The Affinity Group of Companies (namely Affinity Group Limited (“AGL”), Affinity (Isle of Man) Limited (“AIOM”) and Affinity (Malta) Limited (“AML”) (hereinafter referred to jointly as “Affinity”) are committed to keeping your personal information secure and to adhering to best practice and the principles laid down in data protection regulations in place within the jurisdictions in which we operate.
• Our Companies
• Why do we need your information • What information do we need • What we do with the information
• How we store your information
• Sharing your information
• Transferring your information to other countries
• How we keep your information accurate
• What we do with your information when we don’t need it anymore
• How you can access the information we hold
• Affinity’s role as a Data Controller
• The Group Data Protection Officer
• Links to other websites
• Marketing • Complaints
• Cookies Policy
Why do we need your information?
Affinity is obliged to operate in accordance with the framework of the laws and licensing regime in place in the jurisdictions in which it operates together with all applicable international legislation. Such laws and regulations include (but are not limited to) legislation covering financial services regulation, anti-money laundering and countering of terrorism, taxation (“the applicable legislation”). Affinity also needs to receive your information to enable us to provide to you the level of services that you have requested us to provide to you. What information do we need? Affinity will collect personal information about you at the beginning of our relationship and may also collect further information from you from time to time during the course of our relationship to ensure our continued adherence with the applicable legislation. We will only collect personal data that is absolutely necessary for us to comply with our requirements under the applicable legislation and to enable us to provide the services you have requested us to provide. We do not collect any personal information that is deemed to be of a “Special Category” under the applicable data protection legislation in force. (eg. information pertaining to race; ethnic origin; political beliefs, religious beliefs, trade union membership, genetics, biometrics, health, sex life or sexual orientation). What we do with it All of the personal data we collect is processed by our staff and is used in line with the services we are providing to you and our obligations under the applicable legislation. This may include: • Providing proposals and engaging terms of business • Providing services to you including the administration of client companies or trusts • Managing assets on your behalf • Crew employment • Communicating with third parties such as banks • Communicating with ship and aircraft registries • Communicating with Government Departments and regulators • Licencing applications • AEOI reporting such as FATCA and CRS • To assist with the prevention of financial crime and the funding of terrorism • To undertake risk assessments as required under the applicable legislation As the services we provide are so varied the way we use your information will be determined by what those services are. A specific list based on our agreed relationship can be provided, please contact our Group Data Protection Officer for further information. How we store your information We store all electronic personal information received within secure software which is stored and maintained on servers located within the Isle of Man and maintained by a third party cloud processor which is resident in the Isle of Man. The Isle of Man is recognised by the EU as a jurisdiction that provides an adequate level of data protection. We store all non- electronic personal information received within files located in our secure offices or within secure archive facilities in each respective jurisdiction which are operated by data processors pursuant to data processing contracts which are issued in accordance with the requirements of GDPR. Sharing your information We may share your information within the Group or with other bodies where lawful circumstances provide us to do so. These include:
• Tax and VAT authorities
• Law enforcement agencies
• Third party agencies such as banks
• Yacht and aircraft registries
• Other regulated corporate and trust service providers (who also provide services to you outside of the our respective jurisdictions )
• Credit reference agencies
• Third party customer screening entities, (i.e. World Check)
• Software providers and cloud server providers
• Consultants and/or agents contracted to provide services to Affinity.
We do not sell, distribute or lease your personal information to third parties, unless we have your express consent to do so or are required to by law. Transferring your information to other countries Affinity may share your information within the Group or may have to share your information with an organisation in another jurisdiction.
When we share data within the Group we do it based on an intra group data sharing agreement to ensure that you are receiving the services that you have requested from the appropriate office, to avoid duplication of work and additional unnecessary requests for personal data when accessing services in more than one jurisdiction, to enable us to provide you with information on new products and services which we feel may be of interest to you, for identity verification purposes, alerts on suspicious activity, creation and development of anti-fraud measures and the purposes of combatting criminal activity. Malta is a full EU member and the Isle of Man has been accepted by the EU as having data protection legislation that ensures an adequate level of protection. It is possible to share information freely between Malta and the Isle of Man.
When sharing personal data to an organisation that is outside of the EU/EEA or to a country not deemed by the EU to ensure an adequate level of data protection we will ensure that such data transfers are subject to the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. How we keep your information accurate Affinity is required to ensure the personal data that we hold for you is accurate and up to date. Affinity has adopted policies to ensure that they take every reasonable step to ensure that it keeps in regular contact with its clients and customers with a view to ensuring that the information that we hold for you remains up to date and accurate at all times.
What we do with your information when we don’t need it anymore