Privacy policy

Our commitment:

At Manx Financial Group PLC (“MFG”), we are aware of the trust you place in us and our responsibility to protect your privacy and keep your personal data secure in accordance with Data Protection legislation.

This privacy notice covers:

  • How and why we process your personal information;
  • The sources of information about you;
  • The parties we may disclose it to;
  • How long we will retain your information;
  • What rights you have in respect of your personal data; and
  • How you can contact us with any further queries or concerns.

The Data Controller:

Manx Financial Group PLC is the Data Controller for the purposes of the Data Protection Act 2018 and in relation to all the personal data provided to us. The primary legal basis for which we process this personal data, is for the performance of contracts we enter into (or may enter into) with you.

Why do we collect personal information?

We collect your personal information for the following purposes:

  • It is necessary to consider proposals from you as a potential private lender to us;
  • It is necessary to provide information and ongoing administration to existing private lenders, and to perform our obligations under the Loan Agreements;
  • To manage our 3rd party arrangements required by us in order to run our business (such as IT system providers or administration services etc.);
  • To consider any applications for employment;
  • To manage our shareholder information and administration;
  • For general business purposes, to prepare management and accounting information necessary for the conduct of our business, including audit; and
  • To comply with our legal and statutory obligations including reporting to the London Stock Exchange Alternative Investments Market (AIM).

Your personal information is only collected and used for the purpose(s) it was provided for, and of which you were aware at the time your information was supplied to us, whether that be as a staff member, shareholder or private lender. We will limit the collection of your personal information to only that which is needed in order to satisfy the intended purpose.

What information do we collect and how do we collect it?

In order to fulfil the purposes above, we will need to collect your personal information. We collect it from you when you initially provide it to us, every time you contact us during the administration of your relationship with us, and from additional sources such as background checks and/or references. Information is collected when you meet with us, complete forms, correspond with us, telephone us, or send us an email.

We may also get your personal information from an intermediary, (a company who may have introduced you to us) such as Conister Bank Limited or Edgewater Associates Limited (who are wholly owned subsidiaries of MFG). If you are a shareholder, we may receive your personal information from Computershare Investor Services (Jersey) Limited who manage our shareholding obligations.

The information collected can include all, or a combination of the items listed below:

  • General personal details including your name, date of birth, place of birth, nationality, gender, marital status;
  • Your contact details (address, telephone numbers, e-mail);
  • Financial details such as bank account details and/or tax information;
  • If you are applying for a job with us, employment details such as employment status, employer contact details, and salary information, and character references; and
  • Publicly available information (generally obtained through internet searches) such as news articles or public register information which is obtained from background searches or reference checks.

Sensitive Information:

Certain types of personal information are classed as “sensitive” under the Data Protection legislation, or otherwise referred to as “special categories” of data. This includes information about your health, race, ethnic origin, political opinions, religious or philosophical beliefs, sexual orientation, trade union membership and genetic and biometric data.

We do not need to collect your sensitive personal data during the normal course of our business. However, sometimes we may indirectly come across sensitive information such as your health data. For example, if you lend to MFG, and during the term of your loan you become subject to a court registered Enduring Power of Attorney, we will be aware of the fact that you may have mental health issues requiring the use of the Power of Attorney, and thus we have indirect information relating to your health. In order to be able to process any sensitive personal data, we will need your consent. In the unlikely event we are likely to (or do) come into possession of your sensitive personal data, we will contact you separately to seek your consent for its processing.

How do we use your personal information?

We use the personal information that you (or third parties) have provided to us in any or all of the following ways:

  • To conduct background checks if you are lending to MFG;
  • To consider any application for employment you may have submitted;
  • Administration in order to allow us to perform our obligations under a loan agreement, or employment contract you have entered into with us;
  • To generally manage our relationship with you;
  • For general business purposes, to prepare management and accounting information necessary for the conduct of our business, including audit;
  • For the prevention and detection of crime, including AML purposes, fraud detection and debt collection; and
  • To comply with any and all statutory responsibilities.

Information you submit through our website may be held and processed by our Internet Service Provider, but it is only held and processed on our behalf and under our strict instruction.

If you have entered into a loan agreement with us, we will also share your personal information with Conister Bank Limited, (a wholly owned subsidiary of MFG), who provide our account administration services.

Disclosure of Personal Information:

During the term of your relationship with us we may disclose your personal information to any of the following parties to allow us to properly manage our relationship with you:

  • To fraud prevention agencies; (for further information see below)
  • To persons acting as our agents or on our behalf under a strict code of confidentiality where we outsource functions (for example Conister Bank Limited who provide our administration services or printing companies);
  • To Computershare Investor Services (Jersey) Limited who manage shareholding administration and obligations on our behalf – (Computershare Limited have their own obligations to you with regard to the personal data they hold, for further information please contact them directly);
  • Back to you during the course of your relationship with us;
  • If you are a current or former employee, to prospective employers who seek references about you (who will require your consent to do this);
  • If you are a significant shareholder, to the London Stock Exchange Alternative Investments Market as required by stock exchange rules; or
  • To legal and regulatory bodies as required by law or regulation.

Otherwise we will keep all of your personal information confidential unless you give us consent to transfer it to a third party.

It is not normally necessary during the usual course of business to transfer your personal data outside of the Isle of Man or the UK; however, in the event it is necessary, it will be done so in accordance with the requirements of Data Protection legislation. These requirements include the provision that the recipient of your personal data must have the same level of protection in place as you are entitled to on the Isle of Man or in the UK. We will advise you in the event that your personal data is to be transferred in this manner.

There are two exceptions to this:

1. If you are a shareholder and live outside the Isle of Man, UK or the EEA and we are sending your personal information back to you, the international transfer will be necessary in order to communicate directly with you; or

2. If you are a shareholder, we share your information with Computershare Investor Services (Jersey) Limited, who operate from Jersey. Jersey currently has an EU data protection Adequacy Decision which confirms that they have appropriate levels of protection and equivalent data protection legislation.

Fraud Prevention Agencies:

We may share your personal information with fraud prevention agencies if we feel fraud has been or might be committed. These agencies collect, maintain and share data on known and suspected fraudulent activity for the purposes of fraud prevention. These records may be searched and shared with other organisations by the fraud prevention agencies.

We have a legal obligation to report suspected fraud to law enforcement agencies.

The fraud prevention and law enforcement agency that we share data with is the Isle of Man Financial Intelligence Unit.

How long do we retain your personal information?

We are permitted by law to retain your information for as long as is necessary in relation to the purposes for which the information was originally provided. This includes our legal requirement to hold some information for at least 6 years following the termination of a relationship or transaction.

If you are a private lender, we will therefore hold your personal information, accounting records, client due diligence (CDD) and transaction records for a minimum of six years following the maturing of your loan, except where records are required for investigation by law enforcement, where they will be retained for as long as required by the Constable or competent authority.

Once your information is no longer necessary in accordance with the above, it shall be destroyed in line with Data Protection legislation.

Your Rights:

Under Data Protection legislation you have the following rights free of charge. To exercise any of your rights or for further information, please contact the Data Protection Officer at our address below.

1. Access to Personal Data

Subject to exceptions detailed in Data Protection legislation, you have a right of access to all personal data we hold about you. If you wish to exercise this right, or you have any questions regarding your personal data, please write to the Data Protection Officer at the address below. We will respond within one month from receipt of a valid request, and in any event, without undue delay.

2. Automated Decision Making

MFG does not use any automated decision making technology.

3. Rectification

You have the right to the rectification of inaccurate data, and to obtain completion of incomplete personal data. To correct or amend your personal data, please contact the Data Protection Officer at the address below with the details. We will make the required changes as soon as possible.

4. Erasure

In certain situations you have the right to request that your personal data is erased, however, there are limitations to this right.

Examples of grounds for exercising your right to erasure include:

  • Personal data is no longer necessary for the purpose of the performance of a contract between us and you;
  • Where data has been unlawfully processed;
  • Where data has to be erased to comply with a legal obligation;
  • Where a right to object to direct marketing or the right to object to processing has been exercised.

Examples of limitations to your right of erasure include:

  • It is necessary for the performance of a contract between us and you;
  • Our compliance with legal obligations to retain client records for certain periods of time (as detailed above); and
  • Establishment, defence or exercise of legal claims.

5. Restriction of Processing

You have the right to restrict our processing of your personal data in the following circumstances:

  • If you contest the accuracy of personal data processed by us, (we may restrict processing for a limited period to enable us to verify the accuracy and amend the data as necessary);
  • We no longer require your information for the purposes we originally obtained it;
  • We have no legitimate grounds for processing your information or your information has been processed unlawfully.

6. Data Portability

You have a right to receive your personal information that you have provided to us, in a structured, commonly used and machine readable format. You also have a right to have this personal data transmitted to another data controller (i.e. another business), where technically feasible to do so.

7. Right to Object

You have the right to object to us processing your personal data in the following circumstances:

  • For direct marketing purposes;
  • Profiling in relation to direct marketing.

MFG does not currently conduct either of these activities.

8. Right to Lodge a Complaint

If you have a complaint regarding the way we are processing your personal data, please address it with us in the first instance in the hopes that we will be able to resolve the matter with you. You can do this using either of our contact methods provided at the bottom of this notice.

However, if you do not want to address your concerns to us, or we have failed to satisfactorily respond to your data protection complaint, you have the right to complain to the Data Protection Supervisor. The contact details are below:

Isle of Man:
Information Commissioner
First Floor
Prospect House
Prospect Hill
Douglas
Isle of Man
IM1 1ET
Tel: +44(0) 1624 693260

United Kingdon:
Information Commissioners Office
Wycliffe House
Wilmslow
SK9 5 AF
Tel: +44(0) 303 123 1113

Cookies:

Our website uses a number of cookies to store data on our visitor's computers.

Cookies are text files which identify users’ to the MFG server. Our cookies do not store any personal or sensitive information, or anything that makes you personally identifiable to us. They are used for essential functionality such as security when processing form data or for analytics which helps us use anonymous visitor data to gain a better understanding of how people use our website.

For further information, please refer to our Cookie Policy.

What is aggregate information?

Aggregate information is used to show us the total number of visits to our website and which parts of the site are used and most. Aggregate information does not identify individuals, as it does not contain any personal data. This information helps us in developing our website and improving the service we offer you.

The Data Protection Officer and Contact Details:

If you have any questions or concerns regarding this notice or data protection in general, please contact us, addressing your query to the Data Protection Officer:

Writing: Manx Financial Group PLC, Clarendon House, Victoria Street, Douglas, Isle of Man, IM1 2LN

Telephone: +44 (0)1624 694694

 

MFG/68/PPN/V2-May2018