This notice (Privacy Notice) applies to personal information held by Omega Financial Services (Jersey) (“Omega”) as data controller, as described below.
It explains what information will be collected about you, how that information may be used, who it may be shared with, and the circumstances when it may be shared and what steps will be taken to make sure it stays private and secure.
It continues to apply even if your agreement for products and services with Omega ends.
It should also be read alongside the Terms of Business which you have received, as these include sections relating to the use and disclosure of information.
This Privacy Notice covers any personal products or services you have with us.
Sometimes we may need to provide you with separate or further information about specific products and services.
Some of the links on our websites lead to other websites with their own privacy notices, which may be different to this notice.
You need to make sure you are happy with their privacy notices when using those other sites.
Wherever the words ‘you’ or ‘your’ have been used, this means you, any authorised person on your account, anyone who deals with us for you (e.g. trustees or executors, attorneys under a Power of Attorney) and other related people (including authorised signatories, partners, members and trustees).
When we have used the word ‘we’, this means Omega act as a data controller in respect of your personal data. Unless otherwise stated below, the data controller for the purposes of this notice will be Omega, a company incorporated in Jersey Channel Islands.
The registered office of Omega is:
3 Mulcaster Street
Telephone: +44 (0)1534 634028
Facsimile: +44 (0)1534 634878
What information will be collected?
We will only collect your information in line with relevant regulations and law. We may collect it from a range of sources and it may relate to any of our products or services we currently provide or have provided in the past. We may also collect information about you when you interact with us, e.g. visit our websites, call us or visit our office, or ask about any of our products and services. Some of it will come directly from you, e.g. when you provide Identification documents to conduct business.
We might also acquire it from publicly available sources. The type of information collected will differ depending on the services which have been provided to you.
The information we collect may include:
Information that you provide to us, e.g.:
- Personal details, such as name, previous names, gender, date and place of birth;
- contact details, address, email address, landline and mobile numbers;
- information concerning your identity such as photo ID and passport information;
- other information about you that you provide by completing forms or by communicating with us, whether face-to-face, by phone, email, online or otherwise;
Information we collect or generate about you:
- your financial information and information about your relationship with us, including the products and services you hold, your ways of interacting with us, information concerning complaints and disputes;
- information we use to identify and authenticate you, e.g. your signature and additional information that we receive from external sources that we need for compliance purposes;
- information included in customer documentation, such as a record of advice that we may have given you;
- marketing and sales information, this may include details of the services you receive and your preferences;
- risk rating information, such as transactional behaviour and underwriting information;
- investigations data, e.g. due diligence checks, sanctions and anti-money laundering checks, external intelligence reports, content and metadata related to relevant exchanges of information between and among individuals, organisations, including emails, voicemail, live chat;
- records of correspondence and other communications between us, including email, live chat, instant messages and social media communications;
- information that we need to support our regulatory obligations, e.g. information about transaction details, detection of any suspicious and unusual activity and information about parties connected to you or these activities.
Information we collect from other sources, e.g.:
- information about your accounts or holdings with other companies, including transaction information;
- information from third party providers, e.g. information that helps us to combat fraud or that relates to your social interactions (including your communications via social media, between individuals, organisations, prospects and other stakeholders acquired from companies that collect combined information);
How we use your information
We’ll only use your information where we have your consent or we have another lawful reason for using it.
These reasons include where we:
- need to pursue our legitimate interests;
- need to process the information to enter into or carry out an agreement we have with you;
- need to process the information to comply with a legal obligation;
- believe the use of your information as described is in the public interest, e.g. for the purpose of preventing or detecting crime;
- need to establish, exercise or defend our legal rights; or
The reasons we use your information include to:
- deliver our products and services;
- carry out your instructions;
- manage our relationship with you, including (unless you tell us otherwise) telling you about products and services we think may be relevant for you;
- understand how you use your accounts and services;
- prevent or detect crime, including fraud and financial crime, e.g. financing for terrorism and human trafficking;
- investigate and resolve complaints;
- ensure security and business continuity;
- risk management;
- implement product and service improvement;
- protect our legal rights and comply with our legal obligations;
- correspond with solicitors, surveyors, valuers, other lenders, conveyancers and third party intermediaries;
- undertake system or product development and planning, insurance, audit and administrative purposes.
Further details of how we’ll use your information can be found in the Appendix below.
How we make decisions about you
We may use automated systems to help us make decisions, e.g. to carry out fraud and money laundering checks. We may use technology that helps us identify the level of risk involved in customer or account activity.
You may have a right to certain information about how we make these decisions. You may also have a right to request human intervention and to challenge the decision. More details can be found in the ‘Your rights’ section below.
Tracking or recording what you say or do
We may record and keep track of conversations you have with us, including phone calls, face-to face meetings, letters, emails, live chats, video chats and any other kinds of communication. We may use these recordings to check your instructions to us, assess, analyse and improve our service, train our people, manage risk or to prevent and detect fraud and other crimes. We may also capture additional information about these interactions, e.g. telephone numbers that you call us from and information about the devices or software that you use. We may use closed circuit television (CCTV) in and around our sites and these may collect photos or videos of you, or record your voice.
Compliance with laws and regulatory compliance obligations
We’ll use your information to meet our compliance obligations, to comply with other laws and regulations, and to share with regulators and other authorities that Omega are subject to. This may include using it to help detect or prevent crime (including terrorism financing, money laundering and other financial crimes). We will only do this on the basis of complying with a legal obligation, it is in our legitimate interests and that of others, or to prevent or detect unlawful acts.
We may use your information to provide you with details about Omega products and services, and also products and services from our partners and other relevant third parties. We may send you marketing messages by post, email, telephone, text or secure messages. You can change your mind on how you receive marketing messages or choose to stop receiving them at any time. To make that change, please contact us in the usual way.
If you ask us not to send you marketing, it may take us a short period of time to update our systems and records to reflect your request, during which time you may continue to receive marketing messages. Even if you tell us not to send you marketing messages, we will continue to use your contact details to provide you with important information, such as changes to your terms and conditions or if we need to tell you something to comply with our regulatory obligations.
Who we might share your information with
We may share your information with others where lawful to do so, including where we or they:
- need to in order to provide you with products or services you have requested;
- have a public or legal duty to do so, e.g. to assist with detecting and preventing fraud, tax evasion and financial crime;
- need to in connection with regulatory reporting, litigation or asserting or defending legal rights and interests;
- have a legitimate business reason for doing so, e.g. to manage risk, verify your identity, enable another company to provide you with services you’ve requested, or assess your suitability for products and services;
- have asked you for your permission to share it, and you have agreed.
We may share your information for these purposes with others, including:
- any joint account holders, trustees, beneficiaries, administrators or executors;
- people who give guarantees or other security for any amounts you owe us;
- people you make payments to and receive payments from;
- your beneficiaries, intermediaries, correspondent and agent banks, clearing houses, clearing or settlement systems, market counterparties and any companies you hold securities in through us, e.g. stocks, bonds or options;
- other financial institutions, lenders and holders of security, tax authorities, trade associations, credit reference agencies, payment service providers and debt recovery agents;
- any fund managers who provide asset management services to you and any brokers who introduce you to us or deal with us for you;
- any entity that has an interest in the products or services that we provide to you, including if they take on the risk related to them;
- any people or companies where required in connection with potential or actual corporate restructuring, merger, acquisition or takeover, including any transfer or potential transfer of any of our rights or duties under our agreement with you;
- law enforcement, government, courts, dispute resolution bodies, our regulators, auditors and any party appointed or requested by our regulators to carry out investigations or audits of our activities;
- other parties involved in any disputes, including disputed transactions;
- fraud prevention agencies who’ll also use it to detect and prevent fraud and other financial crime and to verify your identity;
- anyone who provides instructions or operates any of your accounts, products or services on your behalf, e.g. Power of Attorney, solicitors, intermediaries, etc;
- anybody else that we’ve been instructed to share your information with by either you, a joint account holder or anybody else who provides instructions or operates any of your accounts on your behalf;
Sharing aggregated or anonymised information
We may share aggregated or anonymised information, within and outside of Omega, with partners such as research groups. You will not be able to be identified from this information.
How long we’ll keep your information
We keep your information in line with our data retention policy. For example, we’ll normally keep your core for a period of ten years from the end of our relationship with you. This enables us to comply with legal and regulatory requirements or use it where we need to for our legitimate purposes, such as managing your account and dealing with any disputes or concerns that may arise. We may need to retain your information for a longer period, where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate purposes, e.g. to help us respond to queries or complaints, fighting fraud and financial crime, responding to requests from regulators, etc. If we don’t need to retain information for this period of time, we may destroy, delete or anonymise it more promptly.
Transferring your information overseas.
Your information may be transferred to and stored in locations outside of Jersey and the European Economic Area (EEA), including countries that may not have the same level of protection for personal information as Jersey and the EEA do. When we do this, we’ll ensure it has an appropriate level of protection and that the transfer is lawful. We may need to transfer your information in this way to carry out our contract with you, to fulfil a legal obligation, to protect the public interest and / or for our legitimate interests. In some countries the law might compel us to share certain information, e.g. with tax authorities. Even in these cases, we will only share your information with people who have the right to see it. You can obtain more details of the protection given to your information when it’s transferred outside of Jersey and the EEA by contacting us using the details in the ‘More details about your information’ section below.
You have a number of rights in relation to the information that we hold about you. These rights include:
- the right to access information we hold about you and to obtain information about how we process it;
- in some circumstances, the right to withdraw your consent to our processing of your information, which you can do at any time. We may continue to process your information if we have another legitimate reason for doing so;
- in some circumstances, the right to receive certain information you have provided to us in an electronic format and / or request that we transmit it to a third party;
- the right to request that we rectify your information if it’s inaccurate or incomplete;
- in some circumstances, the right to request that we erase your information. We may continue to retain your information if we’re entitled or required to retain it;
- the right to object to, and to request that we restrict, our processing of your information in some circumstances. Again, there may be situations where you object to, or ask us to restrict, our processing of your information, but we are entitled to continue processing your information and/or to refuse that request.
You can exercise your rights by contacting us using the details set out in the ‘More details about your information’ section below.
You also have a right to complain to the data protection regulator in the country where you live or work.
In Jersey this is the Office of the Information Commissioner whose website address is www.dataci.je
Fraud Prevention Agencies
We may carry out checks with fraud prevention agencies for the purposes of preventing fraud and money laundering, and to verify your identity before we provide products and services to you.
These checks require us to process personal information about you. The personal information you provide or which we have collected from you, or received from third parties, will be used to carry out these checks in order to prevent fraud and money laundering, and to verify your identity.
We will process personal information, such as your name, address, date of birth, contact details, financial information, employment details, and device identifiers e.g. IP address. We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime. We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering and to verify your identity. This enables us to protect our business and to comply with laws that apply to us. This processing is also a contractual requirement of any of our products or services you use. Fraud prevention agencies can hold your personal data for different periods of time. If they are concerned about a possible fraud or money laundering risk, your data can be held by them for up to six years.
Consequences of Processing
If we, or a fraud prevention agency, have reason to believe there is a fraud or money laundering risk, we may refuse to provide the services you have requested. We may also stop providing existing products and services to you. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services to you. To find out more about fraud prevention agencies and how they manage your information, please visit https://www.cifas.org.uk/privacy-notice.
What we need from you
You are responsible for making sure the information you give us is accurate and up to date, and you must tell us if anything changes as soon as possible. If you provide information for another person (for example, a joint account holder, a beneficiary under an insurance policy or a dependant), you will need to direct them to this notice. If we need that person’s consent, we will ask you to confirm that you have obtained such consent.
How we keep your information secure
We use a range of measures to keep your information safe and secure, which may include encryption and other forms of security. We require our staff and any third parties who carry out any work on our behalf to comply with appropriate compliance standards, including obligations to protect any information and applying appropriate measures for the use and transfer of information.
More details about your information
If you would like further information on anything contained within this Privacy Notice, or to contact our Data Protection Officer, contact us at
3 Mulcaster Street
addressed ‘for the attention of the DPO’. This Privacy Notice may be updated from time to time and the most recent version can be found at www.omega.je
Appendix – How we process your information
We will use your information for purposes including:
- To deliver our products and services (including insurance): administer your accounts, or process your transactions. We will do this in order to perform our contract with you;
- To prevent and detect crime, including e.g. fraud, terrorist financing and money laundering: this will include monitoring, mitigation and risk management, carrying out customer due diligence, name screening, transaction screening and customer risk identification. We do this to comply with our legal obligations and because it is in our legitimate interest. We may share your information with relevant agencies, law enforcement and other third parties where the law allows us to for the purpose of preventing or detecting crime. Additionally, we and other financial institutions may take steps to help prevent financial crime and manage risk. We will do this because we have a legitimate interest, a legal obligation to prevent or detect crime or it’s in the public interest. We may be required to use your information to do this, even if you’ve asked us to stop using your information.
That could include (among other things):
– screening, intercepting and investigating any , instructions or communications you send or receive;
– passing information to relevant agencies if we think you have given us false or inaccurate information, or we suspect criminal activity;
- Risk management: we’ll use your information to measure, detect and prevent the likelihood of financial, reputational, legal, compliance or customer risk. We will do this because we have a legitimate interest in ensuring that we carry out a proper risk assessment prior to providing credit, insurance or other finance;
- Product and service improvement: we’ll analyse your information to identify possible service and product improvements. The lawful basis for processing your information for this purpose is our legitimate interest. We do this to improve our products and services to best meet the needs of our customers;
- Data analytics for tailored services: we will analyse your information to identify relevant opportunities to promote products and services to existing or prospective customers. This may include reviewing historical customer transactional behaviour or comparison of customer activity. We do this to help us provide you with products and services we think will be of most relevance to you. The lawful basis for using your information in this way is our legitimate interest;
- Marketing: we will use your information to provide you with information about Omega products and services, and also products and services from our partners and other relevant third parties. The lawful basis for this is our legitimate interest. We may need your consent to communicate by certain channels and we will always make sure we get this where we need to. You can change your mind on how you receive marketing messages or choose to stop receiving them at any time. To make that change, contact us in the usual way;
- Protecting our legal rights: we may need to use your information to protect our legal rights, e.g. in the case of defending or the protection of legal rights and interests; court action; managing complaints or disputes. This may be in connection with action taken against you or other persons. We would do this on the basis that it’s in our legitimate interest.