Privacy Notice

Liberum Wealth Privacy Notice

1.     INTRODUCTION

In the course of carrying on our business and providing our services, Liberum Wealth Limited (“we, “us” and “our”) needs to collect and process certain “personal data” (that is, any information about an identified or identifiable living person) about various third parties (“you” and “your”), including our clients, prospective clients, counterparties, service providers, and other individuals connected to such persons, such as authorised signatories and professional advisors.

We are therefore a “controller” of your personal data for the purposes of the Data Protection (Bailiwick of Guernsey) Law, 2018 and related legislation (the “Data Protection Law”). The Data Protection Law is based on the EU’s General Data Protection Regulation (“GDPR”), and has been formally recognised by the EU as providing an adequate level of data protection. Like the GDPR, the Data Protection Law protects personal data by granting various rights to individuals in relation to the processing of their personal data and imposing certain obligations on controllers and processors of personal data, among other measures.

This notice sets out the types of personal data that we collect, why we collect it, who we may share it with, and other matters relating to our processing of your personal data.

2.     WHAT PERSONAL DATA DO WE COLLECT?

            The personal data that we collect and process in connection with carrying on our business and providing our services may include:

·         Identity and contact data, including your names, address, date and place of birth, passport or other official identification number, tax status, and contact details;

·         Background information, including your occupation, employment or business history, details of family and/or professional relationships (to the extent relevant to your relationship with us), and information relating to any criminal or regulatory record that you may have;

·         Financial data, including details of your account with us, the source of any funds or assets to be held in your account with us, the source of your wealth, and your bank details; 

·         Physical access data, relating to any visits that you may make to our premises; and

·         Technical data, such as your IP address, relating to your use of our client portal.

3.     SPECIAL CATEGORY DATA

Certain types of personal data are recognised as being particularly sensitive, and are accordingly given a higher level of protection under the Data Protection Law. These are referred to in the Data Protection Law  as “special category data”, and include, for example, personal data about a person’s race or ethnicity, health, or criminal record. 

The personal data that we collect about you might include special category data, where necessary to provide our services to you and/or to comply with our regulatory obligations: for example, we may collect information about any criminal record that you may have for the purposes of meeting our obligations under anti-money laundering and countering the financing of terrorism (“AML/CFT”) regulations.

4.     PURPOSES OF AND LEGAL BASES FOR THE PROCESSING OF PERSONAL DATA

The Data Protection Law sets out certain grounds on which personal data may lawfully be processed. We will only process your personal data to the extent that one of these grounds (or “legal bases”) applies.   

The table in Appendix 1 outlines how, why and on which legal bases we typically process personal data.

5.     WHO DO WE COLLECT PERSONAL DATA FROM?

In general, where we need to collect personal data about you, we will usually request that personal data from you directly.

However, we may also collect personal data from third parties connected to your relationship with us: for example, if you are an authorised signatory on an account, the holder of that account might provide us with personal data about you. If you provide us with personal data about any person other than yourself, you are responsible for ensuring that you may lawfully do so. We also ask that you refer such persons to this privacy notice.  

Finally, we may collect personal data through our independent researches, including screening and background checks carried out on third party platforms for the purposes of meeting our obligations under AML/CFT regulations and sanctions laws. 

6.     WHO MIGHT WE SHARE YOUR PERSONAL DATA WITH?

We may need to share your personal data with third parties for the purposes outlined in Appendix I. Such third parties might include:

·         our affiliated companies;

·         screening and due diligence service providers;

·         tax, regulatory, governmental and other competent authorities;

·         third party service providers;

·         persons connected with or authorised in relation to your account with us (such as any authorised signatories or professional advisors); and

·         any purchasers of the whole or part of our business or our counterparties in any merger or group reorganisation.

The disclosure of your personal data to such third parties may involve transferring your personal data to a country that is not regarded as an “Authorised Jurisdiction” under the Data Protection Law. Authorised Jurisdictions comprise Guernsey, the UK, the European Economic Area, and certain other jurisdictions with equivalent data protection regimes. The data protection laws applicable in other countries may not provide the same level of data protection as those applicable in Authorised Jurisdictions. In the event that we do need to transfer your personal data to any country that is not an Authorised Jurisdiction, such transfer will be subject to the applicable protections set out in the Data Protection Law.

7.     RETENTION AND SECURITY OF PERSONAL DATA

We will only retain your personal data for as long as is necessary to fulfil the purposes for which we collect and process it, including for the purposes of providing our services, satisfying regulatory record keeping requirements, asserting our legal rights and defending any potential legal claims.

We take appropriate measures to keep all personal data that we hold or control secure.

8.     YOUR RIGHTS

In summary, the Data Protection Law gives you the following rights in relation to the personal data about you that we process:

·         Information: You have the right to certain information about the processing of the personal data: the purpose of this privacy notice is to give you the requisite information.

·         Portability: where we process any of the personal data by automated means, you have the right to require us to give that personal data to you, or transmit it to another person, in a structured, commonly used and machine-readable format.

·         Access: You have the right, on request, to copies of the personal data (subject to a reasonable administrative charge, if you request more than one copy).

·       Objection to processing for certain purposes: You have the right to object to the processing of your personal data for certain purposes, including direct marketing. Any marketing that we send to you will also give you the opportunity to opt out of receiving any further marketing from us.  

·          Rectification: You have the right to require us to rectify any of personal data that is inaccurate or incomplete.

·       Erasure: You have the right to require us to erase the personal data in certain circumstances (for example, if we no longer need the personal data for the purposes for which they were collected).

·         Restriction of processing: You have the right to restrict us from processing the personal data (which will generally entail that we will continue to store the personal data but will not be able to use it for any other purpose without your consent), in certain circumstance (for example, pending the resolution of a dispute about the accuracy or completeness of the personal data).

·         Decisions based on automated processing: you have the right not to be subject to decisions based on the automated processing of the personal data, without your consent. We do not rely on automated decision-making processes.

·         Withdrawal of consent: if we are relying on your consent to process the personal data for a particular purpose, you have the right to withdraw that consent at any time. Note that a withdrawal of consent will not affect the lawfulness of any processing of the personal data on other permitted grounds (for example, where the processing is necessary for the performance of our contract with you, or to comply with our legal or regulatory obligations).

9.     CHANGES TO THIS PRIVACY NOTICE

We may update or amend this privacy notice from time to time, and any such updates or amendments will be posted on www.liberumwealth.com/privacynotice and, where appropriate, notified to you by email or through our client portal. 

We may also contact you in other ways regarding the processing of your personal data. 

10.  QUESTIONS, COMPLAINTS AND EXERCISE OF RIGHTS

If you have any questions, or if you wish to make a complaint or exercise any of your rights, in connection with our processing of your personal data, please contact us by email at compliance@liberumwealth.com, by telephone at +44(0)1481750786, or by post at:

Liberum Wealth Limited

ATT: Compliance

PO Box 650

1st Floor

Royal Chambers

St Julian’s Avenue

St Peter Port

Guernsey

GY1 3JX

Please note that we may need to verify your identity before we are able to respond to any such communication.

We are committed to meeting our obligations as a data controller under the Data Protection Law. However, if you have brought any issue concerning data protection to our attention, and we have not resolved the issue to your satisfaction, you are entitled to refer a complaint to Guernsey’s Data Protection Authority:  https://www.odpa.gg/for-individuals/make-a-complaint/

APPENDIX I – PURPOSES AND LEGAL BASES FOR PROCESSING CANDIDATES’ PERSONAL DATA

Purpose of Use

Categories of Personal Data processed

Legal Basis for Processing

To carry out client due diligence, including by identifying and verifying the identities of our clients and connected parties, and by carrying out ongoing AML/CFT checks and sanctions screening.

Identity and contact data, background information and financial data.

The processing is necessary to comply with our legal obligations.  

 

To monitor transactions and activity in order to protect the security of our clients’ accounts and meet our AML/CFT and related obligations.

Identity and contact data, background information and financial data.

The processing is necessary for the purposes of our legitimate interests and to comply with our legal obligations.

 

To monitor and record communications and use of our client portal in order to protect the security of our clients’ accounts, meet our AML/CFT and related obligations, enforce or defend our legal rights, and maintain and improve service standards.

 

Identity and contact data, financial data and technical data.

The processing is necessary for the purposes of our legitimate interests and to comply with our legal obligations.

To meet our reporting and similar obligations towards relevant regulatory and other competent authorities, including by reporting tax related information to tax authorities, where required.

 

Identity and contact data, background information and financial data.

The processing is necessary to comply with our legal obligations.

To retain records in order to provide our services, meet regulatory record keeping requirements, enforce or defend our legal rights, and otherwise in accordance with our record retention policy.

All categories of personal data

The processing is necessary for the purposes of our legitimate interests, to comply with our legal obligations, and for the performance of our contractual obligations.

To manage our relationship with you, contact and interact with you in relation to any account to which you are connected, process your instructions and otherwise provide our services and perform our contractual obligations in relation to such account.

 

Identity and contact data, financial data and technical data.

The processing is necessary for the purposes of our legitimate interests and for the performance of our contractual obligations. 

To manage access to our premises and for security purposes.

 

Identity and contact data.

The processing is necessary for the purposes of our legitimate interests and to comply with our legal obligations.

To maintain, develop, manage and administer our IT systems and applications (including our client portal).

 

Identity and contact data and technical data.

The processing is necessary for the purposes of our legitimate interests.

To send you newsletters, invitations, information about our products and services and other marketing communications (subject to your right to opt-out of receiving any further marketing communications), to organize and host events, and to inform you of any changes to our services.

 

Identity and contact data.

The processing is necessary for the purposes of our legitimate interests, or otherwise with your consent.