This notice applies to personal information held by Cayman National Isle of Man (CNIOM). CNIOM collectively refers to Cayman National Bank (Isle of Man) Limited (CNBIOM) and Cayman National Trust Company (Isle of Man) Limited (CNTIOM), each a Data Controller in its own right.
"We" refers to CNIOM, the underlying entities of CNBIOM and CNTIOM, each acting as a Data Controller.
"Information" refers to any personal data about you that you or third parties provide to us.
"You" refers to you in your capacity as a Customer, connected party or controller of any bank account, relationship, entity or trust structure we operate.
This privacy notice should be read alongside the Terms and Conditions provided to you as they also contain sections relating to the use and disclosure of your information. To the extent that there is any conflict between the provisions of this Privacy Notice and any other Terms and Conditions, this Privacy Notice governs.
CNIOM has appointed the same Data Protection Officer (DPO) for each of CNBIOM & CNTIOM.
The DPO can be contacted at:
Data Protection Officer
Cayman National Bank (Isle of Man) Limited OR Cayman National Trust Company (Isle of Man) Limited
Cayman National House
4-8 Hope Street
Phone: (0044) 1624 646900
If you have any queries regarding this Privacy Notice or how we process your information, please contact the DPO using the details noted above or by arranging an appointment to discuss your query in person.
Why we collect information
The type of information collected by CNIOM will differ depending on the services being provided. In general, the information will be used for the following purposes:
the provision of financial services and to enable CNIOM to enter into an agreement with you; fulfilling our legitimate interests, such as in the managing of risk; carrying out your instructions – e.g. payment requests, banking services, trust and company administration services; creation and ongoing administration of a product or structure; the administration of investments; investigation and resolution of complaints; provision of online services; carrying out checks in relation to your creditworthiness; corresponding with solicitors, surveyors, valuers, conveyancers or other third parties for the provision of our services to you; recover debts owed to CNIOM; defence of our legal rights; complying with the regulatory requirements in relation to anti-money laundering, countering terrorist financing and anti-bribery & corruption in verifying you and your identity and assessing your suitability for our services and products; detecting and preventing crime, such as fraud; improving our services to you; the provision of information to relevant tax authorities as and when required; the provision of information to other external regulatory bodies to which we are legally required to provide information to, as and when the governing legislation or tax reporting requirements change, or any other legal requirement.
We will use your information where we have your consent or where another lawful reason exists such as the provision of a contract, in our legitimate interests, where we believe it is in the public interest, in defence of our legal rights or to comply with a legal requirement.
What we will collect about you
The type of information we will collect includes:
personal details such as name, former names, date of birth, gender and place of birth; contact details such as address, previous addresses, email address and phone numbers;information about your marital status, dependents and social circumstances; tax reporting information including country of domicile, national insurance number or tax identification number; employment details, education, qualifications and positions held; confirmation of your right to act in relation to a company or structure or entity; information about your identity including passport copies, driving licence copies, other photographic identification documents, proof of address verification such as utility bills or bank statements or otherwise as provided; other information you provide relating to your financial standing, your personal wealth, assets and liabilities and the source of funds in order to verify the source of wealth for the arrangements you have with CNIOM; we may also require detail relating to your ability to cover a debt, repay a loan and your overall financial standing may also be applicable; where permitted by law, information about criminal convictions or offences or alleged offences or claims made against you or entities associated with you, for specific and limited activities such as completing our due diligence requirements; details of disqualifications or other relevant notices which are available in the public domain; details of any prominent or politically exposed position held.
The information you provide will only be used for the purposes of the provision of financial services.
Some of the information we collect will come direct from you, other information will come from third parties or from publicly available sources. CNIOM will use third party sourced data to carry out due diligence checks, sanctions and anti-money laundering checks. This is information we need to support our regulatory obligations. The information listed above may relate to you as our Customer, but also to persons that are associated with any entity or structure with you, such as a trust or managed company.
If you fail to complete our full "Know Your Customer" due diligence requirements, we will not be able to facilitate or offer to provide any product or service to you.
We may also collect information on third parties or family members through the documentation you provide to us. We will only use the necessary information to meet our compliance obligations, to comply with laws and regulations that CNIOM is subject to.
Information we generate about you
We will generate information about you in the course of our relationship, including:
your financial information such as other firms you deal with, other arrangements you have in place, how you manage your finances and credit, who you make payments to and receive funds from, salary and ad-hoc payments received; your identification information, signature, online banking log ins and voice recordings; CCTV images; record of any meetings, advice or recommendations given to you; tracking information – see note below; geographic information from card payments; records of correspondence received and processed by email, letter, voicemail etc.
We may also analyse your transaction information and payment flows to enable us to identify improvements to our services and online offering.
We may monitor or record any communication between you and CNIOM including telephone calls, face to face meetings, letters, emails and any other kind of communication. We may use these recordings to check your instructions to us, to assess and improve our service to you, train staff, manage risk and to prevent and detect crimes such as fraud. For security and to prevent and detect crime we may collect recordings, images and sound using CCTV in and around our premises.
When you visit our website, we may collect information about you which is useful in improving the operation of the website or used for essential functionality such as security when processing form data. The collection of the information is through the traffic data on the site and through the creation of a number of cookies. These cookies are referred to as first party cookies as they are specific to the host site that created them, do not store any personal or sensitive information or anything that makes you personally identifiable to us.
We may also collect login information and Internet Protocol (IP) address coordinates. For further details please see our Legal Notice covering our website usage and cookies.
Where we may transfer your information
Your information may be shared or transferred where it is lawful to do so, depending on the type of service we are providing, with the following:
other joint account holders, trustees, beneficiaries, controllers, administrators or executors; individuals who give guarantees for any debt owed to CNIOM; other parties involved in a dispute including disputed transactions; other financial services providers, lenders and credit reference agencies in relation to credit arrangements; other financial services providers for the provision of transactions; beneficiaries of payments or remitters of transactions; fund managers, brokers, asset managers or agents who deal on your behalf; beneficiaries, intermediaries, clearing houses, clearing or settlement systems, counterparties or any company where securities are held and traded through us; intermediaries or introducers who have an interest in the business introduced to CNIOM; anyone who is instructed to act on your behalf, power of attorney, solicitors, accountants, etc.; credit card processing providers including those facilitated by Cayman National Corporation Ltd group of companies; entities or individuals in connection with a potential or actual corporate restructure, merger, acquisition or sale, including the transfer or potential transfer of any of our rights or duties under our agreement with you; internal and external auditors operating within the Cayman National Corporation Ltd. group of companies; auditors or parties appointed to carry out investigations or audits of our activities; law enforcement, courts, dispute resolution and regulators as required by law; Government agencies in the provision of tax reporting, as required by law; any other individual or entity what we've been instructed to share your information with by you, either jointly, solely or as a controller.
Overseas transfer of your information
We may need to transfer your information outside of the Isle of Man and the EEA, where the same level of protection is not offered. Where your information is being transferred to third parties or third countries CNIOM will ensure there is a contract in place, that there is an appropriate level security and a legal basis for transferring.
We will only share your information with those that have a right to see it, where there is an obligation to remit the information, where it is in our legitimate interest or where it is a requirement in order to facilitate a contract with you. For example, should you request a card to operate a bank account held with CNBIOM, we will transfer information relating to you, your account, company or structure outside of the EEA (European Economic Area) to other companies in the Cayman National Corporation Ltd group of companies. In accepting the terms and conditions governing the provision of services to you, you acknowledge that your information will be processed in this manner.
You have a number of rights in relation to the information we obtain and hold about you, such as:
the right to access the information we hold about you and how it is processed;the right to receive the information you provided to us in a portable format, including the right to have the information provided to a third party; where you have provided your consent to us, in certain circumstances you can withdraw your consent to process your information. Where we are legally obliged to, we will continue to process your information; the right to have inaccurate information rectified; the right to erase information in certain circumstances. Where we are legally obliged to, we will continue to hold your information; the right to object to processing of your information or restrict the manner in which it is processed in certain circumstances. Where we are legally obliged to, we will continue to process your information and can refuse your request; the right to object to processing your information for the purposes of marketing; the right to complain about our processing or handling of your information.
Where you complain about our processing of your information the DPO will investigate on your behalf. If you wish to contact the data protection authority the Information Commissioner for the Isle of Man to escalate a matter please use the below contact details:
The Information Commissioner
Isle of Man
Phone: +44 (0)1624 693260
Retention of information
Your information will be retained in line with the requirements of relevant legislation that govern CNIOM, including those relating to banking services, trust and company administration, anti-money laundering and countering terrorist financing. The retention period is determined based on the type of record, the nature of the activity and the product and service offered. Detail of our retention timeframes is contained within our retention policy which may be updated from time to time as overriding legislation changes.
Once your information is no longer required we will destroy, delete or anonymise the data and can confirm that no further decisions will be made about you based on this deleted information.
We may need to retain your information outside of the prescribed timeframes, where an ongoing investigation is being undertaken by a Police force, other investigative agency or regulatory body, or where a dispute has arisen and is being investigated or whereby legal proceedings are taking place.
In these instances, your information will be retained for as long as deemed necessary. Destruction of such data will be completed as soon as practicable thereafter.
If you would like any further information on our retention policy please contact the DPO.
Security of information
We take the security of your information very seriously. We have in place a framework of policies and procedures governing the control and protection of your information. We use a range of measures to safeguard your information including:
encryption; penetration testing; IT security arrangements; business continuity planning; ongoing testing and monitoring; training and awareness amongst staff.
Where we work with third parties in the provision of our IT and security arrangements we require compliance with specified standards covering the protection, storage and transferring of your information. Contracts are in place detailing the appropriate measures required to protect your information.
Where there is a legitimate business interest we may use your information to provide you with information about our products and services.
In certain instances, we will rely on your consent to provide you with marketing information about CNIOM's group of companies. You can withdraw your consent at any time using your normal method of communication with us.
We will not provide your information to external third parties for the provision of marketing.
We request that you ensure the information we hold about you is accurate and up to date. Please notify us as soon as possible if your circumstances change. We are obliged to send certain mandatory communications to you and therefore need to have accurate contact information for you.