This Privacy Notice sets out how we obtain and use personal data about you before and after your relationship with us, in accordance with the Data Protection (Bailiwick of Guernsey) Law, 2017 (“the Guernsey DP Law”) and in accordance with the European Union General Data Protection Regulation (2016/679) (“GDPR”).
Admina Fund Services Limited (“Admina”) may act as a “data controller” within the meaning of the GDPR and the Guernsey DP Law.
As a data controller we are responsible for deciding how we hold and use your personal data and we are required under the data protection legislation detailed above to notify you of the information contained in this privacy notice.
Admina Fund Services Limited will not be the controller of all personal data it receives and instead may be a data processor (within the meaning of the GDPR and the Guernsey DP Law) of personal data it receives, so where your personal data is being collected by or on behalf of other parties, we recommend that you take note of who the controller of that data will be and read their privacy notice.
This notice applies to clients, investors, shareholders, limited partners, beneficiaries and other trust or foundation parties, service providers, business referrers, intermediaries and other contacts of Admina (whether current, prospective, declined, exited or former) and users of our website. We may update this Notice at any time.
Any questions in relation to this Privacy Notice or requests in respect of personal data should be directed to firstname.lastname@example.org in the first instance.
Who we are
Admina Fund Services Limited is a regulated trust and corporate service provider and an investment services business. Any reference to ourselves as “Admina”, “we”, “us” and “our” will refer to the relevant company/entity in the Admina Group that is responsible for collecting and processing your data. The relevant entity with the primary relationship with you will be confirmed in either an engagement letter, a partnership agreement or other written agreement in relation to any client relationship.
The data we obtain, store and use
Admina processes data in order to provide trust, foundation, corporate and investment services. The type of data we may collect and process includes:
Contact details (including names, postal and email addresses, telephone numbers and website URL)
Information required for Admina to meet legal and regulatory requirements in particular in respect of anti-money laundering legislation, including identification data (date and place of birth, nationality, identity number, copies of your passport or other identification document) and information regarding source of funds and source of wealth
Information required for Admina to meet its reporting obligations for example: tax reporting including tax status, tax number, tax residency and financial information
Information required for us to provide the services including financial information to process payments, background information including employment details and details of dependents
Any other information you may provide to us.
We may also collect and process Special Category Data including:
Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions
Information about your health, including any medical condition, health and sickness records
Data relating to a person’s criminal record or alleged criminal activity
Special Category Data requires a higher level of protection and will only be collected and processed where we have received explicit consent or the collection and processing is necessary for compliance with a legal obligation.
Purposes of processing
We collect and process data, including personal data, for the following purposes. This table also confirms the lawful basis we are relying on in each case:
|Purpose||Lawful Basis for Processing|
|To provide trust, corporate and foundation management and administration services including bookkeeping and accounting services||The processing is necessary for the conclusion or performance of a contract the legitimate interests of Admina's clients and their underlying and connected persons|
|To provide investment management and other investment services||The processing is necessary for the conclusion or performance of a contract.|
The legitimate interests of investors and investment business clients
|To administer any contract we have entered into with you or where you are a party related to an entity for which we are contracted to provide services||To fulfil the contract we have entered into|
|Making arrangements for the termination of our business relationship||The processing is necessary for the conclusion of our contract|
|To manage our client, intermediary and other business relationships||To fulfil the contract we have entered into|
|To obtain legal and/or tax advice or representation||The processing is necessary for the conclusion or performance of a contract, or the legitimate interests of Admina and its clients to ensure that it is able to engage relevant tax or legal advisers and/or representation|
|To ensure the security of Admina’s systems and staff and prevent fraud||The legitimate interest if Admina in protecting its systems and staff from being misused or the victim of criminal activity|
|To meet all legal and regulatory obligations applicable to Admina including in respect of managing conflicts of interest||The processing is necessary for compliance with a legal obligation or regulatory obligation to which Admina is subject for example: relevant anti-money laundering and countering the financing of terrorism legislation|
The data sought will vary and the purposes for collecting and processing will overlap depending on the type of services provided.
Change of purpose
We will only process your personal data for the purposes for which we collected it, unless we reasonably consider that we need to process it for another reason and that reason is compatible with the original purpose. If we need to process your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note: we may process your personal data without your knowledge or consent where this is required or permitted by law.
Failure to provide personal data
If you fail to provide certain personal information and data when requested, we may not be able to fulfil the contract we have entered into for you, or on your behalf, or provide the services requested or we may be prevented from complying with our legal obligations.
Sources of personal data
The sources of data may include clients, data subjects directly, introducers, intermediaries, advisers, third parties connected to the data subject (for example: family member, employer or another service provider who provides services to the data subject) or open-source material.
We collect personal data via the completion of forms provided to you and completed by you, from documents provided including due diligence documents, from correspondence including email, from meetings and telephone conversations.
We will collect personal data throughout the course of our business relationship or while we provide services to clients connected to you.
Recipients of personal data
We share information with other companies within the Admina Group and with third parties including third party service providers where required by law, where it is necessary to administer our business relationship, where it is necessary for us to provide the services to you or where we have another legitimate interest in doing so.
The following are potential recipients of personal data (in each case including respective employees, director and officers):
Other companies within the Admina Group
Sub-contractors, agents, consultants or service providers such as insurance brokers, compliance, IT firms or other professional advisers of Admina or its clients and their clients and associated parties
Bankers, auditors, accountants, investment brokers, managers or advisers, legal and other professional advisers
Company formation agencies and registries
Land or property agents and registries
Guernsey and overseas regulators, or other government or supervisory body and tax authorities when required by law
Law enforcement agencies where considered necessary for Admina to fulfil legal obligations applicable to it.
When Admina engages a third party to process your personal data, we will require them to process your personal data in accordance with our instructions and protect the data against unauthorised or accidental use, access, disclosure, loss or destruction. We do not allow them to use your personal data for their own purposes. They will only be permitted to process your personal data for a specified purpose and in accordance with our instructions. Where they no longer need your personal data to fulfil the contract, they will need to transfer the data back to us and/or destroy or delete any data held by them.
Transferring data outside of Guernsey and the EU
In the event any of the third parties detailed above are outside of Guernsey, and the EU and where we are transferring personal data which would be protected under the Guernsey DP Law or GDPR we will ensure that we meet the relevant requirements prior to carrying out such a transfer. This may include only transferring the data where we are satisfied that:
The non-European Union country has Data Protection laws similar to the Laws in Guernsey and the European Union for example: the UK or Jersey
The recipient has agreed through contract to protect the information to the same Data Protection standards as Guernsey and the European Union or
We have obtained consent from the relevant data subjects to the transfer
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered, disclosed, used or accessed without authorisation. In addition, we restrict access to your personal data to those employees, agents, contractors, consultants and other third parties who have a business need to access the data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally obliged to do so.
Admina only keeps data for as long as is necessary to fulfil the purposes (as set out above) for which we collected it. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential for harm from unauthorised use or disclosure of the data, the purposes for which we process the personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Once our business relationship ends, we will retain your personal data for a period of 6 years, and then securely destroy your personal data, in accordance with our record retention and destruction policy unless there is an applicable legislation and/or regulatory requirement to keep the data for longer.
Data subject’s rights
As a data subject you have certain rights in respect of your personal data. You have the following rights:
Right of access — you have the right to request a copy of the personal data that we hold about you and to check that we are lawfully processing that data. You will not have to pay a fee to access your personal data (or exercise any of the other rights) unless your request is clearly unfounded or excessive in which case, we may charge a reasonable fee or refuse to comply with the request.
Right of rectification — you have the right to correct data that we hold about you which is inaccurate or incomplete.
Right of erasure — of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to process it.
Right to restrict processing — this enables you to ask us to suspend the processing of your personal data for example: if you want us to establish its accuracy or the reasons for processing it.
Right of portability — you have the right to have the data we hold about you transferred to another organisation.
Right to object — you have the right to object to certain types of processing including direct marketing. You also have the right to ask us to delete or remove personal data where you have exercised your right to object.
Right to object to automated processing including profiling — you have the right not to be subject to decisions based on automated processing or profiling. Admina does not currently undertake any automated processing or profiling.
If you wish to exercise these rights you should send the request in the first instance to the Data Protection Representative who can be contacted as set out below.
This Privacy Notice sets out our current policy as regards the maintenance and processing of personal data. It does not form, and should in no way be construed as, a contract and no contractual rights or causes of action shall arise in relation to or consequence of the content of this Notice.
Changes to this Privacy Notice
We keep this Privacy Notice under review and any updates will appear on our website at www.admina.gg
Changes to Personal Data
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data (including your email address) changes during your relationship with us or if you wish to cancel any request you have made to us, by sending an email to email@example.com. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Admina has a Data Protection Representative and all enquiries in respect of this Privacy Notice, any complaints about the way in which your personal data is being processed, or any request to exercise any of the rights set out above should be directed to the Data Protection Representative via email firstname.lastname@example.org, telephone +44 (0)1481 713150 or by post at:
First Floor, 10 Lefebvre Street, St Peter Port, Guernsey, GY1 2PE
In the event you wish to make a complaint about how your personal data is being processed or how your complaint has been handled you have the right to lodge a complaint directly with the Guernsey Data Protection Commissioner either via email email@example.com or by post at:
The Office of the Data Protection Authority, St Martin’s House, Le Bordage, St Peter Port, Guernsey GY1 1BR.
How to contact us
If you have any questions about this Privacy Notice or any data which we hold about you, please contact: firstname.lastname@example.org
As at 15 August 2022.