Global Capital Markets
Last Updated Date: December 9, 2020
United Kingdom and European Union (EU) Privacy Notice
This Privacy Notice for Clients of the European Wilmington Trust entities identified in Section 7 below (“Privacy Notice”) applies to Personal Data relating to an individual that is collected and processed for the purposes referred to herein. The terms “Wilmington Trust,” “we,” “us” or “our” in this Privacy Notice refers to the Controllers identified in Section 7. This Privacy Notice describes the categories and uses of Personal Data and the rights that individuals may have subject to applicable law including the General Data Protection Regulation (EU) 2016/679 (“EU GDPR”) and the United Kingdom General Data Protection Regulation (“UK GDPR”).
This Privacy Notice may be amended or updated from time to time to reflect changes in our Personal Data processing activities, or changes in applicable law. When a change is made, we will post the updated version of this Privacy Notice to the Wilmington Trust website. All changes will become effective as of the Last Updated Date indicated on this Privacy Notice. We encourage you to regularly check the website to review any changes that we make.
· Wilmington Trust Internet Privacy Notice for non-EU visitors to the Wilmington Trust Website
· Wilmington Trust Website Privacy Notice (EU) for EU visitors to the Wilmington Trust Website
· Wilmington Trust Visitor Privacy Notice for visitors to Wilmington Trust offices and facilities
Section 1: Categories of Data Collected
We collect certain categories of Personal Data about you:
· Personal Details: name, address (including country of residence and country of citizenship or nationality), date of birth, government issued identification number, passport identification information (including passport photo and number) and other Know Your Customer (KYC) information including utility bills and bank account statements.
· Financial Details: percentage stake of beneficial ownership in financial vehicles, net worth, assets, liabilities, and annual income, and source of wealth.
· Contact Details: company role, business address, business phone number and business email address.
· Diligence Information: criminal convictions and offences and Politically Exposed Person (PEP) status.
We do not collect Special Categories of Personal Data for the processing purposes set forth in this Privacy Notice.
We collect information from you or your company representative. From time to time, we may obtain personal information about you from third-party sources (including LexisNexis WorldCompliance and WLM), but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us.
The types of information we collect from third parties include information about criminal records and offences and Politically Exposed Person (PEP) status.
Section 2: Purposes of the Processing and Legal Basis for the Processing
1. Processing of this information is necessary for compliance with a legal obligation.
· We process your Personal Data as necessary for compliance with our legal and regulatory obligations including applicable anti-terrorism and anti-money laundering laws and regulations as described in the next paragraph.
· During client on-boarding, and on a regular basis thereafter during the client relationship, we process Personal Data to fulfill our compliance with applicable anti-terrorism and anti-money laundering laws and regulations. We will use your Personal Data to verify your identity in accordance with ‘Know Your Customer’ requirements and for screening against law enforcement agency sanctions lists. During these processes, the information that is provided to us is compared against information contained in databases maintained by third parties (including governmental authorities). We also compare your information against publicly accessible sources. As such, we may learn of new information about you through these processes that is combined with information that we directly collect from you or your company representative.
· We process your Personal Data as necessary for detecting, investigating, preventing, and reporting any actual or suspected violations of laws and regulations.
· Failure to provide this information will prevent us from conducting business with you or your company.
2. Processing of this information is necessary for our legitimate interests taking into account your fundamental rights and freedoms
To the extent that our legitimate interest is not overridden by your interests or fundamental rights and freedoms, we process your Personal Data in the following manner:
· Where not already covered above in accordance with our processing as necessary for compliance with a legal obligation, we process your Personal Data for the purpose of conducting audits and managing risks to which our business is exposed. This includes managing our security risks.
· We process your Personal Data as necessary for legal proceedings that may involve you or your company.
· Where permitted by applicable law we may use your business contact information to contact you regarding an existing client relationship or future opportunity to serve your corporate needs. This may include sending you newsletters, event invitations, or other announcements pertaining to our corporate services via email and you can choose to opt-out of future email communications as instructed within the email.
· We ensure that your rights and freedoms are protected by taking measures to ensure that our processing activities are necessary for the purposes of our processing and by offering you the right to opt-out or object in accordance with Section 6 below.
3. Processing of information for other purposes
· In general, we will use the personal information we collect from you only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your personal information. However, we may also use your personal information for other purposes that are not incompatible with the purposes we have disclosed to you (such as archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes) if and where this is permitted by applicable data protection laws. We will seek your consent to further processing where this is required by applicable data protection laws.
Section 3: Disclosure of Personal Data
In accordance with applicable law, we may disclose your Personal Data to the following categories of recipients as identified below.
Group Companies and Affiliates which includes our related companies located in the United States, United Kingdom and the European Economic Area (EEA).
Competent law enforcement body, governmental agency, court and judicial bodies which includes national and local government agencies, regulatory bodies, law enforcement agencies and courts where we believe disclosure is necessary (i) as a matter of applicable law or regulation; (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
Third Parties include Processors, service providers, auditors, attorneys, and other professional advisors which may be located in countries outside of the United Kingdom or European Economic Area (EEA) and who provide data processing services to us or who otherwise process Personal Data for purposes that are described in this Privacy Notice or notified to you when we collect your Personal Data. Refer to Section 4 for more information on transfer of Personal Data outside of the United Kingdom or European Economic Area. Third Parties are subject to contractual obligations to only process the Personal Data in accordance with our instruction, and to use measures to protect the confidentiality and security of your Personal Data.
Actual or potential buyer (and its agents and advisors) in the event that we wish to sell or transfer all or any of our business or assets, we may disclose your Personal Data with the potential acquirer(s) (and its agents and advisers) provided we inform the buyer it must use your Personal Data only for the purposes disclosed in this Privacy Notice.
Any other person with your consent to the disclosure.
Section 4: Transfers of Personal Data outside of the United Kingdom or European Economic Area
As noted above in Section 3, in order to provide services to you and to comply with applicable laws, we may need to transfer your Personal Data to a country located outside of the United Kingdom or European Economic Area (EEA), including the United States, for processing. When transferring Personal Data to a country outside of the United Kingdom or the EEA, we rely on standard contractual clauses entered into with our affiliates and third parties which provide for appropriate safeguards. We may also rely on representations from third parties that appropriate safeguards are in place through their compliance with approved data transfer frameworks.
Section 5: Data Retention
We will retain your Personal Data for the life of your client relationship with us. Once your client relationship is terminated, we will continue to retain your Personal Data only for as long as it is needed for the purposes set forth in this Privacy Notice and for no longer than the maximum time period allowed under applicable laws and regulations. For purposes hereof we retain (i) Know Your Customer (KYC) information for a period of five (5) years following termination of the client relationship and (ii) client transaction documents for a period of six (6) years following termination of the client relationship for client transactions involving France, Ireland, Italy and the United Kingdom and for a period of ten (10) years for client transactions involving Germany.
Section 6: Your Legal Rights
Subject to applicable laws, you may have the right to exercise the following:
· The right to request access, or request copies of, your Personal Data that we process,
· The right to request rectification of any inaccurate Personal Data that we process,
· The right to request erasure of your Personal Data that we process,
· The right to restrict processing of your Personal Data,
· The right to object the processing of your Personal Data,
· The right to have your Personal Data transferred from one controller to another, and
· The right to lodge complaints with a Data Protection Authority (DPA). (Contact details for data protection authorities in the European Economic Area are available here.)
Please use the contact details below to make enquiries about your rights.
Section 7: Controllers and Contact Details
This Privacy Notice is being provided by the entities list below as Controllers. If you have any questions or concerns regarding the practices described in this notice, please reach out to our designated representative at firstname.lastname@example.org
Name of Controller
- Wilmington Trust SP Services (London) Limited (USA)
- Wilmington Trust (London) Limited
- Wilmington Trust SP Services (Dublin) Limited
- Wilmington Trust SP Services (Frankfurt) GmbH
- Wilmington Trust S.A.S
- Wilmington Trust (Milano) S.r.l.
Controller Contact Information
- Wilmington Trust SP Services (London) Limited
Third Floor, 1 King's Arms Yard
London, EC2R 7AF
Section 8: Defined Terms
- Any information that can be used to identify an individual, directly or indirectly.
- Operations, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- The person or entity that determines the purposes and means of Processing Personal Data.
- Any person or entity that Processes Personal Data on behalf of the Controller.
Special Categories of Personal Data
- Race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, sexual life or sexual orientation data.
Section 9: Updates to this Privacy Notice
We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws.