This is the privacy notice of International Asset Monitor Limited (Guernsey and Jersey) and its subsidiary IAM Partner LLP (London), together trading as “IAM Advisory”.
Who are we?
International Asset Monitor Limited, trading as IAM Advisory, is a registered limited company (no. 17023). The registered address is Louisiana House, South Esplanade, St Peter Port, Guernsey, GY1 1BJ. You may contact us via our website, by emailing [email protected] or by writing to us at the above address.
IAM Advisory has a registered branch in Jersey and a subsidiary, IAM Partner LLP, in the United Kingdom.
IAM Advisory’s primary activity is to provide an independent and comprehensive service offering advice and support for clients in all material aspects in the management of investment portfolios. IAM Advisory has a policy of respecting and protecting your privacy and ensuring the confidentiality of the personal information we collect.
This Privacy Notice sets out the basis upon which information is collected about data subjects by us through the use of the IAM Advisory website and the use of the personal information provided to us.
In relation to the information (“personal data”) we have about you (a living “data subject”), you have these rights:
- Access to your data (and to associated information about its processing);
- The right to rectification;
- The right to challenge automated decision making;
- The right to lodge a complaint to the supervisory authority;
- The right to bring legal proceedings and the right to compensation and damages;
- The right to erasure (the “right to be forgotten”) where there is no legal ground for processing;
- The right to data portability;
- The right to restrict the processing of personal data.
For any personal data to be processed, the data controller must satisfy a lawful condition for processing. The conditions for processing sensitive personal data (“special category data”) are more stringent than for other personal data. The following are some of the relevant conditions which allow us to process data.
Anti-Money Laundering laws require us to obtain, verify, review and hold data concerning certain persons associated with the portfolios we advise.
Our regulators require us, by law, to make sure the advice we give is suitable for our clients: this means we have to take into account the characteristics and situation of the relevant people. This might include “special category” data.
We may process “special category” data if necessary for the purposes of exercising rights or obligations in connection with employment law.
We also process personal data in order to perform advisory contracts with our clients.
In respect of some data we have a legitimate interest in processing data, such as to keep in touch with you in order to conduct our business.
If we don’t have any other legitimate reason to use your data, we need your consent to process your data or that of children for whom you have parental responsibility. In the case of special category data this must be explicit. Where consent is the only lawful basis for using your data you may withdraw your consent.
How we collect personal information
We collect information about you in the following ways:
- When you tell our staff about yourself in conversation, whether face-to-face, on the telephone or by means of other conduits for conversation (such as Skype), or supply a business card;
- When you fill in information on the enquirers section of our website;
- When you give us a card with your name and personal or business contact details, or write to us by post or email;
- When you fill in our Initial Review Questionnaire, as part of our investment advice process; there might be occasions when you update this information as your circumstances or preferences change over time;
- When you supply Client due diligence information as mandated by anti-money laundering and prevention of crime laws and regulations; and
- When you apply for a job or tenancy with us, accept employment with us or join our employee pension scheme or health scheme. Please see separate Privacy Notice on our website
What information we collect
- When making an enquiry on our website, you will be asked to enter your: name, company, email address and phone number.
- If you give us a card or we obtain information from a letter or email you have sent to us, we may record, in our database of contacts, the information on that card, letter or email.
- If you or someone on your behalf supplies information as part of the Initial Review Questionnaire that we ask clients to complete, that information, which includes some or all of your name, age, gender and personal preferences, health, your opinions, political, religious or philosophical attitudes, your financial situation, your attitude to risk, and other matters which we use to help us give you suitable advice. Note that if you do not feel comfortable giving certain items of information, you need not do so. We are contractually obliged to give appropriate investment advice, and are required by our regulators’ Conduct of Business Rules to give suitable advice: this is best done if we have an understanding of the situation of those for whose benefit a portfolio exists. We can give advice based only on the information that has been given to us.
- For client due diligence we are legally required by our regulators to ask for sight of identity documentation, verification of your residential address, and in some cases information concerning the source of the wealth giving rise to the portfolio we are to advise upon. In some cases we have to obtain further information about your background and situation and/or additional verification, which we do by way of research on the internet and other public sources, or by contacting your referees. The purpose of this law is to prevent our services from being used in connection with money-laundering, funding terrorism, or financial crime such as fraud, corruption or the evasion of tax.
- Please see the specific privacy policies on our website for employees and tenants, and for applicant employees and tenants for fuller details.
What we do with your data
We will use the data we collect from you for the following purposes:
- To stay in contact with you;
- To provide the service to which you have contracted, or someone has contracted in your interest
- To adhere to Anti-Money Laundering laws
- To comply with Conduct of Business Rules and other regulatory requirements
- To give suitable advice – required by law and contract - in respect of portfolios under advice;
- To comply with employment and tax/social insurance laws. Employees and tenants should please see separate Privacy Notice on our website
- Where necessary, we will ask for consent to be given by a positive opt in choice. Sufficient information will be provided for an informed choice to be made. The personal data will not be used for any further purpose without additional consent being obtained. It will also be made clear how consent can be withdrawn.
How we store your data and keep it safe
IAM Advisory has in place physical, electronic and managerial procedures to safeguard and secure the personal information we collect. Data is stored securely on our in-house servers. Our external book-keepers (see below) store employee data on their own servers: this does not include special category data.
Retention of data
We keep your data for the duration of any relevant contract and thereafter for the appropriate limitation period, or as required by our regulators. In most cases this will be ten years for clients, six years for employees and tenants, and six years for employee pension records after the end of any relationship we have relating to the data. Where personal data has been obtained in the course of establishing a contract for our services, and the contracts is not finalised, the data may be retained for a period of 4 years from date of collection. Employees and tenants should please see separate Privacy Notice on our website for more details.
Recipients of your data
We do not share personal information with any third parties for marketing purposes.
All of our data is backed-up using the services of an external data services provider.
Our financial records are maintained by an external book-keeper located in Guernsey who may therefore have access to personal data linked to the financial information.
We are required by law to have our accounts audited and as part of this process our auditors, located in Guernsey have access to and might make copies of some of the data stored, which might incidentally include personal data.
We may also engage from time to time third parties to assist us with in-house IT development, but these persons work in our offices and do not make copies of our data for themselves.
Limited information on employees is supplied to the organisation, based in Guernsey, which hosts our website
These third party providers are therefore processors of personal data of which we are the controller, and they may themselves save data in data farms (the operators of which are thereby considered to be secondary processors) We are reaching agreements with our primary data processors to ensure that your information is safe and secure and not shared with other organisations.
Transfer of Data outside the Channel Islands and European Economic Area
The European Economic Area (EEA) and Jersey have similar laws which are mutually recognised by Guernsey as providing adequate protection of personal data. Other jurisdictions may also be recognised as having adequate protection. Your data will not be transferred to third parties in jurisdictions which are not recognised as adequate without an applicable derogation as provided by law. In any event we will take steps to ensure that appropriate security measures are taken in any such transfer with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
Rights to access, remove or correct personal information
You have the right to request a copy of the information that we hold about you by way of a Data Subject Access Request. Please note that your Data Subject Access Request must be accompanied by evidence of your identity, so that we can ensure that we are providing the information only to the right person. For our Data Subject Access Request form, please contact us using the details at the end of this document.
If a member of the public asks for their personal data to be removed from our current record systems, where we do not have a continuing lawful reason for holding it, this will be done within one month of the request being received. The same timescale will apply when we are notified that personal information needs to be corrected or updated.
Use of our website, and cookies
IAM Advisory uses a Google software statistical analysis tool, licensed by Google to our webhost, to create reports on the general location and browsing habits ( for example, which pages visited) of persons viewing ( Visitors to) the IAM Advisory website. Cookies (small text files placed on your computer when you log in to a website) are used by Google Analytics to track user movements to and on the website. IAM Advisory does not and will not assist or permit any third party to pass information to Google that Google could use or recognise as personally identifiable information. More detail as to how Google Analytics uses data may be found at www.google.com/policies/privacy/partners/
Changes to our privacy notice
This notice will be amended in the light of any relevant changes in legislation or related good practice. This privacy notice was last updated May 2018.
How to contact us
- By email: [email protected]
- Or write to us: Louisiana House, South Esplanade, St Peter Port, Guernsey GY1 1BJ
Any complaints in connection with data protection may be directed to the Office of the Data Protection Commissioner in Guernsey, to the Office of the Information Commissioner in Jersey and to the Information Commissioner’s Office in the UK.