This Privacy statement explains how AAMIL (Mauritius) Ltd, AAMIL Consultants Ltd, AAMIL Trustees Ltd, AAMIL International Ltd, AAMIL Asset Management Ltd and AAMIL (Swiss) S.A. hereafter referred to as “AAMIL” collects/uses and discloses your personal data and the rights associated with respect to the personal data that it holds.
AAMIL is a data controller under the Data Protection Act of 2017. AAMIL collects, processes and stores personal data relating to you such as your passport, proof of address in the forms of utility bill, credit card statements, debit card statements, bank reference interalia and other sensitive personal data. As part of our client on-boarding process and as part of the services being provided, AAMIL treats your personal data as being private and confidential and adheres to data protection laws such as the Mauritian Data Protection Act 2017 and the EU General Data Protection Regulation 2016/ 679 (“the GDPR”).
We strictly abide to the regulations set under the Mauritian Data Protection Act 2017 and the EU directives of the GDPR.
This privacy statement contains important information on who we are, the reasons we collect, store, and share and use your personal information. It is important for you to go through the privacy statement carefully as it sets out important information on our data collection process, storage, use and sharing of your personal information.
As a rule, we collect your personal data interalia: identification documents (Passport, identity card), proof of address (utility bill, credit card statement etc.), Bank Reference directly from you in the execution of our contract.
Where lawful and reasonable, we may collect some information from third parties and publicly available sources, such as Business Introducers, intermediaries, internet websites (Google, LinkedIn, etc.) and also from Anti-Money Laundering screening software such as World Check for the below mentioned purposes:
- in the execution of our Corporate Secretarial, Administrative and Fiduciary responsibilities towards you;
- ordinary business purposes; (such as bank account openings, day-to-day operations, following your on-going instructions, administering any claims, giving effect to any agreement, meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws)
- requirement by the tax authorities or any competent Court or legal authority;
- compliance with the prevailing laws.
We wish to inform you that we are using the above-mentioned information in the performance of the signed agreement between AAMIL and you.
2. Use of your Personal Data
As a client, we process your personal data under the lawful basis for which the data was collected and interalia:
- carry out your instructions and respond to enquiries made by you;
- conduct and verify ongoing credit worthiness and standing checks;
- use some information, with regards to ownership of assets and for automatic exchange of information;
- carry out on-going due diligence or other “Know-Your-Customer”, anti-money laundering, counter-terrorist financing or anti-bribery checks;
- comply with regulatory or legal obligations vis-à-vis the regulatory bodies such as the Financial Services Commission (“the FSC”), Registrar of Companies (“ROC”), Mauritius Revenue Authority (“MRA”), Economic Development Board (“EDB”)
3. Transfer across borders
In case we may have to process your personal data in other countries, we shall seek your prior approval unless otherwise specified by law in cases of automatic exchanges of information.
To ensure that your rights are being respected, we shall request the party to whom the data are being transferred, to agree to our privacy policies and measures in place.
4. Data Storage
Information held about you is retained as long as the purpose for which the information was collected continues. The information is then destroyed unless its retention is required to satisfy legal and regulatory requirements in Mauritius. As a rule, the maximum retention period is seven (7) years.
5. Our security practices
We have well-designed security systems, technical and organisational measures in place that ensure the protection of your personal data and keep them safe from any accidental loss, alteration of, unauthorised destruction, damage or unlawful access among others.
6. Access to your personal data and your other rights
You have a number of rights in relation to your personal data. You have the right under certain circumstances to:
- have access to, and copies of, the personal data by making a “subject access request”;
- require us to have your personal data corrected if it is outdated or, in certain circumstances, to have it deleted;
- object to the further processing in certain circumstances including the right to marketing;
- request that we move your personal data elsewhere; (data portability)
- withdraw any consent that you have provided if we are not processing your personal data accordingly;
- request not to have your personal data automatically processed.
Please note that the above rights are not absolute and interalia, we may be entitled to refuse requests.
Should you wish to exercise any of your rights in relation to your personal data or require any additional information or assistance from our end, please contact our Data Protection Officer at the address set out below.
7. Monitoring of electronic communications
We communicate with you through different methods and channels. We may record and monitor electronic communications to ensure that they comply with our legal and regulatory responsibilities and internal policies.
8. Retention of personal data
Your personal data will be retained as per the statutory and regulatory requirements prevailing in Mauritius. In case there is no legal requirement to retain such data, they will be destroyed following the lawful purpose for which the data was obtained.
9. Right to change this privacy statement
We may change this privacy statement. We will communicate all changes on our websites. The latest version of our privacy statement will replace all earlier versions, unless it says differently.
10. Queries, complaints and breach
If you have any queries or complaints about privacy or believe that there has been a breach with respect to your privacy, please contact our Data Protection Officer at the below mentioned address: firstname.lastname@example.org.