Privacy Notice
1. PURPOSE OF THIS DOCUMENT
​
1.1 The Cayman Islands Chamber of Commerce Pension Plan (“Chamber Pension Plan”) is committed to being a responsible custodian of the information you provide to us and the information we collect in the course of operating our business and providing pension services.
1.2 This Privacy Policy sets out how we may collect, use and share information about you and individuals connected to you and describes:
-
The types of information, including personal data, we may collect;
-
How we may use and share the information we collect;
-
Legal grounds for using personal data;
-
The measures we have in place to protect and safely store the information we collect;
-
Retention of the information we collect;
-
Your choices and rights in respect of the information we hold;
-
How to contact us;
-
Complaints; and
-
Changes to this privacy notice.
1.3 Wherever we have said, “we”, “our” or “us”, we mean Chamber Pension Plan.
1.4 Where there is any conflict between the terms of this Privacy Notice and any other document in relation to data protection the terms of this Privacy Notice shall prevail, although its contents are not contractual.
1.5 An “individual connected to you” could be any guarantor, a director, officer or employee of a company, partners or members of a partnership, any substantial owner, controlling person, or beneficial owner, trustee, settlor or protector of a trust, the account holder of a designated account, recipient of a designated payment, your attorney or representative (e.g. authorised signatories), agent or nominee, or any other persons or entities with whom you have a relationship that is relevant to your relationship with us. Whenever we say “you”, “individuals connected to you” should be read as included as well.
1.6 For the purpose of this Privacy Notice, Chamber Pension Plan will act as a data controller in accordance with the Cayman Islands Data Protection Act (as amended from time to time) (the “Act”).
1.7 Please ensure that any relevant individuals are made aware of this Privacy Notice and the individual rights and information it sets out, prior to providing their information to us or our obtaining their information from another source. If you, or anyone else on your behalf, has provided or provided information on an individual connected to you, you or they must first ensure that you or they have the authority and appropriate legal basis to do so.
2. INFORMATION WE COLLECT
​
2.1 This Privacy Notice is concerned with the personal data we collect about you. Personal data means any data by which you as an individual can be directly or indirectly (e.g. if several pieces of data are combined) identified. Data that is completely anonymised or de-personalised will not count as personal data.
2.2 Some of the personal data we hold about you will have been supplied by yourself. Other personal data may have come from your solicitors or other intermediaries, or other sources you’ve asked us to obtain information from. We might also get some personal data from publicly available sources.
2.3 We will usually collect personal data such as:
-
a) personal details (e.g. name, previous names, gender, date and place of birth, occupation);
-
b) identification materials we may need for our compliance obligations (e.g. a copy of your passport or national identity card, proof of status, employment details, utility bills, financial details and/or source of wealth etc.);
-
c) contact details (e.g. address, email address, position in the company, landline and mobile numbers);
-
d) other information about you that you may have provided us with during the course of our relationship with you, (e.g. by filling out forms or during face-to-face contact, telephone, email and the like);
-
e) financial information and information about your relationship with us, including your ways of interacting with us, sort code and account numbers;
-
f) complaints or disputes you may have had with us and details of the underlying transaction (where applicable);
-
g) information about you which is a matter of public record or readily obtainable and which we deem relevant (media, court judgements etc.);
-
h) records of correspondence and other communications between you and your representatives and us, including email, telephone calls, letters and the like;
-
i) information that we need to support our legal and regulatory obligations (e.g. information about transaction details, detection of any suspicious and unusual activity and information about parties connected to you or these activities); and
-
j) information from third-party providers who assist us to combat fraud, money laundering and other crimes.
2.4 In addition to the above, in relation to our Website www.chamberpension.ky we may also collect:
-
(a) information that you provide to us, such as when you fill out a contact or web form, or if you register to receive alerts or updates;
-
(b) information that we obtain or learn, such as information about the browser or device you use to access the Website, how you use this site and the pages you visit, traffic and location data;
-
(c) information you provide to us if you experience problems when using the Website. We may also ask you to complete surveys for research purposes, although you don't have to respond to these;
-
(d) if we have an existing relationship with you, and we are able to identify you from information obtained or provided by your use of the site, we may associate those sets of information, for example to enable us to respond to a query you have submitted; and
2.5 Please note that the Website is not designed or intended for children and we do not knowingly collect data relating to children.
​
3. HOW WE WILL USE PERSONAL DATA
​
3.1 We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
-
(a) Where we need to perform the contract we have entered into with you.
-
(b) Where we need to comply with a legal or regulatory obligation.
-
(c) Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.
-
(d) Where we need to protect your interests (or someone else's interests).
-
(e) Where it is needed in the public interest or for official purposes (such as compliance with a court order or regulatory direction).
​
3.2 Based on the reasons for using your data noted above, the purposes for which we use your information commonly include:
-
a) To contact you about your pension plan (performance of a contract)
-
b) To carry out our obligations arising from any contracts entered into between you and us and to provide with you the information, products and services you request from us (performance of a contract; legitimate interests)
-
c) To provide you with information about your plan and any changes that may impact you; (legitimate interests);
-
d) To permit selected third parties:
-
to provide you with information about goods or services which we feel may interest you; and/or
-
to assist us in the improvement and optimisation of advertising, marketing material and content, our services and the website; (consent; legitimate interests)
-
e) To assist us in the improvement and optimisation of advertising, marketing material and content, our services and the website (legitimate interests)
-
f) To notify you about changes to our service (performance of a contract; compliance with legal obligations; legitimate interests)
-
g) To ensure that content from our website is presented in the most effective manner for you and your computer (legitimate interests)
-
h) To verify your identity (compliance with legal obligations; legitimate interests)
-
i) As part of our efforts to keep our Website safe and secure and to prevent or detect fraud (legal obligations; legitimate interests)
-
j) To provide customer support (performance of a contract with you)
-
k) To comply with the requirements imposed by law or any court order (legal obligations)
4. INFORMATION ABOUT THE WEBSITE
4.1 IP addresses
We may collect information about your computer (or mobile device), including where available your IP address, operating system and browser type, for system administration or for our own commercial purposes. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
​
4.2 Web Browser Cookies
A web browser cookie is a small text file that is sent by a website to your computer or mobile device where it is stored by your web browser. Web browser cookies may store information such as your IP address or another identifier, your browser type, and information about the content you view and interact with on the Website. By storing such information, web browser cookies can remember your preferences and settings and analyse how you use the Website.
​
4.3 Tracking Technologies: Web Beacons/Gifs, Pixels, Page Tags, Script
Emails and mobile apps may contain small transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyse and improve their services.
​
4.4 Your Choices: Managing Cookies and Opting Out
You can choose how web browser cookies are handled by your device via your browser settings, including refusing or deleting all cookies. Some devices allow you to control this via your device settings. If you choose not to receive cookies at any time, the website may not function properly and certain services will not be provided. Each browser and device is different, so check the settings menu of the browser or device you are using to learn how to change your advertising settings and cookie preferences.
​
​
5. WHOM WE MIGHT SHARE YOUR PERSONAL DATA WITH
​
5.1 We may share relevant personal data of yours with other parties where it is lawful to do so, including where:
-
(a) it is necessary to comply with our contractual obligations or with your instructions;
-
(b) we have a public or legal duty to do so (e.g. to assist with detecting and preventing fraud, tax evasion and financial crime or compliance with a court order);
-
(c) we are obligated to in connection with regulatory reporting, litigation or asserting or defending legal rights and interests;
-
(d) we have a legitimate business reason for doing so (e.g. to manage risk or verify identity);
-
(e) we have asked you if we can share your personal data, and you gave consent;
-
5.2 Parties we might share your personal data with can include (without limitation):
-
(a) third party administrators such as Saxon Administration Ltd Fund Services;
-
(b) other service providers acting as processors who provide IT and system administration services, anti-money laundering service providers and services to enable us to perform our contract with you;
-
(c) banks you instruct us to make payments to and receive payments from;
-
(d) third parties who host the Website or provide services related to it, including IT security providers;
-
(e) any people or companies where required in connection with potential or actual corporate restructuring, merger, acquisition or takeover, including any transfer or potential transfer of any of our rights or duties under our agreement with you;
-
(f) law enforcement, government, courts, dispute resolution bodies, our regulators, auditors and any party appointed or requested by our regulators to carry out investigations or audits of our activities;
-
(g) other parties involved in any disputes, including disputed transactions;
-
(h) fraud prevention agencies who’ll also use personal data to detect and prevent fraud and other financial crimes and to verify your identity;
-
(i) anyone who provides instructions to us on your behalf (e.g. under a Power of Attorney, solicitors, intermediaries, etc.);
-
(j) anybody else that you instructed us to share your information with by you;
​
5.3 We might share aggregated and/or anonymised or de-personalised data with third parties for analytics, marketing and research purposes. Where we do so, we will ensure that neither you nor any other person will be identifiable from the data.
​
​
6. RETENTION OF PERSONAL DATA
​
6.1 We keep personal data only for as long as it is necessary for the specific purpose the data was collected for or as long as we are required by applicable laws and regulations. We are generally required to retain its records for at least six (6) years from the date the contractual relationship with you ends or potentially longer, depending on the kind of data and relevant laws and regulations applicable to it.
6.2 We may keep personal data likewise for longer periods where we have a legitimate interest in doing so, for instance, to address complaints, assert or defend our rights in litigation or other dispute resolution procedures or respond to requests from regulators or assist judicial authorities.
6.3 Any information we are not required to hold for any minimum period and for which there is no purpose in us holding it anymore will be deleted, destroyed or returned to you more promptly.
6.4 Where we share your personal data with third parties, the privacy notices and laws and regulations of the third party will determine how long they will have to retain your data.
​
​
7. INTERNATIONAL TRANSFERS OF PERSONAL DATA
​
7.1 Where we have to transfer personal data outside of the Cayman Islands we will ensure that the transfer is lawful and that the data is appropriately secure and protected. Where necessary, we will ensure that separate and appropriate legal agreements are put in place with the recipient of that data.
7.2 Reasons for having to transfer your personal data outside the Cayman Islands may include:
-
(a) we need to carry out our contract with you;
-
(b) we have to fulfil a legal obligation;
-
(c) we need to protect the public interest; and/or
-
(d) for your or our legitimate interests.
​
7.3 In some countries the law might compel us to share certain information (e.g. with tax authorities). We will only share any information with parties who have the lawful authority and right to see it and only to the extent that such parties are permitted to see it.
​
​
8. INDIVIDUALS’ RIGHTS
​
8.1 As an individual or “data subject”, you have certain rights in relation to your personal data. These rights include:
-
(a) the right to access the information we hold about you and to obtain information about how we process it;
-
(b) the right to object to and withdraw your consent to our processing of your data. This right can be exercised at any time. However, we may continue to process your personal data if there is another legitimate reason or legal obligation for doing so. Please also note that depending on which kind of processing you object to, we may no longer be able to perform our contractual obligations with you.
-
(c) the right to request that we rectify the information we hold about you if it is inaccurate or incomplete;
-
(d) in some circumstances, you have the right to request the erasure and deletion of the personal data we hold. We may however continue to retain it if we are entitled or required by law to do so;
-
(e) the right to object to, and to request that we restrict, our processing of your information in some circumstances. Please note that despite this general right we may be entitled under law to continue processing the information and/or to refuse that request;
-
(f) Rights relating to automated decision-making and profiling. We do not engage in any automated decision-making or profiling which could in any way adversely affect you.
8.2 You also have the right to complain to the data protection regulator in the Cayman Islands, which is the Office of the Ombudsman. You can access their website here: ombudsman.ky
8.3 You may also be able to seek redress for any violation of your data protection rights in the Cayman Islands courts or challenge a decision by the regulator.
9. MISCELLANEOUS
​
9.1 Please ensure that any data you give us or ask third parties to provide to us is up-to-date, accurate and complete in all respects. Please inform us about any changes as soon as reasonably possible.
​
9.2 We use a range of measures to keep information safe and secure which may include encryption and other forms of security. We require our staff and any third parties who carry out any work on our behalf to comply with appropriate compliance standards including obligations to protect any information and apply appropriate measures for the use and transfer of information. However, the transmission of information via the internet is not completely secure and we cannot guarantee that all of your private communications and other personally identifiable information will never be disclosed once it leaves our network. If you wish to know more about our data protection measures, please contact us using the contact details in section 10 below.
​
9.3 This Privacy Notice is governed by the laws of the Cayman Islands. Any dispute arising from or in connection with this Privacy Notice is subject to the exclusive jurisdiction of the Cayman Islands courts.
​
​
10. CONTACT US
For any further questions or queries in relation to this Privacy Notice, please get in touch by emailing pensions@chamberpension.ky
​
​