Click here for information on how Stonehage Fleming is responding to the COVID-19 epidemic

Privacy notice

This Privacy Notice explains how the Stonehage Fleming Companies in South Africa (collectively “us”, “we”, “our”) collect, use and disclose your personal data, and your rights in relation to the personal data being held by us, in accordance with the requirements of the Protection of Personal Information Act No. 4 of 2013 (“POPIA”), and where applicable, the data protection laws of the European Union, United Kingdom and / or other relevant jurisdictions.

We may amend this Privacy Notice from time to time, to reflect any changes in the way that we process your personal data. This Privacy Notice supersedes any previous version of this notice with which you may have been provided or had sight of before the date at the end of the last section of this notice, as well as anything to the contrary contained in any agreement with us.

We are committed to protecting your privacy and to ensuring that your personal information is collected and used properly, lawfully and transparently.

The following Companies form part of the Stonehage Fleming Group in South Africa:

  • Stonehage Fleming Financial Services (Pty) Ltd, an authorised Financial Service Provider that provides advisory and intermediary family office services to private clients;
  • Stonehage Fleming Investment Management (South Africa) (Pty) Ltd, an authorised Financial Services Provider that renders advisory and discretionary investment management services to private clients;
  • Stonehage Fleming Consulting (Pty) Ltd, an entity providing company secretarial services, emigration, tax, estate planning and structuring advice as well as tax compliance and accounting services;
  • Terra Nova Trustees (Pty) Ltd, which provides independent trustee services.

Our Information Officer is Mr Johann Louw. His contact details are:


Telephone: +27 21 446 2132

Post: 54 Glenhove Road, Melrose, Johannesburg, 2196, South Africa


First Floor, North Block, Waterway House, 3 Dock Road, V&A Waterfront, Cape Town, 8001, South Africa

You have the following rights:

  • To obtain access to, and copies of, the personal data that we hold about you;
  • To require that we cease processing your personal data if the processing is causing you damage or distress;
  • To require us not to send you direct marketing communications;
  • To require us to erase your personal data;
  • To require us to restrict our data processing activities;
  • Where required by legislation, to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;
  • To require us to correct the personal data we hold about you if it is incorrect.

Please note the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. If you have any questions about how we use your personal data, or you wish to exercise any of the rights set out above, please contact our Information Officer.

If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Regulator ( in South Africa or relevant supervisory authority in your jurisdiction.

We may collect your personal data in a number of ways, for example:

  • From the information you provide to us when you meet with one of our employees;
  • When you communicate with us by telephone, fax, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
  • When you or your agent complete or we complete on your behalf client on-boarding or application or other forms;
  • From other companies in the Stonehage Fleming Group;
  • From your agents, advisers, intermediaries, insurance companies, fund managers, investment managers and custodians of your assets;
  • From the trustee(s) of any trust in respect of which you are a settlor or a beneficiary or with which you are otherwise connected;
  • From publicly available sources, or from third parties, where we need to conduct background checks about you.

’Personal data’, as referred to in this Privacy Notice, applies to data that may be used to identify an individual or a juristic person (this includes non-human legal entities such as a company or a trust). We may collect the following categories of personal data about you:

  • Your name and contact information such as address, email address and telephone number, as well as your date of birth, tax identification number and your passport number or national identity card details, country of domicile and your nationality;
  • Information about your knowledge and experience in the investment field;
  • An understanding of your goals and objectives in connection with your wealth;
  • Information about your employment, education, family or personal circumstances, and interests;
  • Information relating to your tax affairs including your tax status;
  • Information, some of which is collected daily, to assess whether you may represent a money laundering, terrorist financing or reputational risk to the Group. This includes whether you are a Politically Exposed Person, are involved in a high risk business, have been arrested, charged or convicted of a crime, are on a sanctions list or expose us to tax, litigation, bribery or corruption risk.
  • Information relating to you and your financial situation such as your industry and marketing segment, the services we offer which may be of interest, your net worth, income, expenditure, assets and liabilities, sources of wealth and your bank account details;
  • With your consent, information concerning your health where relevant to services we provide;
  • Information relating to a legal entity including legal form, registered and trading name, registration number, registration date, registered and operating address, tax number, financial statements, auditor information, and personal data of individuals connected to the legal entity.

a) We will use your personal information only to render services to you in accordance with the purpose for which it was collected or agreed with you, for example:

  • to prepare a proposal for you regarding the services we offer;
  • to enter into a contract and provide you with the services as set out in the terms of our engagement letter;
  • to effectively process your transactions;
  • to identify and verify you in order to complete annual FATCA/ CRS reports;
  • to deal with any complaints or feedback you may have;
  • to detect and prevent fraud, crime, money laundering or other malpractice;
  • for audit and record keeping purposes;
  • to communicate to you in respect of the products purchased or services applied for;
  • for any other purpose for which you provide us with your personal data.

We may process your personal data without your specific consent because it is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract.

In this respect, we may share your personal data with:

  • Your advisers or agents or employees of firms with which you are associated;
  • Registered agents;
  • Companies, partnerships, other entities or the trustees of trusts, and the directors and/or employees of such companies, partnerships, in respect of which fiduciary and/or administrative services are provided, and in respect of which you are connected or have an interest.
  • Our advisers where it is necessary for us to obtain their advice or assistance;
  • Other third parties such as banks, intermediaries, insurance companies, fund managers or investment managers to whom we may introduce you and that form part of the service provided;
  • Companies within our Group;
  • Payment processors where we are making payments on your behalf;
  • Transport companies and travel agents;
  • Our data storage providers.

b) Necessary for our Legitimate Interests

We may also process your personal data because it is necessary for our legitimate interests.

In this respect, we may use your personal data for the following:

  • To run, grow and develop our business;
  • To ensure a safe environment for our employees and visitors, including website visitors;
  • To provide client services;
  • To conduct market research and carry out business development activities;
  • To train our staff or monitor their performance;
  • For the administration and management of our business including carrying out internal group administrative functions and recovering money you owe to us;
  • To seek advice and guidance on our rights and obligations, such as where we require our own legal advice;
  • To mitigate the risks we face.

In this respect we may share your personal data with the following:

  • our advisers, agents, settlors or protectors of trusts where it is necessary for us to obtain their advice or assistance;
  • with third parties and their advisers where those third parties are acquiring, or considering acquiring all or part of our business.

If we rely on our (or another person's) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person's) legitimate interests are not outweighed by your personal interests or fundamental rights and freedoms which require protection.

c) To comply with a legal obligation

We may also process your data to comply with a legal obligation which we are under.

In this respect, we may use your personal data for the following:

  • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering and counter the financing of terrorism laws, tax reporting and where we are required to monitor, record or store telephone conversations.

In this respect, we may share your personal data with the following:

  • Our advisers where it is necessary for us to obtain their advice or assistance;
  • Our auditors where it is necessary as part of their auditing functions;
  • With service providers who we may engage to assist in delivering the services to you, where they conduct reviews in accordance with their statutory obligations;
  • With third parties who assist us in conducting background checks;
  • With relevant regulators or law enforcement agencies, where we are required to do so.

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorised access and use of personal information. We will, on an ongoing basis, continue to review our security controls and related processes to ensure your personal information is secure.

We may use other Group companies to provide services and may share your personal data for the reasons set out elsewhere in this Privacy Notice.

Where you are resident in the European Union, Switzerland, United Kingdom, Israel or Jersey:

We may need to transfer your personal data to other Group companies located in the European Economic Area as well as Switzerland, Israel, Canada, United Kingdom or Jersey, which are countries that are viewed as having an adequate level of protection for your personal data. We may also share your personal data with Group companies located in the United States of America and the British Virgin Islands which do not have laws which provide the same level of protection to your personal data as are provided within the mentioned jurisdictions. These companies are subject to data sharing arrangements, as determined by the relevant privacy and data protection laws.

If you wish to receive details regarding the companies within the Group which we have engaged to assist in delivering services to entities in respect of which you are connected or have an interest and with whom we have shared your information, please contact our Information Officer in South Africa:

Name: Mr Johann Louw


Tel.: +27 21 446 2132

Our appointed representative in the European Union is Sturdon Holdings Luxembourg SARL. Our Data Privacy Officer in Luxembourg is:

Name: Mr Peter Egan


Tel.: +352 2744 7303

Our appointed representative in the United Kingdom is Stonehage Fleming Services Limited. Our Data Protection Officer in the United Kingdom is:

Name: Mr Cesare Milani


Tel.: +44 (0) 207 087 0136

We may retain your personal data for a period of seven years after the termination of our relationship with you in order to meet our regulatory and legal obligations. However, we may retain your personal data for a longer period where necessary to protect against legal claims.

Version: 20 April 2021