![]() |
![]() |
|||
Privacy Policy
|
||||
![]() ![]() |
Who are we? Each category of data subject may have different processing purposes, lawful bases, and retention periods, as set out in separate sections below. What Personal Data do we process? We process your personal data only where a lawful basis applies and only for the purposes stated in our Records of Processing Activities and your Investment Management Agreement. These are:
We do not rely on consent for our core investment management services. If we introduce new purposes or legal bases, we will update this notice before processing begins. You have the right to object to processing based on legitimate interests at any time. If you object, we will stop processing unless we can demonstrate compelling lawful grounds.
We process your personal data only for the purposes agreed in your Investment Management Agreement and documented in our Data Matrix. These obligations may require us to collect and share certain information with regulators and tax authorities:
All client Personal Data is accessible by all our staff in the Jersey office. We share data only with third parties who process data on our behalf to provide us or clients with services for the purposes outlined above. Contractual arrangements are in place for data sharing and protection with these third parties as relevant. The third parties include:
We only share information where it is necessary to facilitate the provision of investment services to the client and we will not share clients’ Personal Data with, or sell to, any third parties for the purpose of marketing, data analysis, profit or any other reason. There is no client Personal Data stored on the website, nor can it be accessed via the website. Meridian does not collect information, for example, through the use of ‘cookies’, when you visit the website. What security precautions are in place to protect the loss, misuse or alteration of Personal Data? We apply a risk-based approach to protecting personal data, considering:
In the event of a high-risk breach, we will notify affected individuals and the Jersey Office of the Information Commissioner within legal timeframes. What would Meridian do in the event of a data breach? In the event of certain types of Personal Data breach, Meridian will inform the Jersey Office of the Information Commissioner within 72 hours. A breach is defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed. Meridian has an internal process to deal with all breaches which covers informing affected individuals about a breach which is likely to adversely affect th For how long is Personal Data retained? We retain personal data for 10 years after the termination of our client relationship. Where records are co-mingled with other clients’ data, we retain them for the period required by applicable legal obligations, such as anti-money laundering laws, which may require retention for up to 15 years. After this period, all records are securely destroyed. What are Clients’ Rights regarding Personal Data? The rights of clients regarding the use of their Personal Data are set out in Section 6 of the Data Protection (Jersey) Law 2018:
What are our Privacy Governance arrangements? We have appointed a Privacy Lead to oversee compliance with data protection laws and best practice, including:
If you have any questions regarding this notice, your Personal Data, or, in the context of your relationship with Meridian, any other aspect of the Data Protection (Jersey) Law 2018 then please contact our Privacy Lead Neil Macfarlane by email: info@meridian.co.je or telephone: 01534 733663. Meridian will provide copies of Personal Data within 4 weeks of receipt of a Data Subject Access Request unless an extension is applied in accordance with Data Protection (Jersey) Law 2018. If you are unsatisfied with Meridian’s response to any queries, concerns or subject right’s requests, you have the right to complain to: The Jersey Office of the Information Commissioner Email: enquiries@jerseyoic.org
Privacy Notice - Job Applicants When you apply for a role with Meridian Asset Management, we collect and process personal data provided in your application, CV, and any supporting documents. This may include your contact details, employment history, qualifications, and references. We process this information to assess your suitability for the role, conduct interviews, and make recruitment decisions. The lawful basis for processing is our legitimate interests in recruiting qualified personnel, and where applicable, compliance with legal obligations. We may share your information with recruitment agencies or referees you have nominated. Data will be retained for six months after the recruitment process ends, unless you become an employee, in which case it will form part of your personnel file. Privacy Notice Review We review and update this privacy notice whenever our processing activities change and at least once every 12 months. Updates are linked to our formal Records of Processing Activities review process to ensure accuracy and compliance. The most recent review was completed on 23rd March 2026
© Meridian 2026 |
|||