Privacy notice

Personal Data is information relating to a living individual (or a Juristic Person when the processing is taking place in South Africa and is subject to South African privacy law) who can be identified from that data or data that makes you identifiable. Settlors, Protectors, Beneficiaries (minors and adults), Directors, Trustees, Politically Exposed Persons and their families and associates, Controlling Persons of Entities, Business contacts, Staff (current and former), Suppliers, and associates, employees and consultants of client entities are all included where they are natural living persons.

When we collect, store, use in any way for any purpose or delete your personal data we are processing it.

Personal data includes, among other data, your name(s), address(es), email address(es), telephone number(s), bank account number(s), date of birth, tax residency, national insurance number(s) and passport number(s).

Stonehage Fleming Wealth Services Limited is the Data Controller of your Personal Data. The Data Controller is responsible for ensuring that your personal data is processed in compliance with data protection laws and to provide you with this privacy notice. If you have any questions or concerns about personal data or this privacy policy or you wish to make a complaint about how we have processed your personal data, or you wish to exercise any of your rights as a data subject, please contact the Data Controller by email at ukdataprotectionofficer@stonehagefleming.com or by post at the following address:

We may process your personal data because it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. We may also process your personal data because it is necessary for our legitimate interests, such as growing our business, or to comply with a legal obligation.

Proposals: We process your name, date of birth, financial data and contact details in order to ascertain your financial needs. Processing of this data will occur in the United Kingdom. Stonehage Fleming Wealth Services Limited has a legal obligation to assess your financial needs and would be unable to act for you without doing so.

Take On: Other than your contact details which we require to contact you and an internal number we assign to you, all personal data collected/processed as part of the Client Take On process is mandatory for compliance with Know Your Customer/Anti-Money Laundering requirements. This applies whether you are a settlor, trustee, director, protector, beneficiary, significant shareholder or other data subject on whom we seek personal data. Your personal data will be stored on our servers in Europe and the United Kingdom. Your data may be shared with third parties within the European Union and/or globally to undertake sanction screening and the internal data we generate may go to our other Group offices for reporting. Where such office is situated in a third country, such as South Africa, we have the necessary safeguards in place to protect your data.

Custodian Bank Set Up: Other than your contact details which we require to contact you, any personal data collected including but not limited to, proof of address, register of members, register of directors, controlling persons, authorised signatories, proof of identity as applicable, is to satisfy regulatory requirements and will be shared with the custodian bank. Your data will be stored by Stonehage Fleming Wealth Services Limited and may be transferred to one of the Group’s offices to enable the provision of reporting to you. Where such office is situated in a third country, such as South Africa, we have the necessary safeguards in place to protect your data.

Payments: The bank details which we request from you including swift code, IBAN and account number are used for record keeping, which we have a legal obligation to undertake and to process payments in fulfilment of our contract with you. These details may be shared with other Group offices and with your custodian. Where such office is situated in a third country, such as South Africa, we have the necessary safeguards in place for processing your data.

Dealing and Execution: We process the account number, tax ID, FATCA/CRS information and deal record and may refer to any policy statement that is in place which may contain personal data. We may also assign a unique internal reference. We are required to do this by legislation and/or to fulfil our contract with you.

We also use all of this information for MiFIR reporting.

This data is shared with the FCA, Unavista (London Stock Exchange), your custodian, and may be shared with our Group offices in the United Kingdom, Europe, the Isle of Man and South Africa.

Invoicing: We use the personal contact data you have provided us with together with internally generated reference numbers to raise invoices and also to fulfil our legal obligation to keep records.

Reporting: We have a legal obligation to produce client reporting and use the personal data we collect from you together with financial data and an internally generated reference number assigned to you to do so. This may be shared with regulatory bodies and your custodian. Your personal data may be input into and processed by fund and accounting software which is maintained and may be used by our Group entities globally.

Investment policies and reviews: We require specific documents which may contain your personal data, such as investment portfolio statements, investment policy statements, bank statements or supporting documentation in order to formulate, amend or review investment policies. The documents and the information contained in them will not be shared outside of the Group.

Termination: We will further process the personal data you have provided us with when you terminate your relationship with us as we are required to communicate that to the various parties we engage with including the custodian and other Group offices (in particular South Africa).

Sharing with Broker, Custodian, or Portfolio Manager: Brokers, Banks, Custodians and Portfolio Managers may require information on you for their own due diligence to comply with regulations, we share the information you provide to us with them for this purpose.

We will also use your data in the normal running of our business including for reasonable administrative and accounting purposes and raising invoices for our services. Your data may also be viewed by regulatory/supervisory bodies or by our accountants should they perform an audit.

We may process the following personal data relating to you: your name, address, place and date of birth, photograph/ID card/proof of identity, proof of address, Tax identification numbers, bank details, signature, contact information, social security details, ID/passports and FATCA/CRS details. This personal data may be provided directly by you or by your representative such as a lawyer or accountant. We may also collate and hold data found from the results of Google or other internet searches and other sources in the public domain, as well as third party service providers in the course of our client due diligence and client review process. We generate an internal number specific to you and our accounting software will also produce a reference number for you. We process the following documents that may also contain your personal data: register of members, register of directors, annual reports and financial statements, controlling persons list, authorised signatories list, companies’ house (or other equivalent body in the relevant jurisdiction) filings, tax submissions including FATCA/CRS, company payroll, minutes and resolutions. Information regarding source of funds may also contain your personal data. We may also undertake sanction screening, credit and fraud checks with third parties and checks to ascertain any convictions, court cases, criminal records or proceedings of any person connected with our client, the trust or company or other entity. In the course of your dealings with us you may provide further information to us, where we seek additional information. All of this information will be kept securely by Stonehage Fleming Wealth Services Limited and the Group Companies.

Without the personal data detailed in this notice we would be unable to take you on as a client, undertake any activities or maintain records for you as we would not be compliant with the law.

The Group’s business and the services you request of us often requires transfer of personal data to many third parties, often at your request, and at other times transferring personal data to a third party is necessary to perform our contract with you or for Legal/Regulatory reasons. A non-exhaustive list of potential transfers include:

• Collecting and sending documents for external audits of client entities;
• Collecting and sending documents for external audits of Group entities;
• Publications onto the public record, such as companies registries or beneficial ownership registers;
• Publications with regulators;
• FATCA/CRS filings onto approved external platforms;
• Sending information to external parties such as notaries and other advisors or service providers on behalf of serviced clients.

Where Brokers, Banks, Custodians, Advisors, Auditors and Portfolio Managers require information on you for their own due diligence to comply with regulations, we share the information you provide to us with them for this purpose.

As a result of contracting with Stonehage Fleming Wealth Services Limited your personal data will be processed in the United Kingdom and be subject to local privacy laws. The GDPR may apply to us when we process personal data of data subjects resident in the European Union. Your personal data may be processed by any companies which form part of the Group, in both adequate and third countries. There are agreements in place between the Group offices to protect your data in accordance with the applicable privacy laws. Should you require further information about the safeguard we use, please contact us.

Additionally your data may be entered into our accounting and/or billing systems, and our document management systems and your data may be processed by our sub-processors including our retail investment technology and third party administration solution providers or outsourcing technology companies, including cloud service providers. In such cases, where data is processed in a third country we will make use of an appropriate safeguard. Your data may also be provided externally to banks, regulators, auditors, advisors (including, but not limited to, legal advisors), supervisory or governmental bodies as well as those appointed as directors, shareholders, and/or beneficiaries, settlors or protectors to the trust.

Your personal data will be kept securely by Stonehage Fleming Wealth Services Limited and the Group. Your information will be held in accordance with our Record Retention Policy and in accordance with applicable laws, after which it will be destroyed or deleted. We may keep it longer where:

• There is litigation or an investigation;
• It may be required to assist with the mitigation of any future tax or regulatory query into the transactions or other affairs undertaken by an entity or trust to which we provide regulated services (This ensures that rights and freedoms of our clients, our staff as well as the Group and its Members are safeguarded).

You have the following data protection rights:

• To obtain access to, and copies of, the personal data that we hold about you;
• To require that we cease processing your personal data if the processing is causing you damage or distress;
• To require us not to send you marketing communications;
• To require us to correct the personal data we hold about you if it is incorrect;
• To require us to erase your personal data;
• To require us to restrict our data processing activities;

• To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller.

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.

If you have any questions about how we use your personal data, or you wish to exercise any of the rights set out above, please contact us on: ukdataprotectionofficer@stonehagefleming.com

You can find out more about your rights under data protection legislation at www.ico.org.uk

If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner at www.ico.org.uk

Version date: 4 October 2022