Privacy policy
Protecting the privacy of Related Parties1 is very important to us. In the following, we outline the basis on which we collect and process personal data, for what purposes we use and disclose your personal data and your rights in respect of your personal data.
I. General information about data processing
1. The basis for processing personal data
In order to be able to provide our Services 2, to adhere to our legal obligations in accordance with the Liechtenstein Due Diligence Act and Ordinance (“DDA“ and “DDO“) and to protect our legitimate interests (e.g. continuation of the delivery of newsletters to existing customers, provided there is no revocation), we, the Griffin Group3, process personal data that we obtain from our Related Parties.
In doing so, as a responsible organisation, we comply with the European General Data Protection Regulation ( “GDPR”4 ) and the Liechtenstein Data Protection Act.
2. What personal data we process
In our data directories, the following personal data categories are processed in accordance with Art. 4 No. 1 GDPR in order to fulfill our activities within the scope of the purposes listed under number 1:
- Client and address data: Name, company, date of birth, private and / or business address, nationality, profession, telephone number, email address, bank account details;
- Identification data: identification documents, etc. Copies of passports or ID cards, utility bills, tax numbers, death certificates; authentication data, including Specimen signatures;
- Due diligence documents: Contractual partner, identification of the beneficial owner, profile of the business relationship with information about the professional and personal background (e.g. profession, source of wealth), World Check data, clarifications according to DDA/DDO;
- Correspondence: client orders, general; and
- Tax reporting data: ATCA, AIA, LDF and other relevant reports
To the extent necessary to meet our obligations under the DDA and the DDO and to provide our Services, we may obtain further information from publicly available sources, (e.g. registers, commercial and association registers, press, internet).
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
3. How we collect personal data
Personal data that we process is obtained from various sources, including but not limited to:
- Information you provide to us from time to time;
- Information about you provided to us by the contracting party acting on your behalf (e.g. your company or an intermediary);
- When you communicate with us by telephone, fax, email or other forms of electronic communication ;
- Our client on-boarding forms;
- Other companies in the Griffin Group;
- Your agents, advisers, intermediaries, and custodians of your assets;
- To the extent necessary to meet our obligations under the GDPR, the DDA and the DDO and to provide our Services, we may obtain further information from publicly available sources, (e.g. registers, commercial and association registers, debt directories, press, internet).
4. How we protect personal data
We protect your personal data through appropriate technical and organizational security measures and store them electronically on secure servers and physically in secure premises.
5. Who we disclose or transfer personal data to
Please note that we will not transfer any data to a third party unless required by law (e.g. under the Common Reporting Standards) or required in the course of providing our Services to you (e.g. providing information to advisors, banks and lawyers, amongst others in order to facilitate transactions that we are undertaking on your behalf or enable them to comply with their own due diligence laws.
6. How long we store personal data
Any data that we hold about you will be stored as long as our relationship exists and thereafter for further 10 years.
7. What your rights are in respect of personal data
We would like to inform you that under the GDPR, you have the following rights:
- the right to access according to Article 15 of the GDPR,
- the right to rectification according to Article 16 of the GDPR,
- the right to erasure according to Article 17 of the GDPR, the right to restrict processing according to Article 18 of the GDPR, the right of object according to Article 21 of the GDPR,
- if applicable – the right to data portability according to Article 20 of the GDPR.
- You may at any time lodge a complaint with the responsible data protection authority under Article 77 of the GDPR. More information in this regard can be found here: https://www.llv.li/#/1758/datenschutzstelle
The above rights may be subject to special laws in Liechtenstein (such as the DDA and the DDO) and we may be entitled to refuse requests where exceptions apply.
8. Our Data Protection Officer
The person responsible within the meaning of the General Data Protection Regulation (DSGVO) is:
Griffin Group Foundation
T: +423 237 69 00
F: +423 237 69 10
W: www.griffin.li
Landstrasse 40, 9495 Triesen, Liechtenstein
The corporate data protection officer of the Griffin Group is contactable under the above mentioned address. Please direct your queries to the data protection officer at the address mentioned above or via email to dataprotection@griffin.li.
II. Use of our Website
1. Analysis tools and tools provided by third parties
There is a possibility that your browsing patterns will be statistically analysed when your visit this website. Such analyses are performed primarily with cookies and with what we refer to as analysis programmes. As a rule, the analyses of your browsing patterns are conducted anonymously; i.e. the browsing patterns cannot be traced back to you.
You have the option to object to such analyses or you can prevent their performance by not using certain tools. For detailed information about the tools and about your options to object, please consult our Data Protection Declaration below.
2. Hosting and Content Delivery Networks (CDN)
This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.
3. Execution of a contract data processing agreement
In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.
4. SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
5. Visitor and usage data
Each time our website is accessed, our system automatically collects data and information from the accessing computer system.
The following data is collected here:
- Information about the browser type and version used
- The operating system of the user
- The Internet service provider of the user
- The IP address of the user
- Date and time of access
- Internet pages from which the user’s system accesses our website
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.
Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details please click the following link: https://support.google.com/analytics/answer/7667196?hl=en
6. Cookies
Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them or they are automatically eradicated by your web browser.
In some cases it is possible that third party cookies are stored on your device once you enter our site (third party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g. cookies for the processing of payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g. the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.
Cookies that are required for the performance of the electronic communications transaction or to provide certain functions you want to use (e.g. the shopping cart function), are stored on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically error free and optimised provision of the operator’s services. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
In the event that third party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.
7. Archiving period
Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details please click the following link: https://support.google.com/analytics/answer/7667196?hl=en
8. Browser plug-in
You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
9. Google Web Fonts
To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts.
To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If a respective declaration of consent has been obtained (e.g. consent to the archiving of cookies), the data will be processed exclusively on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such consent may be revoked at any time.
If your browser should not support Web Fonts, a standard font installed on your computer will be used.
For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.
10. Data security in relation to our website
We use state of the art encryption supported by your browser during the visit to the website. Whether a single page of our website is transmitted encrypted, you can tell by the closed representation of the key or lock icon in the address bar of your browser.
1 “Related Parties“ means: Contracting Partners, Founders of Foundations, Institutions and Companies, Settors and Protectors of Trusts and Beneficiaries, Directors of Mandates, Persons who exercise control over companies that we administer, advisors, amongst others
2 “Services“ means a) company formation, management, administration, (b) provision of registered agent services, company secretarial services, nominee directors or shareholders, (c) bank or brokerage introductions, (d) trustee, board of foundation, advisory and other related services provided by Griffin Trust to Related Parties.
3 “Griffin Group“ means: Griffin Trust AG, Griffin Trust Services AG and Griffin Corporate Services Ltd.
4 Further information in this regard can be found here: https://ec.europa.eu