatively, in the case of Singapore, please contact Simon Berry by e-mail at simon.berry@mourant.com or telephone +65 6801 4590.
We use cookies on our website. This Privacy Notice should be read alongside our Cookie Policy.
Who we are
The Mourant Group is an international law firm, governance services provider, and regulatory and compliance consulting business operating in the British Virgin Islands, the Cayman Islands, Guernsey, Jersey, Hong Kong, Luxembourg, Mauritius, Singapore, and the United Kingdom. References to "Mourant", "we", "our", or "us" means the relevant Mourant company, partnership, or limited liability partnership responsible for processing your data. Details of the relevant Mourant entity will be set out in the engagement letter under which we provide services to you.
Details of the Mourant entities who may process your data are provided at the end of this Privacy Notice.
The data we hold
The types of data which we collect about you will vary depending on a variety of factors, including the nature of the relationship between you and us and the services that we are asked to provide.
The types of data we may collect, and process includes:
- Contact details (including names, postal addresses, email addresses and telephone numbers);
- Information required for Mourant to meet its legal and regulatory requirements in particular in respect of anti-money laundering legislation (including information on source of funds and source of wealth);
- Information provided in the course of the provision of our services (for example, information on professional relationships and background, financial wealth and assets held, transactions entered into, tax status, disputes and court proceedings engaged in);
- Financial information, such as payment related information;
- Professional interests and preferences with respect to marketing interactions, events attended by clients, industry professionals, employees and other invited third parties;
- Photographs, images and video footage obtained during visits to events hosted or co-hosted by us or at our offices;
- Meetings attended and visits to our offices; and
- Any other information you may provide to us.
We will collect your data only where we are legally permitted to do so, and only to the extent it is appropriate and necessary for one or more of the purposes described below.
Purposes of processing
We use data (including personal data of individuals) for the following purposes. The table below also sets out the lawful basis that we are relying on in each case:
Purpose
Lawful Basis for Processing
To enter into client relationships and provide our services (including legal, governance, regulatory and consultancy services).
Any one or more of the following:
Our legitimate interests as a provider of legal, governance, regulatory and consultancy services to process personal data for the purpose of providing those services. Personal data will only be processed under this lawful basis in circumstances where we can balance your legitimate interests with our own in accordance with applicable Data Protection Legislation.
Where the client is an individual, we will process personal data to perform the contract that we have entered into with the individual to provide our services.
We may also process data (including personal data) for us to comply with a legal or regulatory obligation (other than one imposed on us by contract).
The processing is necessary for legal proceedings, including obtaining legal advice or establishing, exercising, or defending legal rights (including conflicts of interest checks, anti-financial crime procedures, client and matter management including billing and debt collection) and in accordance with applicable Data Protection Legislation.
In instances where an individual has been provided with this Privacy Notice and provides us with personal data thereafter, the processing may be carried out on the basis of consent given by you. We will only seek to rely upon your consent where no other legal basis is available to us, and your consent may be withdrawn at any time by writing to dataprotection@mourant.com.
To manage our client, intermediary and other business relationships.
Our legitimate interests to seek to ensure our business is conducted efficiently and with a view to enhancing client service.
To ensure the security of Mourant systems, staff, and premises (including the use of CCTV equipment).
Our legitimate interests to protect our systems, staff, and premises from being misused or the victim of any criminal activity.
To provide access to any of our client portals or other digital client solutions (including cloud-based platforms and subscription application services) (each a, Digital Solution).
The legitimate interests of Mourant and the user of our Digital Solution for the communication, processing, and storage of relevant material (such use being subject to the terms and conditions of the relevant Digital Solution).
In instances where any user of a Digital Solution has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent. We will only seek to rely on your consent where no other legal basis is available to us and your consent may be withdrawn at any time by writing to dataprotection@mourant.com.
To provide our contacts with marketing material, to invite contacts to events (including virtual events organised by us and hosted on third party platforms) which may be of interest to them and to participate in competitions and to manage such mailings and events.
Where permitted by applicable Data Protection Legislation, our legitimate interests as a provider of legal, governance, regulatory and consultancy services to process personal data to communicate with persons on topics and events which may be of interest to those individuals.
In accordance with applicable Data Protection Legislation, the right of those individuals to unsubscribe from mailings and/or manage their preferences will be noted within all mailings and any requests to unsubscribe may be made via links available in the mailings or by writing to enquiries@mourant.com.
To meet all legal, regulatory, and ethical obligations applicable to the Mourant Group (including in respect of managing potential conflicts of interest).
Our legitimate interests as a provider of legal, governance, regulatory and consultancy services to process data to the extent necessary to ensure we meet all our legal, regulatory, and ethical obligations. This may include but not be limited to:
• the assessment of legal, regulatory and financial risks;
• internal financial and marketing analysis; and
• service providers, including, but not limited to our auditors, advisers, insurers and providers of telecommunications and information technology facilities (including cloud services providers).
In certain instances, the processing of data may also be necessary for the exercise of functions of public authorities and/or necessary for compliance with a legal or regulatory obligation to which we are subject.
For the purposes of internal know-how and training.
Our legitimate interests as a provider of legal, governance, regulatory and consultancy services to process data for the purposes of internal know-how and staff training. We will use reasonable endeavours to ensure any personal data contained in the material which is not integral to the understanding of the material is redacted.
To promote and market the firm and our services through our website, on social media channels, Mourant Group publications and other printed media which may include the use of images, photographs or video obtained during visits to events hosted or co-hosted by us or at our offices.
Our legitimate interests as a provider of legal, governance, regulatory and consultancy services to process data for the purposes of conducting and managing our business to give the best possible service to our clients and the promotion of our services, activities, and events.
Where we are unable to rely on any other legal basis, we may need to seek your consent to photograph/film you. Consent may be withdrawn at any time by writing to dataprotection@mourant.com.
Please note that if you withdraw your consent, although we will refrain from using your image or likeness in publications that we control, we will not be able to remove any copies that have already been published and are out in the public domain. Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal.
In certain instances, personal data processed may include "Special Category Data" (which includes information on a person's race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data processed for the purpose of uniquely identifying a natural person, health data, data on a person's sex life or sexual orientation or data relating to a person's criminal record or alleged criminal activity). In such instances, legal bases for processing that data may include explicit consent (where the Special Category Data has been provided to Mourant by the data subject for any of the above-listed purposes) or the processing being necessary for compliance with a legal obligation or the purposes of legal proceedings or obtaining legal advice.
Where do we collect data from and who do we provide it to?
We obtain data from a variety of sources, including, clients, intermediaries, data subjects directly, third parties contracted to obtain and confirm verification of identity, third parties connected to the data subject (for example, their employer or another service provider who provides services to the data subject) or open-source material.
The provision of data to one member of the Mourant Group may result in that data being accessible by all other members of the Mourant Group. We use reasonable endeavours to ensure that data is only accessible by those with a need for access to fulfil the purposes set out above. Requests for access to data to be restricted in any particular manner should be made to dataprotection@mourant.com and will be considered and, where possible with reference to legal and regulatory obligations, actioned.
The following is a list of potential recipients of data (in each case including respective employees, directors, and officers):
- other members of the Mourant Group;
- other professional advisers, agents or third parties providing services in relation to any matter on which Mourant has been instructed or in respect of which Mourant is providing legal, governance, regulatory and consultancy services. This may include those who may be party to, or connected to a party to, a legal transaction or legal proceedings involving you and/or the services which we have been engaged to provide to our clients;
- any sub-contractors, agents or service providers providing services to any member of the Mourant Group, including without limitation, our information technology (including cloud computing) and telecommunications providers, auditors, consultants, insurers and other service providers engaged in connection with meeting our regulatory requirements (eg for acceptance of business and risk management purposes), debt collection and third parties for marketing or business development purposes;
- courts or tribunals;
- third parties with whom a member of the Mourant Group engages for the hosting of events (including virtual events organised by us and hosted on third party platforms) or other marketing initiatives;
- law enforcement agencies where considered necessary for the Mourant Group to fulfil legal obligations applicable to it;
- regulators or other governmental, judicial or supervisory bodies with a legal right to the material or a legitimate interest in any material;
- any registrar of a public register where the data is to be included in a public registry; and
- to the extent permitted under applicable Data Protection Legislation, other third parties in the context of a potential merger, sale, or restructure of any part of the Mourant Group.
Where a member of the Mourant Group is entering into an engagement with a third party pursuant to which data may be processed by that third party, we will seek to enter into an agreement with that third party setting out the respective obligations of each party with regard to the data and will seek to be reasonably satisfied that the third party has measures in place to protect data against unauthorised or accidental use, access, disclosure, damage, loss or destruction.
Third parties providing services to members of the Mourant Group may be based, or may store or process information provided by us, in other jurisdictions, including (on occasion) jurisdictions outside the EEA. As with many businesses offering services like those of the Mourant Group, these third parties may include third party IT platforms, including cloud-based platforms and subscription application services. Where these services are integral to our work for you (for example the use of Microsoft 365 and iManage (our document management system)), we deploy these as a matter of course. The use of such services may require information to be stored or processed in a cloud or infrastructure managed by the relevant service provider. The confidentiality and security of your personal data is of key importance to us, and we conduct careful due diligence on the security of any third-party technology systems we use. In addition, and wherever possible, we request that service providers of cloud-based platforms and subscription application services processing information provided by us, do so using data centres based in either an EU member state or the UK.
If we transfer personal data from one jurisdiction to another, we will ensure, prior to carrying out the transfer, that the third-party recipient meets the relevant data protection requirements applicable to the data being transferred. This may include only transferring the data where we are satisfied that:
- the recipient is in a jurisdiction which has been deemed to have an adequate level of protection under applicable Data Protection Legislation;
- the recipient has contractually agreed to protect the information to the same (or higher) standards required under applicable Data Protection Legislation; or
- we have obtained consent from relevant data subjects to the transfer (to the extent legally required).
Our offices include jurisdictions outside the European Union which have not been deemed adequate for European Union data protection purposes (namely the British Virgin Islands, the Cayman Islands, Hong Kong, Mauritius, and Singapore), however, please note that we operate a global data protection policy based on the requirements of the GDPR, and those offices are expected to meet the same standard as our other offices. In addition, we have a data transfer agreement in place between each member of the Mourant Group to enable information to be shared across our businesses in accordance with applicable Data Protection Legislation.
Security
We use up-to-date data storage and security to hold your data securely in electronic or physical form to protect your data from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. Our IT usage and securities policies are supported by our ISO 27001 certification and our premises are access controlled and our electronic databases require logins and password authentication. All our partners, employees and third-party service providers who have access to data are subject to confidentiality obligations.
Please note, however, that the transmission of information via the internet is not completely secure and although we take appropriate and proportionate steps to manage the risks posed, we cannot guarantee the security of your information transmitted to our online services.
Where we act as Processor
In most circumstances, we consider that each member of the Mourant Group acts as a separate and independent controller in relation to any data that they process. In certain circumstances, however, where we exercise little or no autonomy or discretion in the role that we perform in connection with the provision of services, we may act as processor under the applicable Data Protection Legislation. Where we do so, we will enter into a separate Data Processing Agreement setting out our obligations as processor of that data, which will form part of our engagement terms in connection with the provision of the relevant services.
Rights of data subjects
Data subjects who have data held by Mourant may have certain rights in respect of their personal data.
Any such data subject wishing to exercise any rights under applicable Data Protection Legislation (including the right to withdraw any consent to processing previously given; the right of access to data; or to have data corrected, updated, rectified or erased; or for access to data to be restricted or provided to any third party; or to object to any particular processing) should send the request in the first instance to dataprotection@mourant.com.
In any case in which a data subject chooses not to provide any personal data or where any of the rights set out above are exercised to limit the processing of personal data Mourant may be unable to provide relevant services, or there may be a restriction on the services which can be provided.
Retention
Mourant only keeps data for as long as necessary to fulfil the purposes (as set out above) for which we collected it. The Mourant Group policy is to retain data in relation to a client matter for 11 years from the conclusion of that matter. This is subject to certain exceptions (including where the matter relates to wills & probate, property, and conveyancing (in Jersey and Guernsey only) and trusts (where, in each case, records may be kept indefinitely) or in instances where the personal data is relevant to a dispute after closure of the matter or where the data cannot be deleted for legal, regulatory, or technical reasons).
Any requests for further information in relation to the continued processing of specific data, and requests for destruction of data, should be made to dataprotection@mourant.com.
Mourant Group Entities
Full details of all Mourant Group entities are included in the Legal and Regulatory Notice and Disclaimer section of our website.
Mourant LP is the ultimate data controller for the Mourant Group. In addition, the below lists the primary operating entities within the Mourant Group which are, where required, also registered as a data controller (and in some cases a data processor) in the listed jurisdictions. Unless otherwise agreed, in respect of any instruction with the Mourant Group, the primary data controller will be the entity issuing the engagement letter:
Jersey:
Mourant Group Limited, Mourant Group Holdings Limited, Mourant LP, Mourant (GP) Limited, Mourant Ozannes (Jersey) LLP, Mourant Governance Services (Jersey) Limited, MourantGS Fund Services (Jersey) Limited, Mourant Consulting Limited, Mourant Services (Jersey) Limited and Mourant Securities Limited, Jersey Branch, each of which is a registered data controller with the Data Protection Authority in Jersey. Any complaint may be brought to the attention of the Authority.
Guernsey:
Mourant LP, Mourant Ozannes (Guernsey) LLP, Mourant Governance Services (Guernsey) Limited, Mourant Consulting Limited, Mourant Securities Limited, and MourantGS Accounting Services Limited, each of which is a registered data controller with the Office of the Data Protection Authority in Guernsey. Any complaint or appeal may be brought to the attention of the Authority.
London:
Each of Mourant LP, Mourant Ozannes, Mourant Services (UK) Limited and Mourant Governance Services (UK) Limited are registered as data controllers with the Information Commissioner's Office in the UK. Any complaint may be brought to the attention of the Information Commissioner.
Mauritius:
Mourant Global Solutions Limited is registered as a data controller and a data processor with the Data Protection Office in Mauritius. Any complaint may be brought to the attention of the Data Protection Commissioner.
BVI/Cayman/Hong Kong/Luxembourg/Singapore:
The above offices are not required to register as a data controller in their respective jurisdictions. As noted above, these offices are, (except for Luxembourg, which operates under their own separate GDPR compliant data protection policies) however, subject to the Mourant Group Data Protection Policy and so apply the same data protection standards as the other offices.
In respect of BVI: Mourant Ozannes BVI partnership and Mourant LP is subject to the Data Protection Act. Any complaint may be brought to the attention of the Office of the Information Commissioner (currently subject to appointment).
In respect of Cayman; Mourant Ozannes (Cayman) LLP, Mourant LP and Mourant Governance Services (Cayman) Limited are subject to the Data Protection Act. Any complaint may be brought to the attention of the Office of the Ombudsman.
In respect of Hong Kong; Mourant Ozannes (Hong Kong) LLP, Mourant LP and Mourant Governance Services (Hong Kong) Limited are subject to The Personal Data (Privacy) Ordinance. Any complaint may be brought to the attention of the Commissioner.
In respect of Luxembourg: Mourant Ozannes (Luxembourg) S.à r.l., Mourant Governance Services (Luxembourg) S.à r.l., and MourantGS Services (Luxembourg) S.à r.l. are subject to, amongst other things, the law of 1 August 2018 on the organisation of the National Commission for Data Protection and implementation of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Any complaint may be brought to the attention of the Commission Nationale pour la Protection des Données.
In respect of Singapore: Mourant Ozannes (Singapore) LLP and Mourant Governance Services (Singapore) Pte. Ltd are subject to the PDPA. Any complaint may be brought to the attention of the Personal Data Protection Commission.
Contact Details
All enquiries in respect of this Privacy Notice or any request to exercise any of the rights set out above should be directed to the relevant Data Protection Officer as follows:
Entity/ies
DPO email address
DPO postal address
All entities listed in this Privacy Notice other than those entities listed below
Data Protection Officer
Mourant Ozannes
22 Grenville Street
St. Helier
Jersey, JE4 8PX
Channel Islands
Data Protection Officer
Mourant Global Solutions
Limited
Office 14-17, 2nd Floor, Block 2, The Strand, Lakeside District, Beau Plan 21001, Mauritius
Mourant Ozannes (Luxembourg) S.à r.l.
Mourant Ozannes (Luxembourg) S.à r.l.
4 avenue Jean-Pierre Pescatore
L-2324 Luxembourg
Grand Duchy of Luxembourg
Mourant Governance Services (Luxembourg) S.à r.l.
Mourant Governance Services (Luxembourg) S.à r.l.
18, rue Michel Rodange
L-2430, Luxembourg
Grand Duchy of Luxembourg
MourantGS Services (Luxembourg) S.à r.l.
MourantGS Services (Luxembourg) S.à r.l.
20, rue Michel Rodange
L-2430, Luxembourg
Grand Duchy of Luxembourg
*Mourant Ozannes (Luxembourg) S.à r.l., Mourant Governance Services (Luxembourg) S.à r.l., and MourantGS Services (Luxembourg) S.à r.l. have not appointed a data protection officer, all enquiries to these email addresses will be directed to the board of managers (gérants) of the relevant company.
Changes to this Privacy Notice
We keep this Privacy Notice under review and any updates will appear on our website at www.mourant.com.
We last updated this Privacy Notice on 9 December 2024.
How to contact us
If you have any questions about this Privacy Notice or any data which we hold about you, please contact: dataprotection@mourant.com.
EU Representative
To the extent that the Mourant Group entity processing your data falls within the territorial scope of GDPR and is not established within the European Union (EU), then that entity has appointed Mourant Ozannes (Luxembourg) S.à r.l. as its EU Representative. Its address is 4 avenue Jean-Pierre Pescatore, L-2324 Luxembourg, Grand Duchy of Luxembourg.
UK Representative
To the extent that the Mourant Group entity processing your data falls within the territorial scope of the United Kingdom's Data Protection Act 2017 and is not established within the United Kingdom (UK), then that entity has appointed Mourant Services (UK) Limited as its UK Representative. Its address is 10th Floor, 110 Cannon Street, London, EC4N 6EU.
Data Protection Authorities
If we are unable to address your questions or concerns to your satisfaction, you may be able to make a complaint to a data protection regulatory body, who is an independent regulator. This is subject to there being such a body within the relevant jurisdiction. Please see below for jurisdictional contact details.
Cayman Islands Contact Details
Office of the Ombudsman
5th Floor, Anderson Square
64 Shedden Road
PO Box 2252
George Town
Grand Cayman KYI-1107
Cayman Islands
Jersey Contact details
Jersey Office of the Information Commissioner
2nd Floor
5 Castle Street
St. Helier
Jersey
JE2 3BT
+44 (0) 1534 716530
Guernsey Contact details
The Office of the Data Protection Authority
Block A
Lefebvre Court
Lefebvre Street
St Peter Port
GY1 2JP
+44 (0) 1481 742074
UK Contact details
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
0303 123 1113
Hong Kong contact details
Room 1303, 13/F, Sunlight Tower,
248 Queen's Road East,
Wanchai,
Hong Kong
2827 2827
British Virgin Islands contact details
Currently subject to appointment.
Mauritius contact details
Data Protection Office
Level 5, SICOM Tower
Wall Street
Ebene Cyber City
Ebene
Republic of Mauritius
460 02 51
dpo@govmu.org
Luxembourg contact details
Commission Nationale pour la Protection des Données
15, Boulevard du Jazz
L04370 Belvaux
Luxembourg
Grand Duchy of Luxembourg
+(352) 26 10 60-1
Singapore contact details
Personal Data Protection Commission
10 Pasir Panjang Road
#03-01 Mapletree Business City
Singapore 117438
+65 6377 3131
Mourant Services (Jersey) Limited - Client Feedback Privacy Notice
About this feedback programme
This feedback programme is commissioned by Mourant Services (Jersey) Limited, 22 Grenville Street, St. Helier, Jersey, JE4 8PX, Channel Islands (“Mourant”), who is the Data Controller of this work. It is facilitated and operated by Acuigen Ltd, an independent client feedback company, based in the UK who (as the Data Processor) is working on behalf of Mourant. www.customserve.com is a domain operated and managed by Acuigen to facilitate the project.
Mourant is part of the Mourant Group, which is an international law firm and governance services provider operating in nine jurisdictions globally.
It is the Data Controller that determines the purposes and means of processing your personal data collected by Acuigen, and Acuigen will only process your personal data on the documented instructions of Mourant.
This document gives a summary of how Mourant manages privacy in respect to this project. If you have any further questions regarding the processing of your personal data, please see Mourant’s full Privacy Notice available at https://www.mourant.com/footer/privacy-notice.aspx. Any questions in relation to this Privacy Notice Summary or requests in respect of personal data should be directed to dataprotection@mourant.com.
Your participation in this programme is entirely voluntary and you can always withdraw from it.
What data do you collect from me?
Mourant collects answers to questions that are asked in the client feedback survey, which includes information about your professional relationship with the firm or work undertaken on your behalf.
What is the purposes of processing this information?
Mourant will use the feedback and data you provide to evaluate client relationships and service delivery to you and other clients in order to improve its services to you, which is within Mourant's legitimate interests.
Mourant use data (including personal data of individuals) for the following purposes:
- Collecting and processing your personal data (using the CustomServe website, managed by Acuigen) to conduct and process the feedback information.
- To better understand you and your organisation’s needs and provide you with better service;
- To share information with you that is interesting or relevant to you, or respond to comments that you may make in the survey.
Who is the information shared with?
The provision of data to one entity in the Mourant Group may result in that data being accessible by all other members of the Mourant Group. Reasonable endeavours are made to ensure that data is only accessible by those with a need for access to fulfil the purposes set out above.
Requests for access to be restricted in any particular manner should be made to dataprotection@mourant.com and will be considered and, where possible with reference to legal and regulatory obligations, actioned by Mourant.
Neither Mourant nor Acuigen will otherwise share your information with third parties without your prior consent.
Rights of data subjects
Data subjects have certain rights in respect of their personal data.
Any such data subject wishing to exercise any rights under applicable data protection laws (including the right to withdraw any consent to processing previously given; the right of access to data; or to have data corrected, updated, rectified or erased; or for access to data to be restricted or provided to any third party; or to object to any particular processing) should send the request in the first instance to dataprotection@mourant.com.
In any case in which a data subject chooses not to provide any personal data or where any of the rights set out above are exercised to limit the processing of personal data the Mourant Group may be unable to provide relevant services, or there may be a restriction on the services which can be provided.
If you have concerns about how Acuigen processes your personal data, you can lodge a complaint with the Information Commissioner Office at https://ico.org.uk. If you have concerns about how Mourant processes your personal data, you can lodge a complaint with the Jersey Office of the Information Commissioner at https://jerseyoic.org/.
Retention
Mourant (and Acuigen on Mourant’s behalf) will retain personal data you have provided as part of your feedback for the duration of the Mourant client feedback programme with the purpose of analysing the results of survey and trends over several years whilst the feedback has commercial value to Mourant, or as required by the applicable law, and as long as you agree to participate in the programme.
We will use secure methods to delete your personal data.
Mourant Governance Services (Jersey) Limited – Client Administered Entities Privacy Notice
General
This privacy notice sets out what personal data we collect and how we collect and use it. It also sets out the rights you have in relation to your personal data.
Who is providing this notice?
This privacy notice is made on behalf of each entity administered by Mourant Governance Services (Jersey) Limited unless such entity has adopted its own privacy notice. The terms "we", "us" and "our" in this privacy notice should be construed accordingly.
What kind of personal data do we collect?
Personal data means any data relating an identified or identifiable, natural person (a data subject). We collect and process the following types of personal data:
- Name, address, email address, telephone number and other contact information;
- Date and place of birth;
- Gender;
- Employment details;
- Copies of identity documents (such as passport, national ID card, driver's license, employee identification numbers);
- Utility bills and/or bank statements;
- Source of wealth;
- Tax residency;
- Details of shareholdings and other assets which are legally or beneficially owned by the data subject;
- Details of directorships and information required to be held under applicable companies legislation; and
- Details of people or organisations which may be connected to the data subject (by family or otherwise).
Please note that the list is not exhaustive and that we may also collect and process personal data to the extent that it is useful or necessary for the provision of our services.
Purposes of processing
We use data (including personal data of data subjects) in order to meet all legal, regulatory and ethical obligations applicable to us and in order to perform the services that we have agreed with you to provide.
Lawful basis for processing
We may also process data (including personal data of data subjects) for the purposes of our legitimate interests. Such interests include the business of running the company and in order to comply with all legal or regulatory obligations to which we are subject.
To whom do we provide personal data?
We may disclose or transfer personal data collected by us to the Mourant Group for the duration of their appointment by us as a service provider. The Mourant Group is an international law firm and governance services provider operating in nine jurisdictions globally. The Mourant Group Privacy Notice can be accessed here and contains details of the members of the Mourant Group.
We may also disclose or transfer personal data to subcontractors, intermediaries or external advisors for the purpose of the proper performance of our services.
International transfers
In the event that we transfer personal data from one jurisdiction to another, we will ensure, prior to carrying out the transfer, that the third party recipient meets the relevant data protection requirements applicable to the data being transferred.
Retention
We will process and store the relevant personal data for as long as it is necessary or required in order to fulfil our legal, contractual or statutory obligations and/or for the establishment, exercise or defence of legal claims.
Your rights
You have the following rights:
Access to your information:
You have the right to access the personal data that we hold about you at any time.
Correction of personal information:
You have the right to ask us to update and correct any out-of-date or incorrect personal data that we would hold about you.
Right to be forgotten:
You have the right to ask us to delete your personal information, to the extent that we have no legal and/or regulatory obligations to keep such personal data.
Restriction of processing of your personal information:
You have the right to ask us to restrict the processing of your personal data.
Data portability:
You may ask us to provide you with a copy of the personal data that we hold about you.
Right to object:
You have the right to object at any time to the processing of your personal data.
Changes to this privacy notice
We keep this privacy notice under review and any updates will appear on the Mourant Group website (www.mourant.com) from time to time.
We last updated this privacy notice on 31 January 2021.
How to contact us
Please note that we do not have a designated point of contact for data protection queries. If you have any questions about this privacy notice or any data which we hold about you, please e-mail MourantGS-DP@mourant.com and your query will be forwarded to an officer of the company.
If we are unable to address your questions or concerns to your satisfaction, you may be able to make a complaint to a data protection regulatory body, who is an independent regulator. Please see below for jurisdictional contact details:
Jersey contact details:
Jersey Office of the Information Commissioner
2nd Floor
5 Castle Street
St. Helier
Jersey
JE2 3BT
+44 (0) 1534 716530
enquiries@jerseyoic.org
MourantGS Fund Services (Jersey) Limited – Client Administered Entities Privacy Notice
General
This privacy notice sets out what personal data we collect and how we collect and use it. It also sets out the rights you have in relation to your personal data.
Who is providing this notice?
This privacy notice is made on behalf of any entity administered by MourantGS Fund Services (Jersey) Limited except where that entity has adopted its own privacy notice. The terms "we", "us" and "our" in this privacy notice should be construed accordingly.
What kind of personal data do we collect?
Personal data means any data relating an identified or identifiable, natural person (a data subject). We collect and process the following types of personal data:
- Name, address, email address, telephone number and other contact information;
- Date and place of birth;
- Gender;
- Employment details;
- Copies of identity documents (such as passport, national ID card, driver's license, national insurance or social security number, employee identification numbers);
- Utility bills and/or bank statements;
- Source of wealth;
- Source of funds;
- Investment history and risk tolerance;
- Tax residency;
- Details of shareholdings and other assets which are legally or beneficially owned by the data subject;
- Details of directorships and information required to be held under applicable companies legislation; and
- Details of people or organisations which may be connected to the data subject (by family or otherwise).
Please note that the list is not exhaustive and that we may also collect and process personal data to the extent that it is useful or necessary for the provision of our services.
In order to provide our services we collect information about you from a number of sources, including from you directly. Information that you give us is received from the subscription document, tax forms and other associated documentation that you complete when subscribing for an investment in a fund and when you provide it in correspondence and discussions with us. Other sources from which we receive data include tax authorities, government and competent regulatory authorities to whom we have regulatory obligations, publicly available directories and sources, background check providers and credit, fraud and detection agencies and bankruptcy registers.
Purposes of processing
We use data (including personal data of data subjects) in order to meet all legal, regulatory and ethical obligations applicable to us and in order to perform the services that we have agreed with you to provide. For example, this enables us to:
- Verify the identity and addresses of investors and prospective investors and, if applicable, their beneficial owners and individual representatives.
- Undertake our due diligence and on-boarding checks.
- Carry out verification, know your customer, terrorist financing and anti-money-laundering checks and to ensure compliance with sanctions.
- Comply with requests from regulatory, governmental, tax and law enforcement authorities.
- Undertake investigation, surveillance and audit checks and to prevent and detect fraud.
- Maintain statutory registers.
- Establish, administer and manage your investment.
- Meet our contractual obligations.
- Facilitate your relationship with us.
- Administer and manage your investment including corresponding with you in connection with your investment.
- Review, analyse and process any requests or applications made by you or on your behalf.
- Address or investigate any complaints, claims, proceedings or disputes and to seek professional advice, including legal advice.
- Provide you with and inform you about our products and services.
- Prepare and provide analytical insights and various data metrics extrapolated from information we hold.
- Meeting our obligations and requirements including regulatory, accounting, tax reporting and audit.
- Ensure appropriate management and governance, management of risk and operations (including protecting our business against fraud and other risks) and to maintain our internal records and act in accordance with our policies and procedures.
Lawful basis for processing
We may also process data (including personal data of data subjects) for the purposes of our, or any third party's, legitimate interests. Such interests include running our business and compliance with all legal or regulatory obligations to which we are subject.
To whom do we provide personal data?
We may disclose or transfer personal data collected by us to the Mourant Group for the duration of their appointment by us as a service provider. The Mourant Group is an international law firm and governance services provider operating in nine jurisdictions globally. The Mourant Group Privacy Notice can be accessed here and contains details of the members of the Mourant Group.
We may disclose or transfer personal data to investment managers and advisers, other legal entities affiliated with us, service providers (or their successors), subcontractors, intermediaries or external advisors for the purpose of the proper performance of our services.
There may also be circumstances where we are obliged by law to disclose personal data, including to law enforcement agencies, tax authorities or regulatory authorities.
International transfers
In the event that we transfer personal data from one jurisdiction to another, we will ensure, prior to carrying out the transfer, that there are appropriate safeguards in place in respect of the data being transferred.
Retention
We will process and store the relevant personal data for as long as it is necessary or required in order to fulfil our legal, contractual or statutory obligations and/or for the establishment, exercise or defence of legal claims.
Your rights
You have the following rights:
Access to your information:
You have the right to access the personal data that we hold about you at any time.
Correction of personal information:
You have the right to ask us to update and correct any out-of-date or incorrect personal data that we would hold about you.
Right to be forgotten:
You have the right to ask us to delete your personal information, to the extent that we have no legal and/or regulatory obligations to keep such personal data.
Restriction of processing of your personal information:
You have the right to ask us to restrict the processing of your personal data. If you ask us to restrict the processing of your personal data, we will only process information for the amended purpose or purposes that you have agreed to, to the extent that we have no legal and/or regulatory obligations to continue to process your personal data for any other purpose.
Data portability:
You may ask us to provide you with a copy of the personal data that we hold about you.
Right to object:
You have the right to object at any time to the processing of your personal data. If you object to the processing of your personal data, we will no longer process information for the purpose or purposes that you had originally agreed to, to the extent that we have no legal and/or regulatory obligations to continue to process your personal data for any purpose.
If you wish to exercise any of these rights, please email our administrator at MourantGS-DP@mourant.com. If you wish to exercise any of these rights and we have transferred your data to a third party, we will communicate that request to the relevant third party unless it would be impossible or involve disproportionate effort for us to do so.
Changes to this privacy notice
We keep this privacy notice under review and any updates will appear on the Mourant Group website (www.mourant.com) from time to time.
We last updated this privacy notice on 22 May 2024.
How to contact us
Please note that we do not have a designated point of contact for data protection queries. If you have any questions about this privacy notice or any data which we hold about you, please e-mail MourantGS-DP@mourant.com and your query will be forwarded to an officer of the company.
If we are unable to address your questions or concerns to your satisfaction, you may be able to raise this with your local data protection regulatory body or with the data protection authority in Jersey:
Jersey Office of the Information Commissioner
2nd Floor
5 Castle Street
St. Helier
Jersey
JE2 3BT
+44 (0) 1534 716530
enquiries@jerseyoic.org