Legal, Regulatory & Data Notices

The Fiduchi group is subject to regulatory oversight in respect of certain services and activity it undertakes. Additionally, the Fiduchi group is subject to regulatory oversight in respect of data protection and anti-money laundering and countering the financing of terrorism.

1. Regulation of Activity

Jersey

‍Fiduchi Limited is regulated by the Jersey Financial Services Commission in the provision of trust and company business. For a complete listing of the regulatory licenses held by the Fiduchi Limited affiliation, please refer to the Jersey Financial Services Commission’s website https://www.jerseyfsc.org/industry/regulated-entities/entity/2744.
‍Fiduchi Fund Services Limited is regulated by the Jersey Financial Services Commission in the provision of fund services business. Please refer to the Jersey Financial Services Commission’s website https://www.jerseyfsc.org/industry/regulated-entities/entity/87695 for confirmation of the regulatory licences held in respect of fund services business.
‍Fiduchi Yacht Services Limited is a non-regulated company however, where services are provided that are subject to the Financial Services (Jersey) Law 1998, these are provided by members of the regulated Fiduchi Limited affiliation.

UK

‍Fiduchi Corporate Services Limited and Fiduchi Trustees (UK) Limited do not undertake regulated activity in the United Kingdom.

‍Dubai

‍Fiduchi Limited (DMCC Branch) is a branch of Fiduchi Limited. Its activity is regulated by the Jersey Financial Services Commission because services will be undertaken by the Fiduchi Limited affiliation.

2. Anti-Money Laundering and Countering the Financing of Terrorism (“AML/CFT”)

‍Jersey

The Fiduchi group situated in Jersey, is subject to regulatory oversight in respect of AML/CFT by the Jersey Financial Services Commission.

UK

‍Fiduchi Corporate Services Limited and Fiduchi Trustees (UK) Limited are registered with HMRC for the supervision of anti-money laundering supervision.

Dubai

‍Fiduchi Limited (DMCC Branch) is a branch of Fiduchi Limited. Because Fiduchi Limited is part of the Fiduchi group that is situate in Jersey, it is subject to regulatory oversight in respect of AML/CFT by the Jersey Financial Services Commission.

3. Data Protection

‍Fiduchi Limited, Fiduchi Yacht Services Limited and Fiduchi Fund Services Limited are regulated by the Office of the Information Commissioner in Jersey, and subject to the requirements of the Data Protection (Jersey) Law, 2018.
‍Fiduchi Corporate Services Limited and Fiduchi Trustees (UK) Limited are regulated by the Information Commissioner’s Office in the United Kingdom, and subject to the requirements of the Data Protection Act 2018.

Fiduchi also adheres to the EU General Data Protection Regulations (“GDPR”).

About us

“Fiduchi” refers to Fiduchi Group Limited, its subsidiaries, affiliates, all other body corporates and legal personalities including Foundations beneficially owned by it. Fiduchi provides corporate, trust, fund and yacht administration services to an international client base. Where such activity is regulated, please refer to the regulatory tab above.

Registration

The group is registered as follows:

Group Entity

Fiduchi Group Limited

Fiduchi Trustees Limited

Fiduchi Limited

72489

65830

128431

65829

12039603

12039499

104877

53919

366 (registered number)

114592

114593

49137

055-6760893

Jersey

12049295

72490

Jersey

124013

Country of Incorporation

Incorporation Number

Fiduchi Fund Services Limited

Fiduchi Directors 1 Limited

Fiduchi Directors 2 Limited

Fiduchi Yacht Services Limited

JY Trustees Limited

Fiduchi Limited (DMCC Branch)

Fiduchi Corporate Services Limited

Fiduchi Trustees (UK) Limited

Fiduchi Group (UK) Limited

Baker Tilly Channel Islands Pension Trustees Limited

The Fiduchi Foundation

Fiduchi Secretaries Limited

Fiduchi Nominees Limited

Jersey

UAE

Jersey

Registered Offices

Fiduchi's registered offices are:

Jersey - PO Box 437, 1st Floor Kensington Chambers, 46/50 Kensington Place, St Helier, Jersey JE4 0ZE

UK - Tallis House, 2 Tallis Street, Blackfriars, London, EC4Y 0AB United Kingdom

Dubai - Unit No:1521 DMCC Business Centre, Level No. 1, Jewellery & Gemplex 3, Dubai, United Arab Emirates

Registered Business Names

Fiduchi, Fiduchi Asset Management, Fiduchi Capital Markets, Fiduchi Corporate, Fiduchi Family Office, Fiduchi Fund Services, Fiduchi Private Client, Fiduchi Private Wealth, Fiduchi Real Estate, Fiduchi Trust, Fiduchi Wealth Management and Fiduchi Yacht Services are registered business names of the Fiduchi Group Limited.

Copyright

Materials published on this website are, unless otherwise stated, the copyright of Fiduchi. Copies of materials which are of interest to you may be made for your own personal use and such copies can be provided to others for information purposes only provided it is free of charge and the copies do not comprise substantial parts of the website.

The content of any material which is published must remain intact when copies are made, and the communication of the content must not be misleading or inaccurate and a copy of this notice must accompany any copies of the materials which are provided to others. Such copies remain subject to Fiduchi’s copyright notices.

Any other use of the materials published on this website is not permitted without the express prior written consent of Fiduchi.

Trademark

“Fiduchi” is a registered trademark of Fiduchi Group Limited.

Disclaimer

The content on our website is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our website.

Fiduchi does not provide legal or tax advice and you must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our website.

Not all services are available from each jurisdiction in which we operate. Please contact the lead regional contact for more information.

Although we make reasonable efforts to update the information on our website, we make no representations, warranties or guarantees, whether express or implied, that the content on our website is accurate, complete or up to date.

You may link to our website, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it. You must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part where none exists. We reserve the right to withdraw linking permission without notice. If you wish to link to or make any use of content on our website other than that set out above, please contact marketing@fiduchi.com.

This privacy notice contains the information gathering and use policies adopted by Fiduchi Limited (“Fiduchi”) when collecting personal information. It applies to information collected from:

Visitors to our website;
People who contact us through the website;
People who have consented to be contacted by us by way of newsletter, email or other means (marketing campaigns);
Our clients to whom we have been engaged to provide services;
Applicants (both for specific vacancies and speculative);
Current and former employees

Additionally, it sets out the purposes of the processing of personal data by Fiduchi in respect of this web site, the use of cookies and how to affect your rights in respect of your personal data.

These policies are subject to periodic review and any changes will be included within this section of the site. Our Privacy Notice was last up-dated on 8th July 2019.

Collection of information

As a visitor, you do not have to submit any personal information in order to use the website, unless you willingly complete our contact form. By visiting this website certain personal data may be collected about you, and we set out below the details of what personal data may be collected and how that personal data may be processed.

Purpose of processing

Fiduchi will use this personal data in accordance with the purpose set forth in this Privacy Notice and is committed to safeguarding the personal data collected. Fiduchi collects and processes information about visitors to its web site, when you have filled out enquiry forms or signed up for e-mail alerts and by using cookies. In particular personal data is collected for the following purposes:

Tracking visitors to our website;
To improve your use of our website and ensure the optimum user experience;
To determine the geographical location of users;
Identifying the services and products that are most of interest to you.

Fiduchi will comply with the requirements of relevant data protection legislation that is in force in respect of the handling of personal data, as amended from time to time in those jurisdictions where it is situate. The relevant legislation as it applies to Fiduch is set out here.

Using our website

As set out under Purpose of Processing above, our aim is to ensure that users of our website have the optimum user experience. To achieve this, we use a third party service as set out below.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc. (‘Google’). Google Analytics uses cookies (text files placed on your computer) to help the website operators analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Cookies

What are cookies?

Fiduchi uses cookies on its website. A cookie is a small text file that is sent to your internet browser. Your internet browser will save the cookie. A cookie is usually a unique number with which data can be associated.

Why does Fiduchi use cookies?

Fiduchi uses cookies to ensure you have the best possible user experience on our website and can navigate the web site quickly and efficiently. Fiduchi also deploy cookies to determine where Fiduchi can improve the web site to make it even quicker and easier for you to find what you are looking for.

What does Fiduchi do with the cookies?

Fiduchi uses the cookies for various reasons, including to:

study how users or group of users use the web site, so that Fiduchi can improve the web site;
be able to inform you better of Fiduchi services;
undertake analysis for research and statistics;
improve the website, making it easier for you to find what you are looking for;
remember your setting and preferences, making your subsequent visits to the web site easier.

How can I accept cookies?

You can accept cookies by clicking the Accept button on the bottom of the landing page.

What am I accepting if I accept cookies?

If you accept, you are accepting all cookies used on this website.

Can I reject cookies?

If you do not wish to accept cookies, you have to change the settings of your internet browser to block all cookies. After rejecting, you may continue your visit, no cookies will be used but the functionality of the website may be impacted and as such your user experience.The next time you will visit our website, you will be informed again that our website uses cookies.

Staying safe online - Phishing

Phishing is a process used by fraudsters in an attempt to acquire your confidential information by sending out emails advertising fake job vacancies or other kinds of messages that direct you to bogus websites or phone lines. These emails or messages often claim to be from a particular company, and they can often look legitimate. However these messages are actually sent by fraudsters, often at random. Any information you disclose on these bogus websites or phone lines is captured by the fraudsters.

‍Remember:
Any communication from Fiduchi, whether sent by email, text message or website, will never ask you to enter your personal details. We will never ask you to enter any of your security details in a pop-up screen. Where you receive a communication which is made to look like it has originated from Fiduchi and which asks you to enter your details into such a screen then this will almost certainly be a scam. Protect yourself by treating any unsolicited emails or calls that ask for confidential information with suspicion. If in doubt about the validity of a particular message, we encourage you to forward the message onto dpo@Fiduchi.com or for you to speak with your client service team.

Special category data (formerly known as sensitive data)

Fiduchi does not seek to collect special category personal data (such as data revealing political opinions, religious beliefs, health or other matters) through this web site. Please note that, by providing Fiduchi with unsolicited sensitive personal data you (explicitly) consent to our use of said data as described above.

Email communications

If you have registered to receive emails from Fiduchi you have the option to opt out or to change your email preferences. This option can be found in the footer of the email.

Use of information

Information is used only for the specific purpose for which it was provided except where you explicitly select to receive other information from Fiduchi. You can opt out of receiving information from Fiduchi or request that your personal details are deleted from our systems at any time either by emailing us at dpo@fiduchi.com or by selecting the option in the footer of any email received by you from us.

Accuracy of information

Fiduchi assumes responsibility for keeping an accurate record of personal data once you have submitted the information, but not for confirming the on-going accuracy of your personal information. If you advise Fiduchi that your personal data is no longer accurate, it will be amended (where practical).

Provision of information to third parties

Information is normally only provided to a third party if it is required to deal with your enquiry, but there may be other circumstances where Fiduchi is required to provide information as a result of legal process. Fiduchi does not undertake marketing activities for third parties, nor does it provide information to third parties for their own marketing purposes.

Retention of information

Information is kept only for as long as is necessary to fulfil your request or deal with your job application. In particular:

‍Provision of services – where your data is received as part of an enquiry for service and the enquiry does not progress, this data will be held for a period of 6 months after your enquiry, subject to any legal obligations we may have under relevant anti-money laundering legislation. Where we are engaged to provide services to you data received and held by us will be handled in accordance with our published Terms of Business.
‍Application for a vacancy – should your application be unsuccessful we will retain your data for a period of 6 months. Information received in respect of speculative applications will be held for a period of 6 months.
‍Marketing – where your personal information has been received in respect of marketing communications, we will renew all such consents every two years.

Retention of information

Information is kept only for as long as is necessary to fulfil your request or deal with your job application. In particular:

‍Provision of services – where your data is received as part of an enquiry for service and the enquiry does not progress, this data will be held for a period of 6 months after your enquiry, subject to any legal obligations we may have under relevant anti-money laundering legislation. Where we are engaged to provide services to you data received and held by us will be handled in accordance with our published Terms of Business.
‍Application for a vacancy – should your application be unsuccessful we will retain your data for a period of 6 months. Information received in respect of speculative applications will be held for a period of 6 months.
‍Marketing – where your personal information has been received in respect of marketing communications, we will renew all such consents every two years.

Security of information

The data controller collecting the information described in this statement is the Service Provider. Unless you instruct us otherwise, information you provide will be used by Fiduchi and persons, bodies corporate or partnerships controlled (directly or indirectly) by Fiduchi.

Third-party information

Fiduchi is not responsible for the privacy policies of third-party web sites to which any links are provided. You should check the privacy policies on these sites before providing any personal information.

Amendments

Fiduchi reserves the right to change (sections of) this Privacy Notice at any time and without notice. It is recommended that you review this Privacy Notice periodically for changes. This website (http://www.Fiduchi.com) is administered by Fiduchi Limited.

How to contact Fiduchi?

If you have any questions about this Privacy Notice, our data processing activities or your dealings with this website, you can contact us by:

Email: dpo@Fiduchi.com
‍Postal mail to: Fiduchi Limited, PO Box 437, Kensington Chambers, 46/50 Kensington Place, St Helier, Jersey JE4 0ZE.

1. Introduction and scope

This Personal Data Protection Policy ("Policy") describes the privacy practices of Fiduchi regarding the Processing of Personal Data in respect of our clients (and their associated parties) as part of the provision of services by Fiduchi to clients. Personal Data collected may be received directly from the individual in question or could be received from a third party such as the client's professional advisers. We may sometimes collect additional information from third parties including, credit reference agencies or other background check agencies or databases.

This Policy does not apply to the collection of Personal Data through our website or through cookies. Please refer to our separate Privacy Notice, which includes our Cookies and Google Analytics Policies.

Fiduchi reserves the right to update this Policy at any time without consulting or pre-informing its clients.

2. Definitions

The capitalized terms listed below have the follow meaning in this Policy:
a. “Client” means the counterparty to the Service Agreement with Fiduchi;
b. “Client Affiliate” means any legal entity affiliated to the Client;
c. “Client Data Subjects” means the client, their family members, former and current directors, officers and employees and customers of the Client and Client Affiliates and any other party such as professional advisers and officers and employees of those professional advisers appointed formally or informally to the structure to which Fiduchi has been engaged to provide services;
d. “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data;
e. “Data Protection Laws” means the Data Protection (Jersey) Law 2018 and the UK Data Protection Act 2018 as appropriate, which came into force on 25 May 2018 together with all implementing laws and any other applicable data protection, privacy laws or privacy regulations in the relevant jurisdictions, including the EU General Data Protection Regulations;
f. “Personal Data” means any information through which a Client Data Subject can be identified directly or indirectly;
g. “Processing” means any operation or set of operations which is performed upon Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
h. “Processor” shall mean the party, which processes Personal Data on behalf of the Controller;
i. “Services” means the services Fiduchi provides to the Client under the Service Agreement;
j. “Service Agreement” means any written contract, any letter of engagement, any written statement of work, or any other written binding agreement, including any annexes thereto, between Fiduchi and the Client;
k. “Sub-processor” means any data processor appointed by a Processor to process Personal Data on behalf of the Controller;
l. “Fiduchi” means the Fiduchi Affiliate that is the contracting entity to the Service Agreement;
m. “Fiduchi Affiliate” means with respect to any specified person or entity, any other person or entity directly or indirectly controlling or controlled by or under direct or indirect common control with such specified person or entity. For the purpose of this definition, “control”, when used with respect of any specified person or entity means the power to direct or cause the direction of the management or policies of such person or entity, whether through ownership of voting securities or by contract or otherwise. The terms “controlling” and “control” have meaning correlative to the foregoing. Specifically excluded from this definition is Fiduchi Group Limited the shareholding company which controls the Fiduchi Limited affiliation and Fiduchi Yacht Services Limited.

3. Personal data processed by Fiduchi

Fiduchi may collect, store, and use the following categories of personal data about you:

Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses;
Information to meet legal and regulatory requirements including "know your client" information on clients and related parties to comply with anti-money laundering and anti-terrorist financing obligations including identity information (including date of birth, gender and marital status) and information in relation to source of funds and source of wealth;
Copies of clients legal/ tax or other professional advice, personal tax classification information and tax, social security or other unique identification numbers provided to us in order to enable us to provide services under the Service Agreement;
Bank account and transactional details and records;
Information regarding an individual's personal circumstances, including employment status and history, salary details, business interests, property or other assets, or other information about Client Data Subjects which we require to be able to provide the Services;
Next of kin and emergency contact information;
Information about your legal requirements and sector of interest• Information about your personal and business assets and information relevant to a specific legal issue you seek advice upon.

We may also collect, store and use the following "special categories" of more sensitive personal information:

Information about criminal convictions and offences;
Information about Client Data Subjects family and personal life relevant to the provision of Services;
In certain circumstances, primarily where a Fiduchi affiliate acts as trustee of a trust and has a legitimate interest in knowing such information, we may collect information concerning the health of individuals and personal data relating to children, for example where such children may have a beneficial interest in any company or trust arrangement in connection with the Services.

4. Use of personal data

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

Where we need to perform the Services;
Where we need to comply with a legal obligation;
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

We may also use your personal information in the following situations, which are likely to be rare:

Where we need to protect your interests (or someone else's interests);
Where it is needed in the public interest.We need all the categories of information we collect primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases we may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. Sometimes there will be several grounds which justify our use of your personal data.

The situations in which we will process your personal information, together with the purposes for which we are processing or will process your personal information are set out in Schedule 1.

We will only use your personal information for the purposes for which we have collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

In addition, Fiduchi is allowed to use aggregated data – to the extent this can no longer be considered Personal Data - for analysing purposes, for website and for internal operations, including troubleshooting, data analysis, testing, research, for statistical purposes and for improving the quality of its Services.

5. Sub processing and sharing of Personal Data

Fiduchi may appoint certain third parties to provide part of the Services to the Client or assist with providing technical support, such as IT service providers or other suppliers. By signing the Service Agreement, the Client authorises Fiduchi to subcontract the Processing of Personal Data to Sub-processors. Sub-processors are in each case subject to the terms between Fiduchi and the Sub-processor which are no less protective than those set out in this Policy and the Service Agreement. Fiduchi will inform the Client of the details of such Sub-processor(s) upon written request from the Client. Fiduchi will inform the Client in advance of any intended changes concerning the addition or replacement of Sub-processors and thereby give the Client the opportunity to object to such changes.

We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so. This may involve us sharing your information with:

Any person with legal or regulatory power over us (such as the Jersey Financial Services Commission, relevant tax authorities, the Jersey Financial Crimes Unit, HMRC etc., together "relevant competent authority") who may require disclosure on legal grounds or where otherwise required as a matter of law;
Third party service providers who help us work with you and operate our business and perform the Services (for example IT and Document management service providers);
Entities working with you or your business’ product or service including client entities you have an interest in or which are affiliated to you (unless you instruct us not to);
Organisations that introduce you to us (unless you instruct us not to);
Organisations that we introduce you to (unless you instruct us not to);
Organisations you ask us to share your data with; and
Banks, Credit card companies and direct debit operators and transaction counterparties to the extent necessary to provide the Services.

6. Confidentiality and security

Fiduchi shall keep the Personal Data confidential and will instruct its staff and Sub-processors to the same. Fiduchi shall implement appropriate technical and organisational measures to ensure a level of security of the Personal Data appropriate to the risk required pursuant to data protection laws. In assessing the appropriate level of security, Fiduchi shall take account in particular of the risks that are presented by Processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed.

7. Co-operating with requests of the client

Fiduchi shall, upon request and to the extent required under Data Protection Law, co-operate with requests of the Client that relate to the Processing of Personal Data. In particular, Fiduchi shall co-operate with requests that relate to Client Data Subject rights, Data Protection Impact Assessments and audit rights as described below.

Client Data Subject rights:
Data protection law affords data subjects certain rights in respect of their data. With effect from 25 May 2018, under certain circumstances, by law you have the right to:

‍Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
‍Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
‍Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
‍Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
‍Request the transfer of your personal information to another party.
Where you wish to exercise one of these rights, we would request that you make a request in writing. We will ask you to complete our data subject request form to help us respond to your request as quickly and efficiently as possible. We may need to ask you to provide information to verify that you are the data subject or, where the request is made on behalf of another data subject that you are authorised by that data subject. Where a data subject request is received verbally, we will write to you to confirm your request.
In accordance with section 27, Part 6 of the Law, upon receipt of a valid data subject access request, we are required to respond to your request within 4 weeks of receipt. Where upon initial investigation we identify that we may require longer than 4 weeks, we will contact you to advise you accordingly and provide an up-date at regular intervals until such point we have fulfilled your request and within a further period of 8 weeks. Where we identify that no action is required by us under the Law, we will inform you accordingly.
There will be no charge for the request, unless we consider that the request is either manifestly vexatious, unfounded or excessive, in particular because of the repetitive character, of the request. Where we consider that a request meets such characteristics, we will write to inform you. In such circumstances we may either charge you a reasonable administrative fee for providing the information or decline to respond.
If you are not satisfied with the response, we provide to you in respect of your data subject request, you are able to contact the Office of the Information Commission in Jersey who is able to resolve complaints about such matters. The Information Commissioner can be contacted online using the following link: https://oicjersey.org/online-enquiry/#/complain/form
For any such complaints you will be required to download and complete an enquiry form including all relevant details of your complaint, which can then be submitted via email to enquiries@oicjersey.org or the form can also be sent by post to: Office of the Information Commissioner, 2nd Floor, 5 Castle Street, St Helier, JE2 3BT.

‍Data Protection Impact Assessments ("DIPA"):
DPIAs will be undertaken by Fiduchi where it considers appropriate in accordance with the Data Protection Laws which may include the following circumstances:

Development of new products and services;
Technological developments;
Operational procedures; or
Any other process which may potentially impact the processing of personal data.

‍Audit rights:
On reasonable request and notice and at the Client's expense, Fiduchi will co-operate in the conduct of any audit or inspection, reasonably necessary to demonstrate Fiduchi’s compliance with the obligations laid down in this Policy, provided always that this requirement will not oblige Fiduchi to provide or permit access to information concerning:

Information relating to Fiduchi's other Clients;
Any of Fiduchi non-public external reports;
Fiduchi confidential information; or
any other internal reports prepared by Fiduchi's Compliance function.

The Client’s requests provided in this section 7 will be fulfilled in close co-operation with and under supervision of Fiduchi's Director - Operations.

8. Deletion or return of client personal data

At the choice of the Client, Fiduchi will delete or return the Personal Data at the end of the provision of the Services relating to Processing, subject to our stated retention period in our Terms of Business, to the extent reasonably possible and unless (i) Data Protection Laws, (ii) any law, statute, order, regulation, rule, requirement, practice and guidelines of any government, regulatory authority or self-regulating organization that applies to the Services in the country where those Services are being provided (“Applicable Law”), or (iii) competent court, supervisory or regulatory body, require the retention of such Personal Data by Fiduchi.

9. Incident management

Fiduchi shall notify a client or clients impacted by a data incident where required by the Data Protection Laws without undue delay after becoming aware of a personal data breach. All data incidents will be handled by our Director - Operations, who can be contacted at dpo@fiduchi.com.

Further Fiduchi has an obligation to report a data breach under Data Protection Laws to the relevant authorities. The obligation is to notify the Office of the Information Commissioner in Jersey within 72 hours of the data incident occurring, where it is a Jersey data matter. Where it is a UK data matter, the obligation is to notify the Information Commissioner’s Office within the same timeframe of 72 hours.

At all times Fiduchi will seek to keep relevant client or clients informed of the how the incident arose, what the potential impact of the incident is, the remediation actions taken and any mitigants that will be implemented, or other steps being taken to rectify or provide redress.

10. Transfers of client personal data

Where during the provision of services to a client Fiduchi is required to engage with a third party in the processing of client data where that third party is outside of Jersey or the EU, and therefore not subject to data protection law which is equivalent to that in force in Jersey, Fiduchi will:

Ensure that the third party has in place similar policies and processes which are compliant with the requirements of the Law;
Consider undertaking a review or obtain other relevant confirmation that the data is being processed in accordance with the Law;
Ensure that the third party has in place relevant procedures in order to be able to identify data breaches and deal with them including the immediate notification to Fiduchi of such breach arising;
Ensure that the third party has in place appropriate measures to identify and deal with data subject access requests.

11. Indemnification

The Client warrants that all Personal Data processed by Fiduchi on behalf of the Client is accurate and will be kept up to date as set out in Fiduchi’s Terms of Business as amended from time to time. The exclusions and limitations of the liability of Fiduchi set out in the Service Agreement and in Fiduchi’s Terms of Business shall also apply to this Policy.

How Fiduchi uses your data >

How Fiduchi uses client data

Our basis for doing so

Fiduchi's legitimate interests (where appropriate)

To operate and maintain our relationship with Clients.

Your consent;
Contract fulfilment;
Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Developing and growing our business;
Obtaining your consent where needed for contact;
Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Delivering Fiduchi’s services to our clients.

Contract fulfilment;
Fiduchi’s legitimate interes;
Fiduchi’s legal obligations.

Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Marketing our products and capabilities to clients.

Your consent;
Fiduchi’s legitimate interest.

Developing and growing our business;
Obtaining your consent where needed for contact.

Developing new service lines and products to better service clients.

Contract fulfilment;
Fiduchi’s legitimate interest.

Developing and growing our business;
Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Developing new service lines and products to better service clients.

Fiduchi’s legitimate interest.

Developing and growing our business;
Obtaining your consent where needed for contact;
Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

To advise our clients about our services.

Your consent;
Fiduchi’s legitimate interest.

Developing and growing our business;
Obtaining your consent where needed for contact.

Working with service providers who help Fiduchi operate its business.

Contract fulfilment;
Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Developing and growing our business;
Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Designing and testing new products and services for our clients.

Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Developing and growing our business;
Identifying the client base for our service lines;
Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Providing trust, company and administration services.

Fiduchi’s legitimate interest;
Fiduchi’s legal obligations;
Contract fulfilment.

Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Making and delivering client payments, disbursements and fees on client accounts.

Contract fulfilment;
Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Risk management and corporate governance.

Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Responding to complaints.

Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

Obeying applicable laws and regulations including the prevention of financial crime.

Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Maintaining proper practice and efficiencies in meeting our legal obligations.

To properly, efficiently and lawfully operate the business of Fiduchi Group with proper regard to legal advice and monitoring, internal communications and corporate governance, audit and oversight.

Fiduchi’s legitimate interest;
Fiduchi’s legal obligations.

Maintaining proper practice and efficiencies in meeting our legal and commercial obligations.

To exercise Fiduchi's contractual rights including the collection of monies owed to Fiduchi.

Fulfilling contracts.

Overview

Fiduchi is committed to maintaining the highest level of privacy standards and safeguarding all data on our networks and systems in accordance with the requirements of relevant data protection legislation and General Data Protection Regulations. Utilising the latest in multi-factor authentication, physical and network security, firewalls and intrusion protection systems, we’re able to implement multiple layers of security controls to protect access to our data and networks.

Working in collaboration with leading industry suppliers, we leverage from their experience and expertise in global threat and intelligence protection to protect our systems.

Data Security

Our electronic communications are protected by industry standard SSL and TLS 1.3 for transport security with an added layer of security which scans all communications on departure and arrival.

Data Encryption

We maintain encryption for all at rest data. Data is backed-up outside of the network and stored in an isolated ring-fenced format free from internet access.

Access Control

Access to data is only permitted to verified authenticated users only. All users are required to use Multi-factor authentication alongside Fiduchi’s policies requiring complex passwords. We use a “least-privilege approach” to control access to data, which means that all data access is granted to only those individuals that require it through their assigned roles.

Monitoring

We monitor our network in real time 24/7.