Privacy Statement


Freeport Trust Company Limited understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all our clients and will only collect and use personal data in ways that are detailed in this statement, and in a way that is consistent with our obligations and your rights under the law.

Our Contact Details

Freeport Trust Company Limited
Address: 4 Athol Street, Douglas, Isle of Man, IM1 1LD
Telephone: 01624 625538

What personal data do we collect?

We currently collect and process the following data:

  • Personal Details - Name, address, telephone number, e-mail, nationality, date of birth, place of birth.
  • Information in relation to an interest in a legal entity such as the date on which an individual has acquired an interest in a legal entity and the nature of such interest.
  • National Insurance numbers and individual tax reference numbers.
  • Know Your Client (KYC) and Client Due Diligence (CDD) information, comprising such things as passport, utility bill, driving licence, source of wealth, source of funds, and bank account details. 
  • In certain circumstances we may hold information relating to criminal convictions/allegations or whether a person holds PEP (Politically Exposed Person) status.

Whose personal data do we collect?

To enable us to provide our professional services as efficiently as possible, we will process personal data in respect of: 

  • Clients – current, former and potential 
  • Business Contacts 
  • Suppliers 
  • Complainants 
  • Settlors, Protectors, Trustees & Beneficiaries (who in certain circumstances may be children)  
  • Controlling Persons of Entities 
  • Politically Exposed Persons, their families and associates 
  • Associates, Employees, Consultants of Client Entities

Why and when do we collect personal data?

We will collect and process your personal data for one of the following reasons:

  • To enable us to provide corporate or trustee services to you. Our ability to offer/provide services to clients and prospective clients is dependent on having access to personal information. 
  • To comply with our regulatory and legal obligations including reporting any crime, or suspected crime including money laundering, terrorist financing or fraud. 
  • Provide you with information regarding our products and services where you have consented to be contacted for such purpose.

We will obtain personal data from you at the start of a business relationship or potential business relationship and during the course of the business relationship at any regulatory or contractual ‘trigger events’. 

A trigger event can be constituted by any of the following: 

  • Change of address 
  • Change of signatories 
  • Change of ownership or structure 
  • Change of name 
  • Substantial deposits (relative to expected activity)  
  • Forming a new company
  • Any other significant change to the client’s circumstances

How do we collect personal data?

Most of the personal date we collect is provided by you. There may also be instances when we receive personal information indirectly form the following sources:

  • Internet searches and Screening software such as SmartSearch is used to undertake independent screening as required by AML/CFT legislation before engaging in a business relationship and during the course of the business relationship.
  • Third Party Introducers provide personal information when introducing business to the firm.

What legal basis do we have for processing your personal data?

The GDPR requires us to advise you of the legal basis for which the processing of your personal information is based. Details of these are as follows:

  • Anti Money Laundering and Countering the Financing of Terrorism Code 2019
  • Beneficial Ownership Act 2017
  • Bribery Act 2013
  • Automatic Exchange of Information;
    • Income Tax (Common Reporting Standard) (Amendment) Regulations 2019
    • The International Tax Compliance (United States of America) Regulations 2014
  • Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017

When do we share personal data? 

Freeport Trust Company Limited will not share your personal data with any third parties without your consent. There are however some exceptions to this where we are obliged to share personal information. 

We are obliged to share this information with the following organisations or individuals:

  • Isle of Man Income Tax Authorities who will then send this information to other jurisdictions where individuals have a tax obligation in accordance with Automatic Exchange of Information (AEOI) legislation. 
  • Isle of Man Financial Services Authority
  • Isle of Man Financial Intelligence Unit 
  • Isle of Man Government Authorities such as Department for Enterprise
  • HMRC 

We are obliged to share personal data in the following circumstances:

  • On receipt of a Court Order
  • When we are opening a bank account 

Where do we store and process personal data?

All current hardcopy records are held within our office located at 4 Athol Street, Douglas, Isle of Man, IM1 1LD. Electronic records are held in our company secretarial software package, Companion. Electronic records also take the form of any Microsoft Office Suite document and Adobe Acrobat. Electronic records are held on individual IT infrastructure situated in the Isle of Man.

How do we secure your personal data?

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These include firewalls and software to protect against malware and unauthorised access to the information systems. Access to personal data is limited to employees, agents, contractors and other third parties who have a business need to know. 

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

How long we will retain personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.  To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Once we no longer provide services to you, we will retain and securely destroy your personal information in accordance with our data retention policy. You can get further information about our data retention policies by contacting us.

What are your rights?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:

  1. The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the contact details provided on page 1.
  2. The right to access the personal data we hold about you. Details on how do access your personal data can be found below. 
  3. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details provided on page 1. 
  4. The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the contact details provided on page 1.
  5. The right to restrict (i.e. prevent) the processing of your personal data.
  6. The right to object to us using your personal data for a particular purpose or purposes.
  7. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us the contact details provided on page 1. It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.

How your personal data can be accessed?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it. This is known as a “subject access request”.

Subject access requests can be made verbally or in writing. If you do make a request verbally, we recommend you follow up in writing in prodder to provide a clear trail of correspondence. Written requests should be sent to the email or postal addresses detailed on page 1. 

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding. We will respond to your subject access request within one month of receipt of the request. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, the time period may be extended by a maximum of a further two months. You will be kept fully informed of our progress and the reasons for any delay before the end of the first month.


Should you feel it necessary to make a complaint, in the first instance this should be made in writing explaining the reasons for the complaint to:

The Directors
Freeport Trust Company Limited
4 Athol Street
Isle of Man 

You will receive an acknowledgement of this within 7 working days. After the first week we will keep you informed of our progress until your complaint has been resolved. In exceptional circumstances where your complaint is particularly complex you will appreciate that matters may take longer to resolve. We will fully investigate the circumstances surrounding your complaint and notify you of the outcome of our investigation and of any action taken within 8 weeks.

If you feel that your complaint has not been satisfactorily resolved, you may complain directly to the Information Commissioner:

Mr I McDonald 
Information Commissioner 
PO Box 69, 
Isle of Man 
IM99 1EQ 

T: +44(0)1624 693260