Client Privacy Notice

This notice outlines: 

• how Flagstone International Limited (FIL) uses your personal information  
• how and when we share your information  
• how you can exercise your rights when it comes to your information 
  
  

Who collects and uses your information?  

Flagstone International Limited (FIL) collects, processes, and stores your information in the ways outlined in this notice. FIL is registered as a Data Controller with the Jersey Office of the Information Commissioner (“JOIC”) under the Data Protection Authority (Jersey) Law 2018 (“DPAJL”), registration number 71026.   

What information do we collect and hold? 

The information we may collect (directly from you or from third parties) and store includes:   

• your name, address history, contact details, date of birth, and nationality 
• identification data, including passport details, driving licence, or other identification documents   
• bank account details   
• tax reference numbers   
• information about your work or profession, including salary details   
• information about your financial position and history, which may include your source of funds or wealth   
• details of the accounts you hold and/or previously held with us, including transaction history   
• details of activity on your account  
• information on your location and activity on our website, gathered from your mobile phone or other devices, where you access the internet to use our services   
• information about you available in the public domain   
• information about your interactions with FIL, online, or by telephone   
• other information you share with us or we receive from our relationship/interactions with you 

We’ll only collect and store your information where necessary.  
 

Where do we collect information from? 

Information we collect from you 

Most of the information we hold about you comes directly from you. This includes information you may give us when you:   

• express interest in our products or services  
• open an account with us  
• update your information – for example, when you change your address details  
• speak to us on the phone (we may record our calls for training and quality purposes) 
• visit our office  
• attend one of our events 
• use our websites or web chat services  
• send us emails or other online communications  
• send us letters or other documents  
• wish to enter into a business relationship with FIL  

You’re responsible for making sure the information you’ve provided is accurate and up to date.  

Information we collect from third parties  

We might also collect or receive information about you from third parties, who may or may not have a direct relationship with you. This includes:    

• organisations that introduce you to us, including financial advisers   
• credit reference agencies 
• government authorities
• law enforcement agencies   
• sources of publicly available information – for example, sanctions lists, or media   
• social media sites where you’ve made your information publicly available – for example, LinkedIn  

We'll only ever receive information from third parties when it's legal for us to do so.  

Information we collect from people acting on your behalf  

There may be cases where we collect information from people acting on your behalf. This could be from a joint applicant on an account you hold, a trustee, or someone who holds a Power of Attorney for you. It could also be someone working on your behalf, like your financial adviser. If we receive information from someone acting on your behalf, we’ll record who we received this information from.   

If you’re providing information about someone else, we’ll accept the information on the basis that:  

• you’ve told them you’re sharing their information  
• they’ve agreed to you providing this information to FIL  
• you’ve advised them where they can find more information on how we may process their information, including this Client Privacy Notice    
  
  

How do we use your information?  

We collect and use your information for several purposes, including to:  

• verify your identity   
• manage your Flagstone account, or provide you with services   
• carry out your instructions   
• confirm your source of funds or wealth   
• prevent and detect fraud and financial crime   
• improve our products and services   
• understand our clients and gain insights
• share relevant marketing and information about our products and services, including offers and promotions   
• share relevant marketing information about selected third party products and services, or share your information with a selected third party (including a company which referred or introduced you to Flagstone) to enable them to carry out lawful marketing   
• meet our legal and regulatory obligations   
• test our operational processes   
  
  

Why do we use your information? 

We use your information lawfully for the purposes we’ve outlined above, where one of the following applies:   

To meet our legal obligations. For example:   

• complying with laws and regulatory requirements that apply to us and the services we provide   
• carrying out anti-money laundering checks   

Performance of contract. For example:   

• providing services as part of an agreement between you and FIL  
• managing your account   
• responding to your queries, and communicating with you about our products 

To carry out our legitimate interests or the legitimate interests of a third party. For example:   

• developing new products and services   
• compare your information with others to help us understand our clients better
• compare your information with that held by other organisations so we can ensure the information we hold is accurate and up to date
• internal reporting   
• external reporting (to comply with legal or regulatory obligations on the banks that hold your funds)  
• marketing purposes (when you opt-in to receive marketing from us, we’ll contact you by SMS, push notifications, email, telephone calls, or direct mail – but you can unsubscribe at any time)   
• promoting our referral scheme (so you can receive rewards from us by referring friends and family)

'Special category' and sensitive personal data 

Some of the information we collect is sensitive information, and may include information about your: 

• Health 
• racial or ethnic origin 
• political opinions 
• religious or philosophical beliefs 
• trade union membership 
• sexual orientation 
• biometric or genetic data 
• criminal convictions  

We’ll only ask for this information when necessary, for example to:  

• verify your identity   
• verify your source of funds or wealth 
• protect against fraud
• check whether you’re a politically exposed person  
• check for any criminal convictions (in line with our regulatory obligations) 
• ensure we're meeting your needs

Where we’re required to, we’ll ask for your consent when collecting sensitive information. If someone acting on your behalf provides this information, we’ll record what they provide, as well as who provided it. 
 

Who may we share your information with? 

We may share your information with:  

• ID verification specialists
• partners and suppliers that support our operations  
• banks you place deposits with through FIL 
• specific third parties you’ve authorised us to deal with – for example, financial advisers   
• Treasury & Exchequer and other tax authorities   
• regulators – for example, Jersey Financial Services Commission (JFSC)   
• Channel Islands Financial Ombudsman (CIFO)  
• law enforcement agencies   
• organisations that introduce you to us, including financial advisers    
• payment processors – for example, BACS   
• Flagstone International Limited, as FIL is a subsidiary of this UK registered company

We may also share your information if we transfer, sell, or merge parts of our business.   

If this happens, we’ll let you know, and we’ll endeavour to ensure the data is used in line with this Client Privacy Notice.   

We only share your data where it’s lawful to do so, and only for the reasons listed above. Some third parties we share your data with process it as independent controllers, in line with their own privacy notices.   

Where do we keep your information?  

FIL stores your information on secure servers in the UK. But, we may transfer personal information to countries outside the UK when:   

• you or someone acting on your behalf asks us to do so   
• we’re required or permitted to by law   
• we’re sharing information with a third party to support our operations   

When transferring information to countries outside the UK, we take appropriate steps to ensure your information is protected.   

How long do we keep your information?   

We’ll keep your information as long as is necessary for the purpose we’ve collected it for. When you have a relationship with FIL, we’ll usually keep your information for as long as you maintain that relationship, and then for six years after you end that relationship.   

In some circumstances, we’ll keep data longer if we need to and/or if we’re required to by law. But, there’s some information we may not keep for the full lifetime of your relationship with FIL – for example, call recordings.   

Your rights   

You have rights when it comes to your personal information, and there are several requests you can make to exercise these rights:   

The right to be informed how we're using your information 

You can ask us to tell you who we share your information with and how we store your information and so on. 

The right to access your information   

You can ask us for a copy of any information we hold on you.  

The right to rectify your information   

You have the right to ask us to correct information you feel is inaccurate, incomplete, or both.   

The right to restrict how we use your information   

In some cases, you have the right to restrict us from processing or deleting your information. There are some things we need to use your information for – for example, to help protect you from fraud and to fulfil legal and contractual obligations. This may mean we’re unable to restrict how we use your information.   

The right to object to how we use your information   

In some cases, you have the right to object to the way we process your information. For example, when we’re processing your information for direct marketing. There are some situations where we will not stop processing your information despite your objection – for example, to meet legal or regulatory obligations, or to continue to have a relationship with you.   

The right to erasure   

In some cases, you have the right to have your information erased. We may not be able to agree to your request if it affects our ability to meet our legal or regulatory obligations, or to continue to have a relationship with you.   

The right to data portability   

You have the right to ask us to transfer a copy of some of your information to you or to a new data controller – for example, another financial provider. This applies when you’ve shared your information with us, it has been collected with your consent, or where collecting it was necessary for the agreement between us.   

The right to human intervention   

You have the right not to be subject to a decision that's based solely on automated processing, if the decision affects your legal rights (for example, if we automatically reject your application for a Flagstone account). However, we do not make automated decisions right now, so this isn't applicable. 

The right to withdraw your consent   

Where we’re relying on your consent to process any of your information, you have a right to withdraw that consent at any time.  

If you’re a FIL client and you’ve consented to marketing, you can change your marketing preferences at any time on the client portal, by email or by phone.   

Exercising your rights   

If you wish to exercise any of these rights, please contact the Client Services Team at clientservices@flagstoneinternational.com. We’ll review your request and get back to you within four weeks. We may extend this deadline by up to eight weeks if necessary. At the time of your request, we may ask you for further information, including proof of id, before we can act on your request.

 

Complaints   

If you’re concerned with how we've handled your information, please contact our Data Protection Officer at data.protection@flagstoneim.com.   
  
You also have the right to complain to the Jersey Office of the Information Commissioner: jerseyoic.org.

 

Cookies   

You can read our Cookie Notice to learn more about the different types of cookies, and how we use them.   

Other important information   

Links to third party websites   

Our website may contain links to other websites for your convenience and information. FIL does not control third party websites or their privacy practices, which may differ from those set out in this Client Privacy Notice. We encourage you to review the privacy notice of any company or website you reach via FIL's website before you provide any personal information.   

Changes to this notice    

We may update this Client Privacy Notice from time to time. We’ll post any changes we make to this notice on our website, becoming effective immediately. If the changes are material changes, we’ll let you know by email.  

Last updated: April 2024