PURPOSE OF THE PRIVACY NOTICE
Accuro respects your privacy and is committed to protecting your personal data. This Privacy Notice provides information on how Accuro collects and processes personal data of clients, intermediaries, suppliers and other third parties. This Privacy Notice also sets out information about how the law protects the rights of individuals where Accuro holds their personal data.
It is important that you read this Privacy Notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements such other notices and is not intended to override them.
ACCURO
The Accuro Group provides fiduciary and administration services in 4 jurisdictions: Switzerland, Jersey, London and Mauritius. This Privacy Notice is issued on behalf of each member of the Group and so references to Accuro, “we”, “us” or “our” in this Privacy Notice, should be read as references to the relevant company in the Accuro Group responsible for processing your data. References to the ‘Accuro Group’ means Accuro Holdings UK Limited, a company incorporated in England and Wales with registered number 10633149, whose registered office is at 70 Pall Mall, Westminster, London SW1Y 5ES and its subsidiaries and any corporate entity managed or controlled by those entities.
The primary operating entities within the Accuro Group are as follows:-
Jersey – Accuro Trust (Jersey) Ltd, a limited liability company incorporated in Jersey with company number 58347 and with its registered office at One The Esplanade, St Helier, Jersey JE2 3QA regulated by the Jersey Financial Services Commission to conduct trust company business.
Geneva – Accuro Trust (Switzerland) SA, a company limited by shares incorporated in Switzerland with company number CHE-100.853.925 and with its registered office at Esplanade de Pont-Rouge 1, 1212 Grand-Lancy, Geneva, Switzerland, is authorised by the Swiss Financial Market Supervisory Authority, FINMA.
Mauritius – Accuro Trust (Mauritius) Ltd, a limited liability company incorporated in Mauritius with company number C44700 and with its registered office at Level 1, Cyber Tower II, Ebene Cyber City, Mauritius regulated by the Mauritius Financial Services Commission. Accuro Group Services Ltd, a limited liability company incorporated in Mauritius with company number 187807 and with its registered office at Level 1, Cyber Tower II, Ebene Cybercity, 72201, Mauritius regulated for global shared services by the Mauritius Financial Services Commission.
London – Accuro Fiduciary Limited, a limited company incorporated in England with company number 08743573 and with its registered office at 70 Pall Mall, Westminster, London SW1Y 5ES.
Each of the above companies (whether or not bound by the European Union Data Protection Regulation (the GDPR) or by legislation deemed adequate for EU data protection purposes), is subject to and required to meet the Accuro Group data protection policy that is consistent with the standards set out in the GDPR.
If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact [email protected] in the first instance.
THE DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Accuro collects and processes the following types of data of clients, potential clients, suppliers, employees, potential employees, shareholders, website users, beneficiaries and third parties in order to provide fiduciary and administrative services:-
Clients and Potential Clients
- Identity data (including first name, maiden name, last name, marital status, title, date of birth and gender);
- Contact data (including postal, physical and email address, telephone numbers, copy identity documents);
- Financial Information (including bank account and payment details, financial standing and investment objectives);
- Data to meet legal and regulatory requirements (including details of source of wealth and source of funds, family wealth and assets held, background and professional relationship, family members and tax status);
- Further data provided in the course of the provision of fiduciary and administration services and private office services (including transaction data relating to assets and services acquired or disposed of by client-related entities, and disputes and court proceedings); and
- Any other information provided.
Legal and beneficial owners, settlors, beneficiaries, potential beneficiaries and Protectors
- Identity data;
- Contact data;
- Financial information;
- Data to meet legal and regulatory requirements;
- Further data provided in the course of the provision of fiduciary and administration services and private office services; and
- Any other information provided.
Intermediaries (legal and tax advisers, accountants, bankers, investment managers etc) and other persons representing entities or organizations with whom Accuro deals (including employees, officers and agents)
- Identity data;
- Contact data (personal and professional);
- Data to meet legal and regulatory requirements;
- Financial Information; and
- Any other information provided.
Potential employees
- Identity data;
- Contact data;
- Professional and educational data;
- Financial data (including details of current remuneration and other benefits);
- Other personal data (including health information, details of any criminal convictions; and rights of residence); and
- Equal opportunities information.
Website users
- Technical data (including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Accuro website);
- Usage data (including information about how you use our website – see cookie policy for further information); and
- Other personal data (including location and employer by reference to your IP address).
Agents, service providers and/or sub-contractors of the Accuro Group
- Contact details;
- Identity details;
- Financial details; and
- Other personal data.
General
- Marketing and communications data (including preferences in receiving marketing from us and your communication preferences); and
- Information relating to meetings attended, referrals made, events attended and related clients.
HOW PERSONAL DATA IS COLLECTED
Accuro uses different methods to collect data including (but not limited to):
- Direct communication with clients and other data subjects (eg through the completion of application forms and self-certification documents, meetings (in person or by video-conference) and correspondence by email, telephone, post or otherwise);
- Direct communication with intermediaries (eg legal and tax advisers) acting on behalf of clients and other data subjects, and with related third parties (eg other service providers engaged by the data subject, such as banks and other financial services companies);
- Open source information (including information available from public registers such as Companies House, search information websites such as Google) and use of risk management applications (such as World-Check) and risk management providers; and
- Automated technologies or interactions (eg collection of personal data through use of cookies and other similar websites when you visit our website).
THE PURPOSE FOR WHICH ACCURO USES YOUR PERSONAL DATA
Accuro only uses your personal data when the law permits. Generally, we use your personal data in the following circumstances:
- To enter into and maintain client relationships;
- To provide fiduciary and administrative services;
- To provide private office services;
- To provide fiduciary and administrative services to a client with whom you are connected;
- To meet all legal and regulatory obligations applicable to the Accuro Group;
- To manage and develop our legitimate business interests (including management of client and intermediary relations, marketing, business development, risk management, debt management and generation of internal management information); and
- Internal know-how and training.
There follows a description of all the specific purposes for which personal data of individuals is used and details of the lawful basis upon which reliance is placed. Please contact [email protected] if you require details as to the specific legal ground upon which Accuro is relying to process your personal data where more than one ground is provided.
To enter into a client relationship
- The legitimate interests of Accuro as a provider of fiduciary, administrative and private office services to process data to respond to enquiries about the services provided by Accuro, to take steps to enter into a client relationship and to enter into a client services agreement;
- The discharge of Accuro’s legal and regulatory obligations to (inter alia) carry out client-KYC, anti-money-laundering (AML), counter-terrorist financing and anti-bribery checks and for the purpose of the automatic exchange of information (AEOI) and FATCA concerning tax matters;
- The legitimate interests of Accuro as a provider of fiduciary, administrative and private office services to comply with relevant internal policies and procedures in accordance with regulatory codes including those relating to risk management; and
- (Where applicable) the consent of the data subject.
The provision of fiduciary, administrative and private office services
- The performance of a contract with the data subject to provide fiduciary and administrative services;
- The performance of a contract with the data subject to provide private office services;
- The legitimate interests of Accuro as a provider of fiduciary, administrative and private office services to process data for the purpose of such services;
- The discharge of Accuro’s legal and regulatory obligations including those relating to the legal and beneficial ownership of property, client KYC, AML checks and for the purpose of AEOI and FATCA reporting;
- The obtaining of legal advice, establishing, exercising or defending legal rights and for the purposes of any legal proceedings generally;
- The legitimate interests of Accuro as a provider of fiduciary, administrative and private office services to comply with internal policies and procedures in accordance with regulatory codes;
- To protect the vital needs of beneficiaries unable to provide consent and in the public interest to follow the wishes of a settlor; and
- (Where applicable) the consent of the data subject.
To meet all legal and regulatory obligations
- The discharge of all legal and regulatory obligations of all relevant members of the Accuro Group.
To manage intermediary and other business relationships
- The legitimate interests of Accuro as provider of fiduciary, administrative and private office services to provide services to the clients and other persons with whom intermediaries and other advisers are connected;
- The legitimate interests of Accuro as provider of fiduciary and administrative services to develop its services and grow the business, and to communicate with persons in relation to relevant issues and events; and
- (Where applicable) the consent of the data-subject.
To provide marketing information including information about Accuro’s services, events that may be of interest and areas of potential interest
- The legitimate interests of Accuro as provider of fiduciary, administrative and private office services to communicate with persons in relation to relevant issues and events;
- (Where applicable) the consent of the data-subject.
To deliver website content and to improve our website, customer relationship and marketing services
- The legitimate interests of Accuro as provider of fiduciary, administrative and private office services to process data for running and development of the Accuro business, the provision of administration and IT services, network security, and to prevent fraud;
- The legitimate interests of Accuro as provider of fiduciary, administrative and private office services to keep our website updated and relevant, to develop our business and to inform our marketing strategy; and
- (Where applicable) the consent of the data-subject.
To advance applications through our HR recruitment process
- The legitimate business interests of Accuro as provider of fiduciary and administrative services to consider individual applications in accordance with the Accuro HR policies and procedures with a view to considering entering into an employment contract.
To provide internal training
- The legitimate interests of Accuro as provider of fiduciary, administrative and private office services to process data for the purposes of internal training.
To enter into agreements with third parties regarding the provision of goods and services
- The legitimate interests of Accuro as a provider of fiduciary, administrative and private office services to process data to respond to enquiries about the supply of goods or services to Accuro, to take steps with a view to entering into a contract; and
- The performance of a contract to which a member of the Accuro Group is a party.
Generally, Accuro does not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email. Where consent is relied upon, you have the right to withdraw consent to receipt of marketing or other relevant information by contacting: [email protected].
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to continue to provide you with services. In this case, we may have to cease the service(s) we provide but we shall notify you if this is the case at the time.
Occasionally, Accuro processes Special Category Personal Data (as defined in the Appendix). The legal basis for the processing of such data includes consent (where provided by the data-subject), compliance with a legal or regulatory obligation (to discharge our duties as a fiduciary or to carry out client-KYC, anti-money-laundering, counter-terrorist financing and anti-bribery checks and for the purpose of the AEOI and FATCA concerning tax matters), the vital needs of beneficiaries unable to provide consent and in the public interest to follow the wishes of a settlor.
SHARING OF PERSONAL DATA
We may share your personal data with:
- Other members of the Accuro Group (including the directors, employees and officers of each member);
- Service providers acting as processors who provide IT and system administration services;
- Professional advisers including lawyers, bankers, investment managers, auditors, property managers and insurers providing legal, banking, investment, accounting, property management, insurance and other services to the Accuro Group or to any legal person under its administration where disclosure is required for the purposes set out above;
- Business partners, suppliers, agents, delegates, service providers and/or sub-contractors of the Accuro Group; and
- Courts, regulators, tax authorities, public registers and other public authorities or supervisory bodies to whom the Accuro Group has reporting obligations.
Where personal data is shared by other members of the Accuro Group, this Privacy Notice will apply to its processing by the relevant Accuro entity. We require all third parties with whom we enter into an engagement to respect the security of your personal data and to treat it in accordance with the law. We use our best endeavours not to allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Whenever we transfer your personal data to third parties out of the EEA, we will ensure a similar degree of protection is afforded to it by satisfying ourselves prior to carrying out such a transfer that:
- the country to which the data is to be transferred has been deemed to provide an adequate level of protection for personal data by the European Commission;
- where we use certain service providers, we may contract with the transferee that it will provide the data with the same protection as in the EEA;
- where we use providers based in the US, the recipient is part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US; and/or
- the transfer is necessary for one of the other permitted reasons set out in the GDPR including the performance of a contract between Accuro and the data subject, reasons of public interest, the vital interests of the data subject.
DATA SECURITY
Accuro take the privacy and security of your personal information very seriously. Accuro has put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. All the data collected by us is stored on a secure platform in a secure hosting facility, and we take all reasonable steps to ensure all access is pre-authorised and recorded. In addition, Accuro limits access to your personal data to those Group employees, agents, contractors and other third parties who have a business need to know. Such persons will only process your personal data with our authority and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
DATA RETENTION
Accuro will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any client, legal, regulatory or reporting requirements.
In general terms, the Accuro Group retention policy is to retain data for twelve years from the conclusion of a client-related matter. Accuro retains some data, however, for longer periods to comply with legal and regulatory obligations to retain such information under applicable law and in the event of actual or potential legal proceedings. Some data (eg trust documentation) may be retained indefinitely.
The retention policy is kept under regular review and to determine the appropriate retention period for personal data, Accuro considers the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of such personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Further information in relation to the Data Security, relevant retention periods and continued processing of specific data should be made to [email protected]
YOUR LEGAL RIGHTS
Data subjects in the EU (and jurisdictions with equivalent legislation including the UK) have various rights under relevant data protection laws. In general terms, and subject to prescribed exceptions, this includes a right in relation to personal data to:
- Request access to personal data (by making a subject access request);
- Request the correction, updating or rectification of personal data (eg where it is incorrect);
- Object to the further particular processing of personal data (eg the right to object to marketing);
- Request restriction of processing of personal data (where concerns are investigated);
- Request erasure of personal data;
- Request transfer of your personal data to a third party (data portability); and
- Withdraw consent previously given, where processing is carried out solely on the basis of consent).
If you wish to exercise any available rights in relation to your personal data, or make any enquires as to your rights, a request should be sent to [email protected].
If a request is not satisfactorily resolved, the data subject may refer the request to the data protection authority in the relevant jurisdiction in which the relevant services are provide as follows:-
Jersey: Office of the Data Protection Commissioner, Brunel House, Old Street, St Helier, Jersey JE2 3RG. Website: https://oicjersey.org/
Switzerland: Office of the Federal Data Protection and Information Commissioner FDPIC, Feldeggweg 1, CH – 3003 Berne. Website: https://www.edoeb.admin.ch/edoeb/de/home.html
Mauritius: Data Protection Office. 5th Floor, SICOM Tower, Wall Street, Ebene, Mauritius. Website: http://dataprotection.govmu.org
United Kingdom: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Website: https://ico.org.uk
CHANGES TO THIS NOTICE
Accuro reserves the right to amend the terms of this Privacy Notice from time to time. Updates will be posted on our website at https://www.accuro.com which you should review from time to time.
This Privacy Notice was last updated on 9 December 2024.
Any questions relating to this Privacy Notice should be sent to: [email protected].
APPENDIX
Glossary
Data Controller: the person or organisation that determines when, why and how to process Personal Data
Data processor: the person that processes personal data on behalf of the controller, but does not include an employee of the controller.
Data Subject: a living, identified or identifiable individual about whom we hold Personal Data
EEA: the 28 countries in the EU, and Iceland, Liechtenstein and Norway
General Data Protection Regulation (GDPR): the General Data Protection Regulation ((EU) 2016/679
Personal Data: any information identifying a Data Subject or information relating to a Data Subject that we can identify (directly or indirectly) from that data alone or in combination with other identifiers we possess or can reasonably access. Personal data can be factual (for example, a name, email address, location or date of birth) or an opinion about that person’s actions or behaviour.
Processing or Process: any activity that involves the use of Personal Data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transmitting or transferring Personal Data to third parties.
Special Category Personal Data: information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, biometric or genetic data, and administrative or criminal proceedings and sanctions.
Let us help you make
your vision a reality
Everything in life starts with a conversation. We would welcome the opportunity to talk to you about the difference Accuro can make to the success of your vision.