Your privacy is important to the Fort Group (“Fort”) and we are committed to safeguarding your personal information.
Fort is licenced and regulated in Guernsey by the Guernsey Financial Services Commission (“GFSC”). As such Fort must fully comply with all applicable laws and regulations promulgated in Guernsey and beyond. In complying with said laws and regulations, Fort is required to ask for and to receive personal information (hereinafter referred to as “personal data”) about you. Fort, in asking for personal data will process same in accordance with The Data Protection (Bailiwick of Guernsey) Law, 2017 (“the DP Law”). The DP Law imposes a duty on Fort, as both the controller and processor, to comply fully with the data protection principles as contained in the DP Law.
As already referred to above, Fort complies fully with all laws and regulations that are in force with regards to matters concerning Customer Due Diligence (“CDD”), Anti-Money Laundering (“AML”) amongst others.
There may be instances whereby Fort will receive personal data from a source other than you (“indirectly collected personal data”). In such situations Fort will take the necessary steps (and use its best endeavours) to inform you of the personal data that we may request and receive. This will include the source of said personal data and whether the personal data was obtained from a publicly available source.
Failure to provide personal data, as requested by Fort, will result in Fort being in breach of its legal obligations and thus Fort will be unable to continue a business relationship and provide its services to you.
WHAT PERSONAL DATA WILL FORT GROUP COLLECT ABOUT ME?
The personal data asked for is contained in the attached Client Profile Form of which this Privacy Notice forms an integral part.
Under no circumstances will Fort request personal data deemed to be special category data as interpreted under Section 111 (1) of the DP Law.
HOW WILL FORT GROUP USE THE INFORMATION THEY COLLECT ABOUT ME?
As already stated, Fort will process your personal data as required by law & regulation.
- Acting for you in respect of any matters in which you have instructed Fort;
- Fort will itself (or through a 3rd party e.g. a provider of compliance services) process certain information about you or your directors, officers and employees and your beneficial owners (if applicable) in order to carry out anti-money laundering (“AML”) checks and related actions which Fort considers appropriate to meet any legal obligations imposed on Fort relating to, or the processing in the public interest, or to pursue Fort’s legitimate interests in relation to, the prevention of fraud, money laundering, terrorist financing, bribery, tax evasion and to prevent the provision of financial and other services to persons who may be subject to economic or trade sanctions, on an on-going basis, in accordance with Fort’s AML procedures;
- To report tax related information to tax authorities in order to comply with a legal obligation;
- To monitor and record calls and electronic communications for investigation and fraud prevention purposes, for crime detection, prevention, investigation and prosecution, and to enforce or defend Fort, itself or through third parties to whom it delegates such responsibilities or rights in order to comply with a legal obligation imposed on Fort to pursue Fort’s legitimate interests in relation to such matters or the processing in the public interest;
- To monitor and record calls for quality, business analysis, training and related purposes in order to pursue the legitimate interests of Fort to improve its service delivery;
- To update and maintain records and for fee billing; to carry out statistical analysis and market research, and
which processing is necessary to perform a relevant contract with you, comply with legal obligations and/or which is necessary for Fort’s legitimate interests indicated above.
Personal data will be kept confidential (and stored in a secure location) except where disclosure is required or permitted by law (for example to government bodies and law enforcement agencies). Fort will not, under any circumstances, sell or otherwise transfer any personal data to commercial companies or other organisations.
Additionally, in order to ensure the smooth administration of your financial affairs, Fort may be required to disclose personal data to other parties such as banks and investment houses.
Other than transfers of personal data to a Member State of the European Union, Fort may have instances whereby personal data will be transferred to:
- an authorised jurisdiction that has either an adequacy decision in force or the jurisdiction in question is a designated jurisdiction.
- an unauthorised jurisdiction that has appropriate or suitable safeguards that apply to the receipt of personal data.
In such cases Fort will advise you the circumstance of transferring personal data to either the authorised or unauthorised jurisdiction.
YOUR RIGHTS UNDER THE DP LAW
Sections 14 to 24 of the DP Law confer upon you, as the data subject, certain rights. These rights are:
Right to data portability – you have the right to have the data Fort holds about you transferred to another organisation.
Right of access – you have the right to request a copy of the information Fort holds about you.
Right to object to processing for direct marketing purposes [in this case the right is superfluous as the Fort Group will not process personal data for marketing purposes under any circumstance(s)]
Right to object to processing on grounds of public interest
Right to object to processing for historical or scientific purposes
Right to rectification – you have a right to correct data Fort holds about you that is inaccurate or incomplete.
Right to erasure – in certain circumstances you can request that the data Fort holds about you can be erased from Fort’s records.
Right to restriction of processing – where certain conditions apply, you have the right to restrict the processing.
Right to be notified of rectification, erasure and restrictions
Right not to be subject to decisions based on automated processing
The DP Law imposes a duty on Fort to comply with any request from you to exercise your rights and facilitate the exercise of said rights.
Should you have any queries relating to your rights please contact the Managing Director of Fort by writing to the address stated at the end of this Privacy Notice. Alternatively, you are at liberty to directly contact the Guernsey Data Protection Office (contact details at end of this Privacy Notice) to discuss matters.
COOKIES, WEB STATISTICS AND THIRD PARTY MONITORING
Fort Group maintains continuous logs of its web server activity. These log files include the details of website users’ IP address, browser type and page last visited etc. The log files are used to analyse how the website is being used by visitors and may be kept in an anonymised form for historical records.
Fort Group website uses hosted web analytics software. This hosted service is provided and managed by a third party company (Google, Inc). The service ‘Google Analytics’ uses ‘cookies’ (a text file sent to users’ computers as they browse our website) to help analyze how users navigate our website. The information generated by the cookie regarding our website (including IP addresses) will be anonymised and transmitted to and stored by Google, Inc. on servers that may be hosted in the United States. Google, Inc. will use this information for the purpose of evaluating use of our website, compiling reports on website activity for website operators and providing other related services to Fort Group.
HOW LONG WILL FORT KEEP MY PERSONAL DATA?
We will hold your personal information on our systems for as long as is necessary for the relevant service we provide to you. Fort is required to maintain accurate and up-to-date records in order to comply with its obligations whilst a service is provided. In general, Fort policy is, once a business relationship ceases, that personal data will be retained, in a secure location, for a period of 5 years after the end of said business relationship. After 5 years all personal data will be destroyed unless there are compelling reasons (taxation, statutory or otherwise) to not do so.
CAN I FIND OUT WHAT PERSONAL INFORMATION FORT HOLD ABOUT ME?
Yes – as already stated you have the right of access to your personal data the Fort has processed.
Should you require this personal data, and upon receipt of your written request, Fort Group, as stipulated under the DP Law, Fort will notify you of any action taken in compliance with your request-
- as soon as practicable, and
- in any event within a period of one (1) calendar month following receipt of your request
Fort take your privacy extremely seriously. Our policies and procedures relating specifically to your personal data and generally to our compliance with the DP Law as a whole are treated with the utmost care and consideration.
Section 67 of the DP Law confers upon you the right to make a complaint to the Data Protection Office (“the Authority”) if you consider that:
- Fort has breached or is likely to breach any operative provision, and
- the breach involves or affects or is likely to involve or affect –
- any personal data relating to you, or
- any data subject rights you have
Under the DP Law the Authority will make contact with you to progress your complaint to investigation and resolution. As with your right to make a complaint you also have rights of appeal under Sections 82 & 83 of the DP Law.
Should you wish to not contact the Authority directly you may contact Fort outlining the full facts of your complaint.
Telephone: + 44 (0) 1481 711144
Data Protection Office
Telephone: + 44 (0) 1481 742074