Here at Middleton Katz we take your privacy seriously. We will safeguard and utilise any personal data that you provide us with in accordance with the Principles set out in the EU General Data Protection Regulation (GDPR).
You can find more information about the GDPR here including its guiding principles, your rights as a data subject, and our obligations as a business holding it. You can also read the underlying Regulations here.
If you have any questions about this Notice or the way we treat your data then you should contact our Data Protection Officer by email at firstname.lastname@example.org ,or by telephone on +44 1624 648500.
Why does Middleton Katz hold personal data ?
If you are a natural person who is a client of Middleton Katz, directly or indirectly – for example as a shareholder or a director of a corporate entity to which we provide regulated services in the Isle of Man or a Trustee, a Protector or Beneficiary of a Trust which we provide services to then we will collect and use your data to enable us to meet our contractual obligations.
Please also note that we are legally required to hold your personal data in accordance with Isle of Man anti-money laundering and Financial Services legislation.
If you are a natural person, who has contacted us by telephone or email to ask about our services then, whether or not you have engaged us to act for you, as a regulated person in the Isle of Man, we have an obligation to maintain any information resulting from your enquiry for at least 5 years from the date you contacted us.
What type of personal data do we hold about you ?
As well as passport copies and contact information, the information is likely to include general information about your professional background which has been provided by you of your professional intermediary. We may also collate and hold data found from the results of google searches and other sources in the public domain including social media sites.
How will be hold the data ?
This information will be held in organised paper files, as PDF copies on our file server, in database form within our inhouse company secretarial system and attached to relevant emails within our secure email system.
Transfer of data to third parties.
We will not share your data with 3rd parties except in specific limited circumstances. Generally, these circumstances will be to enable us to perform our contract with you (say if you ask us to open a bank account for a legal entity) or for Legal / Regulatory reasons.
Legal and Regulatory reasons would include – completion of the Isle of Man beneficial ownership database, the completion and filing of a corporate annual return of a Company or for FATCA / CRS disclosure purposes.
Middleton Katz uses Google to provide certain IT services including G-Suite platform for email and other cloud services. As a result Google acts as a processor of personal data on our behalf. These services are provided under data processing agreement and having made due enquiry, we are satisfied that the services provided are fully GDPR compliant.
How long will we hold your data ?
Corporate Service providers and Isle of Man incorporated entities themselves are subject to stringent record keeping obligations under local legislation including the Isle of Man Financial Services Rule Book which applies to corporate service providers, VAT legislation and relevant Companies Acts.
For example, in respect of 2006 Act incorporated Companies, Financial Services Rule Book 2016 Rule 6.66 requires that CSPs retain all company records (M&As, minutes, correspondence, original financial statements, title deeds, contracts etc.) for a period of 18 years following dissolution of the entity.
Further, in order to ensure that rights and freedoms of our clients, our staff as well as Middleton Katz and its Members are safeguarded, we may hold certain information connected to client entities for longer time periods on the basis that it may be required to assist with the mitigation of any future tax or regulatory query into the transactions or other affairs undertaken by an entity or trust to which we provide regulated services.
Details of your rights under GDPR.
Under GDPR you have the right to expect us to deal with your data in accordance with the Principles set out in Article 5 of the Regulations.
Details of your rights under GDPR are detailed in Chapter 3 – Articles 12-23 of the Regulations. These provisions include but are not limited to the following:
Right of access to the data. In accordance with Article 15 (3) upon your request, we will provide you with a copy of your personal data.
Right to rectification. In accordance with Article 16 we will correct any inaccuracy in the personal data we hold concerning you.
How to make a complaint. If you are unsure about any aspect of this Notice or our Policies then, in the first instance, we suggest you contact our Data Protection Officer to seek clarification. His contact details email@example.com ,telephone on +44 1624 648500.
If you wish to make a formal complaint concerning our conduct then you should contact the Isle of Man Information Commissioner whose contact details are shown below:
www.inforights.im, P.O. Box 69, Douglas, Isle of Man, IM99 1EQ Telephone: +44 1624 693260 Email: firstname.lastname@example.org