Home » Legal Notices » Privacy Policy

Privacy Policy

This privacy policy (“the policy”) describes how FinLaw collects, uses and shares the information you provide to us and the information we collect in the course of operating our business and in using our websites.


This privacy policy (“the policy”) describes how FinLaw collects, uses and shares the information you provide to us and the information we collect in the course of operating our business and in using our websites.

We may collect information from you through your use of this website, when you request information from us or engage with our legal or other services, or as a result of your relationship with one or more of our lawyers or otherwise in the course of our business.

References in this notice to “your information” are also to personal information that you provide to us or which we otherwise gather in the course of operating our business.


We may collect various types of personal data about you, including:

  • your personal identification information (which may include your name and passport information, your  IP address and personal data relating to claims, court cases and convictions, politically exposed person (PEP) status, personal data available in the public domain and such other information as may be necessary for FinLaw to provide its services and to complete its CDD process and discharge its AML/CFT obligations)
  • your contact information (which may include postal address and e-mail address and your home and mobile telephone numbers)
  • your family relationships (which may include your marital status, the identity of your spouse and the number of children that you have)
  • your professional and employment information (which may include your level of education and professional qualifications, your employment, employer’s name and details of directorships and other offices which you may hold)
  • financial information, sources of wealth and your assets (which may include details of your assets, sources of wealth, shareholdings and your beneficial interest in assets, your bank details and your credit history)
  • information about client matters which may include a wide range of personal information which may include (but may not be limited to) information about employment, health, family issues and relationships, regulatory status
  • we may also collect and process personal data regarding people connected to you, either by way of professional (or other) association or by way of family relationship
  • if you apply for a position with us we may collect personal information relating to your past employment, professional qualifications and education, your nationality and immigration/residential status, opinions from third parties about you (such as references) and other details about you which may be gathered during the recruitment process.  We may also review publicly available information about you on your social media accounts.


We collect your personal information from the following sources:

  • personal information which you give to us, such as:
    • such other forms and documents as we may request that are completed in relation to the administration/management of any of our services
    • information gathered through client due diligence carried out as part of our compliance with regulatory requirements
    • any personal information provided by way of correspondence with us by phone, e-mail or otherwise
  • personal information we receive from third party sources, such as:
    • our clients: in connection with matters upon which we are or may be instructed (for example where you are a counterparty to a transaction or an employee of one of our clients or where you are a witness in a dispute resolution matter)
    • entities in which you or someone connected to you has an interest
    • your legal and/or financial advisors
    • financial institutions who hold and process your personal information
    • credit reference agencies and financial crime databases for the purposes of complying with our regulatory requirements
    • personal information received in the course of dealing with advisors, regulators, official authorities and service providers by whom you are employed or engaged or for whom you act.


You are not required to provide any personal information on the public areas of our website; however you may choose to do so by completing any of the forms which are included on the following pages:

  • Landing page
  • Careers page
  • Contact us page.

In addition to the information you knowingly provide, FinLaw collects the domain names and IP addresses of its visitors, along with usage statistics, analytics and browsing history. This data is used to promote our services. Please see our cookies policy for more details about this. You may also provide us with personal information if you contact us by email, telephone or letter.


At FinLaw we are committed to protecting and respecting your privacy. We provide legal, corporate and other professional services to our clients and we use your personal data for those purposes. Normally the purposes for which we use your personal data will be clear when we collect that data. We will not use your personal data for purposes that are not clear when we collect that data and will only use your personal information to:

  • conduct administrative or operational processes within our business
  • provide and improve our legal and other services
  • compile anonymous statistics, for example website usage statistics
  • perform a contract which we may have with you
  • comply with our legal and regulatory obligations
  • to establish, exercise or defend the legal rights of FinLaw or for the purpose of legal proceedings
  • process and respond to requests, enquiries or complaints received from you or someone connected to you
  • send you marketing material (e.g., client briefings and legal updates)
  • provide you with personalised content
  • invite you to events
  • for other legitimate business purposes
  • to review and process your application should you apply for a position with us.


Within FinLaw

We share personal information within FinLaw’s international network.

As a result, your personal information may be transferred to locations outside Europe as well as within it for the purposes described above.

Outside of FinLaw

We may also share your personal information outside FinLaw. This may include disclosures to:

  • third party agents, suppliers or contractors, in connection with the processing of your personal information for the purposes described in this policy, which may include, but is not limited to:
    • IT and communications service providers
    • our own advisers such as auditors and accountants and any external legal advisors which we may instruct from time to time
  • third parties relevant to the legal and other services that we provide, which may include, but is not limited to:
  • counterparties to transactions or litigation (including law firms acting for other parties)
    • other professional service providers
    • regulators
    • law enforcement agencies
    • governmental institutions
    • tribunals and courts
  • to the extent required by law, regulation or court order, for example if we are under a duty to disclose your personal information in order to comply with any legal obligation such as our AML/CFT obligations
  • we may disclose your personal information for the purposes of seeking references and confirmation of the details which you have provided should you apply for a position with us.


Where we transfer your personal information outside the European Economic Area (the “EEA”), we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the information. This can be done in a number of different ways, for instance:

  • the country to which we send the personal information may have been assessed by the European Commission as providing an “adequate” level of protection for personal data (this includes Jersey)
  • the recipient may have signed a contract based on standard contractual clauses approved by the European Commission

In other circumstances, the law may permit us to otherwise transfer your personal information outside the EEA. In all cases, however, any transfer of your personal information will be compliant with applicable data protection law.

You can obtain more details of the protection given to your personal information when it is transferred outside Europe by contacting us using the details set out below.


We may ask whether you wish to receive marketing from us and this will be presented to you as an option on the relevant application form or page on our website where necessary. We may also contact you by email or other means to inform you about other services or events which may be of interest to you.

You have the right at any time to stop us from contacting you for marketing purposes. If you wish to do so, please either unsubscribe or contact website@localhost

Retention of personal information and security

Your personal information will be retained for as long as required:

  • for the purposes for which the personal information was collected
  • in order to establish or defend legal rights or obligations or to satisfy any reporting or accounting obligations
  • as required by data protection laws and any other applicable laws or regulatory requirements.

We will ensure that the personal information that we hold is subject to appropriate security measures.


You have the following rights in respect of the personal information about you that we process:

  • the right to access and port personal information
  • the right to rectify personal information
  • the right to restrict the use of personal information
  • the right to request that personal information is erased
  • the right to object to processing of personal information.

You also have the right to lodge a complaint about the processing of your personal information either with us, with the Office of the Isle of Man’s Information Commissioner who can be contacted at www.inforights.im

Where we have relied on consent to process your personal information, you have the right to withdraw consent at any time.

If you wish to exercise any of the rights set out above, please contact our group information security and data protection officer at dataprotection@localhost


Please let us know as soon as possible if any of your personal information changes (including your correspondence details). Failure to provide accurate information or to update information when it changes may have a detrimental impact upon our ability to provide services to you.


If you have any questions in relation to this notice please contact our group information security and data protection officer at one of the addresses listed below or by emailing dataprotection@localhost


We may change this policy from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes. We last updated this policy on July 2019.