Customer Privacy Policy
Trusted Fund controls and processes personal data in connection with our client relationships in our provision of banking & trust and securities investment business services. Accordingly, we have certain obligations as a data controller under the Data Protection Act (DPA) of the Cayman Islands. While these obligations are specific to personal data as defined in the DPA, Trusted Fund is committed to protecting clients’ confidential information from unauthorized access or use whether or not it constitutes personal data.
Under our obligations as a data controller, this privacy notice explains our personal data processing activity. You should ensure that this notice is provided to any individual whose personal data has been provided to us in the context of your client relationship with us as soon as practicable.
Personal Data That Trusted Fund Collects
Trusted Fund collects and processes certain personal data relating to individuals associated with our institutional clients, which may include clients’ directors, authorized signatories, shareholders, beneficial owners, employees, representatives, agents, and professional advisers (“client data subjects”).
The types of personal data Trusted Fund collects about client data subjects may include:
- identification details (e.g., relationship to the client; name, address; date and place of birth; nationality; passport information; picture ID; signature; utility bill) ·
- other due diligence information such as source of funds/wealth/financial standing; tax identification number; PEP status; information about regulatory, law enforcement, or sanctions status
- contact details (e.g., phone number, email address, mobile number, physical and mailing address)
- transactional details, where there is direct data subject involvement (e.g., wire transfer/bank account details)
Personal data may be collected directly from our clients or the data subjects in various interactions with Trusted Fund, and from searches we may conduct of our own records, publicly available sources, and various specialist databases. We may also collect information automatically through cookies on our website and in certain email communications (see our Cookie Policy on our website).
Some of the information Trusted Fund collects may fall within the category of sensitive personal data — for example, customer due diligence checks on client data subjects may reveal political opinions or information about criminal convictions or offenses. Where Trusted Fund processes sensitive personal data, it will usually do so to comply with its obligations under anti-money laundering legislation. In all cases, such processing will comply with the additional lawful basis requirements under the DPA.
The Purposes for Which Trusted Fund Processes Personal Data
Set out below are the purposes for which Trusted Fund may process personal data in the context of our client relationships and the lawful basis for doing so:
- to deliver our products and services to clients
- to manage and administer our client relationships
- to comply with customer due diligence obligations and reporting obligations under applicable law regarding anti-money laundering and combatting the financing of terrorism and proliferation; financial sanctions; and FATCA/CRS ·
- to comply with legal and regulatory measures to which we are subject in connection with our business/ service provision, including in particular the conduct of the licensed activity of banking and trust business
- to respond to lawful requests for information from the court or law enforcement, regulatory or government authorities · for general commercial purposes, including marketing/business development (see further below), product/service development and enhancement, quality control; in the context of any merger, sale, or acquisition involving Trusted Fund; and other business purposes
- to respond to or evaluate any queries or complaints concerning your relationship with us
- to establish, exercise, or defend legal claims or rights.
By way of marketing/business development, we may communicate with clients/client data subjects from time to time about products, services, and events offered by Trusted Fund and/or send analysis and insight communications that we think may be of interest. Individuals can opt-out at any time to the receipt of such communications.
Trusted Fund will only process personal data if we have a lawful basis for doing so under the DPA. The lawful bases we primarily rely upon are:
- that it is necessary to comply with our legal obligations
- that it is necessary for our legitimate interests
- that it is necessary to the exercise of a function in the public interest conferred under law (in the case of the processing of sensitive personal data of client data subjects).
Our legitimate interests will include operating our business in a commercially optimal and sound manner; marketing of our products/services; implementation of regulatory measures to which we are subject concerning, for example, IT/data security and business continuity/disaster recovery; establishing, exercising or defending legal claims or rights or dealing with complaints or disputes that may arise; conducting merger, sale or acquisition activity. When Trusted Fund processes personal data to meet its legitimate interests, we ensure that those interests are balanced against the interests or fundamental rights and freedoms of data subjects.
With Whom Trusted Fund May Share Personal Data
- our service providers (including specialist database/screening services), counterparties, and professional advisors
- our outsource service providers where involved in processing personal data on our behalf (i.e., acts as data processor), e.g., our IT service provider · Cayman Islands regulatory, law enforcement, judicial or other competent authorities, under lawful request or legal obligation
- Trusted Fund affiliates or members of our corporate group, including internal service companies and companies with which our clients have a direct customer relationship
- any concerned party as a result of a merger or the sale or acquisition of Trusted Fund or a Trusted Fund service line
Where we engage a third party to process personal data on our behalf, we will ensure a written agreement is in place with contractual terms that provide for appropriate data protection and confidentiality. Similarly, if we transfer personal data outside of the Cayman Islands, e.g., to a Trusted Fund affiliate or in connection with our IT services outsourcing, we will ensure that DPA provisions are observed concerning any such transfers so that an adequate and appropriate level of data protection is achieved.
Retention of Personal Data
Trusted Fund will retain personal data on client data subjects for the duration of your client relationship with Trusted Fund and such period after the relationship ends as is necessary to comply with applicable record retention requirements under the law (e.g., AML legislation) or to enable Trusted Fund to be in a position to deal with any complaint, claim or dispute that might arise.
Security
Trusted Fund deploys reasonable and appropriate technical and organizational measures to ensure that personal data is properly protected against unauthorized or unlawful processing and accidental loss, destruction, or damage. Our measures include ensuring that any data processor we use to process personal data on our behalf is contractually required to keep that personal data equally confidential and secure.
Data Subject Rights
In addition to the right to be informed, to which this privacy notice responds, data subjects have the following rights, which may be restricted in certain circumstances as provided under the DPA:
- the right to access your personal data
- the right to rectification
- the right to stop or restrict processing
- the right to stop direct marketing
- rights concerning automated decision-making ·
- the right to file a complaint with the Ombudsman if you consider that your personal data has not been processed in compliance with the DPA
- the right to seek compensation for damage suffered as a result of a contravention of the DPA by a data controller
To discuss or exercise the data subject rights you may have, you may contact Trusted Fund as indicated below. As previously noted, a data subject will always have the right to stop Trusted Fund from directing marketing communications to you at any time. Trusted Fund does not engage in solely automated processing of personal data to make significant decisions concerning data subjects (i.e., automated decision-making without human intervention). To the extent Trusted Fund uses cookies, this use is explained in our Cookie Policy on our website.
How to Contact Trusted Fund
If you have any questions about this privacy notice or how to make a subject access request or exercise other data subject rights, please contact us at compliance@fundbank.com.
How to Contact The Ombudsman
FundBank is committed to working with individuals to obtain a fair resolution of any complaint or concern about privacy. If individuals believe that FundBank has not been able to assist with their complaint or concern, they have the right to make a complaint to the Cayman Islands Ombudsman, who is the data protection authority. The Ombudsman may be contacted at:
Visit: 5th Floor, Anderson Square, 64 Shedden Road, George Town, Grand Cayman
Mail: PO Box 2252, Grand Cayman KY1-1107, CAYMAN ISLANDS
Email: info@ombudsman.ky Call: +1 345 946 6283
The Ombudsman provides a complaint form that may be accessed from www.Ombudsman.ky/data-protection
Changes to This Privacy Notice
We reserve the right to modify this privacy notice from time to time at our sole discretion. If we make any material changes, we will post a notice on our website and update the “Last Updated” date at the bottom of this privacy notice. A copy of the latest version may be requested from compliance@dmsbank.com at any time.
Last Updated: April 2021