Privacy Policy

Moore Stephens Channel Islands Privacy Notice

Introduction

This privacy notice describes the information we collect when you use our services. We act as data controllers when we collect this information, and by law, we are required to provide you with information about us, why and how we use your data, and what rights you have over your data.

Who are we?

We are Moore Stephens Channel Islands (the “Data Controller”).

Moore Stephens collects and uses your information to provide our services. We are data controllers in relation to the processing of personal information that you provide us when you use our services.


This policy explains:
  • The types of information we collect about you
  • The purposes for which we use that information
  • Who we may share your information with
  • How long will we keep information about you for
  • Where the information about you is stored
  • The rights you have under data protection legislation
  • Contact details if you have any queries or concerns about what is said in this notice
Terms used

“Moore Stephens” means Moore Stephens Channel Islands and comprises several limited companies in Jersey and Guernsey as listed below.

“JOIC” means the Jersey Office of the Information Commissioner

“ODPA” means the Office of the Data Protection Authority in Guernsey

Jersey
  • Companies registered with and regulated by the Jersey Financial Services Commission (“JFSC”) are as follows.
    MSTC (Jersey) Limited, registration number with the JFSC - 121343 and with the JOIC
    - 66645.
  • Moore Stephens Audit & Assurance (Jersey) Limited, registration number with the JFSC - 121338 and with the JOIC - 66590.
  • Moore Stephens Accounting and Taxation Services (Jersey) Limited, registration number with the JFSC – 102441 and with JOIC - 18130
Guernsey

Companies registered with the Guernsey Registry (“GR”) and licensed by the Guernsey Financial Services Commission (“GFSC”) are as follows.

  • Moore Stephens Audit and Assurance (Guernsey) Limited, registration number with the GR CMP65985, with the GFSC 2479665 and with the ODPA.
  • Moore Stephens Fiduciaries (Guernsey) Limited, registration number with the GR CMP65966, with the GFSC 2475370 and with the ODPA.

Channel Islands registered companies but not regulated by the JFSC or licensed by the GFSC

  • MS Services (Jersey) Limited, registration number with the JFSC - 121340 and with the JOIC – 66644
  • Moore Stephens Services (Guernsey) Limited, registration number with the GR CMP65986 and ODPA
  • Moore Stephens (Jersey) Limited, registration number with the JFSC – 121337 and with the JOIC – 58434

"Data protection laws” means the Data Protection (Jersey) Law 2018, Data Protection (Bailiwick of Guernsey) Law 2017, General Data Protection Regulation, UK General Data Protection Regulation, Data Protection Act 2018 and any other data protection law relevant to this notice.

“personal data” means any information relating to a living individual who can be identified directly or indirectly from the information.

“special category data” means data relating to your health (including mental health), genetic data, and biometric data processed to identify an individual uniquely and ethnically.

“Data Protection Manager” (DPM) is the person who is assigned to manage the data protection activities. This person has sufficient knowledge and experience with the data protection law to fulfil this role.

What information does Moore Stephens collect and use about you?

We may collect various types of information about you, including:

  • Your name and passport information, your IP address and information relating to claims, court cases and convictions, politically exposed person (PEP) status, information available in the public domain and such other information as may be necessary for us to provide our services and to complete our CDD process and discharge our AML/CFT/CPF obligations.
  • Your contact information may include your postal address and email address as well as your home and mobile telephone numbers.
  • Your family relationships may include your marital status, the identity of your spouse, and the number of children you have.
  • Your professional and employment information, which may include your level of education and professional qualifications, your employment, employer’s name and details of directorships and other offices which you may hold.
  • Financial information, sources of wealth and your investments and assets, which may include details of your current, previous and prospective investments, assets, sources of wealth, shareholdings and your beneficial interest in assets, your bank details and your credit history.
    Information about client matters, which may include a wide range of personal information which may include (but may not be limited to) information about your employment, health, family issues and relationships and your regulatory status.
  • We may also collect and process information regarding people connected to you, either by way of professional (or other) associations or by way of family relationships.
  • CCTV recordings (No audio) of you and any of your associated parties when you enter our office buildings.
  • Information we receive from third-party sources, such as:
    • Our clients: in connection with matters upon which we are or may be instructed (for example, where you are a counterparty to a transaction or an employee of one of our clients)
    • Entities in which you or someone connected to you has an interest
    • Your legal and/or financial advisors
    • Financial institutions that hold and process your personal information
    • Credit reference agencies and financial crime databases for the purposes of complying with our regulatory requirements
    • Personal information received in the course of dealing with advisors, regulators, official authorities and service providers by whom you are employed or engaged or for whom you act.

Personal information obtained relating to you from another source: We will inform you that we hold this information and how we came into possession of it unless there is a legal obligation to prevent us from doing so. This information will be provided to you as soon as practicable but within one month of us becoming the data controller of this information.


How do we use your information?

We only use this data to provide the services you have engaged us for.

We will only use personal information when the law allows us to do so, relying on a relevant legal basis for lawful processing in each instance (for example, contract or legitimate interest). We will use your personal information in the following circumstances:

  • Provide you with the services you have requested.
  • Communicate with you and, if appropriate, any other nominated persons you have authorised us to communicate with about the service we are providing.
  • Conduct internal audits and monitor Moore Stephens and the management of your chosen service to ensure it is of
  • Get feedback on our service and respond to any comments.
  • Keep you updated about a service you have chosen.
  • Respond to queries from regulators or if there is a legal requirement for us to do so.
  • Conduct legal claims, comply with a court order or other legal obligation, or seek legal advice.
  • We want to provide you with information about other products or services you request from us or that we believe would be of interest to you.
  • To carry out our obligations arising from any contracts between you and us.
  • To notify you about changes to our service.

CCTV recordings

  • For the prevention and detection of crime.
  • For the safety of clients using our office premises.
  • For the safety of our staff entering and leaving our office buildings.

CCTV is only positioned in the reception areas of our offices, so they do not record any public areas, only the reception areas and doors into our main office area.

We set out below the bases we rely upon to process your personal data:

Contract: where we need your data to fulfil our contractual obligations to provide you with the service chosen.

Legal obligation: Where we are required by law or regulatory bodies to process your data, for example, proof of ID, as required by the law.

Legitimate interests: Where we require your data to pursue our interests in a way that might reasonably be expected as part of running our business and does not override your rights or freedom. This is the legal basis for our use of CCTV.

Legal proceedings, etc: In appropriate circumstances, we may need to collect and process your information to establish, exercise or defend legal claims. This may include taking legal advice where appropriate.

In very rare circumstances, we may rely on consent as a legal basis to process your data. This will be when you have given your consent for Moore Stephens to send you marketing information about our services.

Please note that we may process your personal information on more than one lawful basis, depending on the specific purpose for which we use your data.

We will only use your personal information for the purposes we collected it unless we reasonably consider that we need to use it for another reason. That reason must be compatible with the original purpose. We will notify you beforehand if we need to use your personal information for an unrelated purpose.

Where we need to collect personal information by law or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to perform the service you have contracted us to do on your behalf.

How is information about me stored and retained?

Your information will be stored electronically on a client management system (“CMS”). Occasionally, some of your data may be stored temporarily in other systems to provide services and support.

We take the security of your data seriously and take all appropriate steps, including encryption in transit and at rest and multi-factor authentication, to protect it from unauthorised access, loss and misuse. We never sell any of your personal data for any purpose.

We further restrict access to any special category data we may collect (such as identification documents containing biometric data).

How Moore Stephens shares your data.

To provide you with the service you have chosen, we may need to share your information.

As part of our global network of firms, your information may be transferred to other member firms of the Moore Global network. We may also share your information with:

  • Professional advisers (to us and others, including our clients), including lawyers, bankers, auditors and insurers.
  • Regulators and other authorities based in Jersey and Guernsey.
  • Our clients in connection with the products and services we provide and for the purposes of maintaining and managing our relationship with our clients.
  • Any third parties as required in order to establish, exercise or defend or to protect legal claims.
  • Competent regulatory, prosecuting, tax or governmental authorities, courts or other tribunals upon their request or as required by law.
  • Any third parties to the extent such disclosure is required under law or to enable products and services to be provided to our clients or where our legitimate interests require it. Examples of this will be Worldcheck and KYC360 scrceening tools, which we use for due diligence and identification and verification for clients. World-Check Privacy Statement | LSEG Privacy Notice | KYC360

Third-party data processors, who we have chosen to process data on our behalf.

Data Transfers

We do not pass on information gained from your engagement with us without a clear legal basis for doing so. However, we may disclose your Personal Information to meet legal obligations, regulations, or valid governmental requests.

We use certain third parties, also known as Processors, to provide or support our services. We have appropriate agreements in place with those processors to ensure the safety of your information. For information on these processors, please see the list below. We do not share your information with any processors for direct marketing.

  • The current data processors used by Moore Stephens are.
  • Our cloud services providers.
  • AML/CFT/CPF screening services.
  • Archiving services.
  • Business management software.
  • Telecommunications services.
  • Information technology services.
  • Marketing assistance.
  • Professional advisory services (including our auditors).
  • Administration services.
  • Banking services.
  • Investment services.

Processors are other organisations/services carefully chosen by Moore Stephens to process your information correctly and securely. In the case of organisations outside of Guernsey, Jersey, the United Kingdom and the European Economic Area (EEA);

(a) We have prior written instructions for the transfer, or

(b) We have entered into specific contractual terms with them to ensure that they treat your personal data in a way equivalent to the way they would be required if they were established in Guernsey or Jersey.

We use Microsoft Office 365 and Azure to process and store our data. We have selected EEA storage locations for our data, so London and a secure location within the EEA are our preferred data storage locations with Microsoft.Microsoft Privacy Statement – Microsoft privacy

In addition to this, we use Calligo to host data on their cloud servers. Privacy Policy | Calligo

We ensure that your privacy rights are respected in line with this notice and the same protection is given to your personal data as laid down by the relevant data protection laws.

How long will Moore Stephens keep personal data about me?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data and the potential risk of harm from the unauthorised use or disclosure of your data, the purposes for which we process your data, whether we can achieve those purposes through other means, and the applicable legal requirements.

You can request our Data Retention Schedule from our DPM if required.

In some circumstances, we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

What rights do I have?

You may have certain legal rights regarding the Personal Information processed by Moore Stephens pursuant to the relevant data protection law, including.

  • the rights of access;
  • right to have your data corrected, updated, rectified or erased;
  • right to object to the processing of or restrict the processing of your data;
  • right to withdraw your consent previously given to processing of your data; and to
  • request the transfer of your data to another party.

Please note that the rights set out above are subject to certain exemptions and conditions. We may decline to comply with any request to access, correct, delete or restrict the use of your information if there is a specific legal ground or exemption.

Where we are processing your information on the basis of contractual necessity or legal and regulatory requirements, the provision and processing of such information will likely be mandatory. In addition, where the provision of your Personal Information is generally a contractual or legal requirement or is a requirement in order for us to enter into a contract, in the event that you choose not to provide any Personal Information or to exercise one or more of the rights above to restrict the processing of your information, this may restrict the services which Moore Stephens is able to provide, or we may have to decline to provide the service requested.

Should you wish to exercise any of your rights, you should send your request to the Jersey office at dataprotection@moorestephens-jersey.com or the Guernsey office at dataprotection@msgsy.com.

We will respond to your request in accordance with Data Protection law.

We reserve the right to ask for proof of your identity and address (such as a copy of your driving license or passport - please do not send any original documents), and we also further reserve the right, in accordance with the relevant data protection law, to request for additional information reasonably required to identify the specific information being requested or referred to, or any additional information reasonably required to confirm your identity.

You can use the Data Subject Access Request form, available on our Cookie Banner or click the link below to use our web portal form associated with the entity you believe holds your data.

Jersey

  • MS Services (Jersey) Limited, click here.
  • MSTC (Jersey) Limited, click here.
  • Moore Stephens Audit and Assurance (Jersey) Limited, click here.
  • Moore Stephens Accounting and Taxation Services (Jersey) Limited, click here.

Guernsey

  • Moore Stephens Services (Guernsey) Limited, click here.
  • Moore Stephens Audit and Assurance (Guernsey) Limited, click here.
  • Moore Stephens Fiduciaries (Guernsey) Limited, click here.

If you have any questions about this process or any of your rights, contact our DPM at the Jersey office at dataprotection@moorestephens-jersey.com or the Guernsey office at dataprotection@msgsy.com. You can also email your request and verbally make your request over the telephone to one of our team, whatever way you feel more comfortable with it.

We will respond to your request without undue delay, but certainly within Four Weeks after satisfactory verification of your identity. In some circumstances, we can apply an eight-week extension to this time frame if the request is complex in nature and cannot be answered in the four-week time frame. If this is to happen, we will inform you as soon as possible.