Privacy policy

Protecting the privacy of Related Parties1 is very important to us. In the following, we outline the basis on which we collect and process personal data, for what purposes we use and disclose your personal data and your rights in respect of your personal data.

I. General information about data processing
1. The basis for processing personal data

In order to be able to provide our Services 2, to adhere to our legal obligations in accordance with the Liechtenstein Due Diligence Act and Ordinance (“DDA“ and “DDO“) and to protect our legitimate interests (e.g. continuation of the delivery of newsletters to existing customers, provided there is no revocation), we, the Griffin Group3, process personal data that we obtain from our Related Parties.

In doing so, as a responsible organisation, we comply with the European General Data Protection Regulation ( “GDPR”4 ) and the Liechtenstein Data Protection Act.

2. What personal data we process

In our data directories, the following personal data categories are processed in accordance with Art. 4 No. 1 GDPR in order to fulfill our activities within the scope of the purposes listed under number 1:

  • Client and address data: Name, company, date of birth, private and / or business address, nationality, profession, telephone number, email address, bank account details;
  • Identification data: identification documents, etc. Copies of passports or ID cards, utility bills, tax numbers, death certificates; authentication data, including Specimen signatures;
  • Due diligence documents: Contractual partner, identification of the beneficial owner, profile of the business relationship with information about the professional and personal background (e.g. profession, source of wealth), World Check data, clarifications according to DDA/DDO;
  • Correspondence: client orders, general; and
  • Tax reporting data: ATCA, AIA, LDF and other relevant reports

To the extent necessary to meet our obligations under the DDA and the DDO and to provide our Services, we may obtain further information from publicly available sources, (e.g. registers, commercial and association registers, press, internet).

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

3. How we collect personal data

Personal data that we process is obtained from various sources, including but not limited to:

  • Information you provide to us from time to time;
  • Information about you provided to us by the contracting party acting on your behalf (e.g. your company or an intermediary);
  • When you communicate with us by telephone, fax, email or other forms of electronic communication ;
  • Our client on-boarding forms;
  • Other companies in the Griffin Group;
  • Your agents, advisers, intermediaries, and custodians of your assets;
  • To the extent necessary to meet our obligations under the GDPR, the DDA and the DDO and to provide our Services, we may obtain further information from publicly available sources, (e.g. registers, commercial and association registers, debt directories, press, internet).
4. How we protect personal data

We protect your personal data through appropriate technical and organizational security measures and store them electronically on secure servers and physically in secure premises.

5. Who we disclose or transfer personal data to

Please note that we will not transfer any data to a third party unless required by law (e.g. under the Common Reporting Standards) or required in the course of providing our Services to you (e.g. providing information to advisors, banks and lawyers, amongst others in order to facilitate transactions that we are undertaking on your behalf or enable them to comply with their own due diligence laws.

6. How long we store personal data

Any data that we hold about you will be stored as long as our relationship exists and thereafter for further 10 years.

7. What your rights are in respect of personal data

We would like to inform you that under the GDPR, you have the following rights:

  • the right to access according to Article 15 of the GDPR,
  • the right to rectification according to Article 16 of the GDPR,
  • the right to erasure according to Article 17 of the GDPR, the right to restrict processing according to Article 18 of the GDPR, the right of object according to Article 21 of the GDPR,
  • if applicable – the right to data portability according to Article 20 of the GDPR.
  • You may at any time lodge a complaint with the responsible data protection authority under Article 77 of the GDPR. More information in this regard can be found here:

The above rights may be subject to special laws in Liechtenstein (such as the DDA and the DDO) and we may be entitled to refuse requests where exceptions apply.

8. Our Data Protection Officer

The person responsible within the meaning of the General Data Protection Regulation (DSGVO) is:

Griffin Group Foundation
T: +423 237 69 00
F: +423 237 69 10
Landstrasse 36, 9495 Triesen, Liechtenstein

The corporate data protection officer of the Griffin Group is contactable under the above mentioned address. Please direct your queries to the data protection officer at the address mentioned above or via email to

II. Use of our Website
1. Analysis tools and tools provided by third parties

There is a possibility that your browsing patterns will be statistically analysed when your visit this website. Such analyses are performed primarily with cookies and with what we refer to as analysis programmes. As a rule, the analyses of your browsing patterns are conducted anonymously; i.e. the browsing patterns cannot be traced back to you.

You have the option to object to such analyses or you can prevent their performance by not using certain tools. For detailed information about the tools and about your options to object, please consult our Data Protection Declaration below.

2. Hosting and Content Delivery Networks (CDN)

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f DSGVO).

Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

3. Execution of a contract data processing agreement

In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.

4. SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.

If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

5. Visitor and usage data

Each time our website is accessed, our system automatically collects data and information from the accessing computer system.

The following data is collected here:

  • Information about the browser type and version used
  • The operating system of the user
  • The Internet service provider of the user
  • The IP address of the user
  • Date and time of access
  • Internet pages from which the user’s system accesses our website

This data is not merged with other data sources.

This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.

Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details please click the following link:

6. Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses so-called cookies. Cookies are text files, which are stored on your computer and that enable an analysis of the use of the website by users. The information generated by cookies on your use of this website is usually transferred to a Google server in the United States, where it is stored.

The storage of Google Analytics cookies and the utilization of this analysis tool are based on Art. 6 Sect. 1 lit. f GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator’s advertising activities. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

The data collected by Google may be transmitted by Google to countries outside the EU and the EEA, in particular the United States. However, Google has submitted to the Privacy Shield Framework. More information on your rights can be found at

In addition, on this website, we have activated the IP anonymization function. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyse your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR.

For more information, please contact Google directly, especially at the following links:

You have the option to prevent the recording of your data by Google Analytics by clicking on the following link. This will result in the placement of an opt out cookie, which prevents the recording of your data during future visits to this website:

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration:

7. Cookies

Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them or they are automatically eradicated by your web browser.

In some cases it is possible that third party cookies are stored on your device once you enter our site (third party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g. cookies for the processing of payment services).

Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g. the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.

Cookies that are required for the performance of the electronic communications transaction or to provide certain functions you want to use (e.g. the shopping cart function), are stored on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically error free and optimised provision of the operator’s services. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.

In the event that third party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.

8. Archiving period

Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details please click the following link:

9. Browser plug-in

You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link:

10. Google Web Fonts

To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts.

To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If a respective declaration of consent has been obtained (e.g. consent to the archiving of cookies), the data will be processed exclusively on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such consent may be revoked at any time.

If your browser should not support Web Fonts, a standard font installed on your computer will be used.

For more information on Google Web Fonts, please follow this link: and consult Google’s Data Privacy Declaration under:

11. Data security in relation to our website

We use state of the art encryption supported by your browser during the visit to the website. Whether a single page of our website is transmitted encrypted, you can tell by the closed representation of the key or lock icon in the address bar of your browser.

1 “Related Parties“ means: Contracting Partners, Founders of Foundations, Institutions and Companies, Settors and Protectors of Trusts and Beneficiaries, Directors of Mandates, Persons who exercise control over companies that we administer, advisors, amongst others

2 “Services“ means a) company formation, management, administration, (b) provision of registered agent services, company secretarial services, nominee directors or shareholders, (c) bank or brokerage introductions, (d) trustee, board of foundation, advisory and other related services provided by Griffin Trust to Related Parties.

3 “Griffin Group“ means: Griffin Trust AG, Griffin Trust Services AG and Griffin Corporate Services Ltd.

4 Further information in this regard can be found here:

Liechtenstein   Switzerland   Abu Dhabi Global Market