International
Online Banking Investment Portal
Portfolio Online
Personal
Overview
Products and Services
Products and Services
Bank with us
International bank accounts
Borrow for your needs
Loans
Grow your money
Savings accounts
Investment solutions
Leaving a legacy
Fiduciary services
Ways to bank
Ways to bank
Learn more
Learn more
News
News
About us
About us
About Standard Bank Offshore
Report to society
Working at Standard Bank Offshore
Isle of Man
Jersey
Our offshore offices
Business
Overview
Products and services
Products and services
Bank with us
Bank accounts
Borrow for your needs
Loans
Grow your money
Savings accounts
Investment Solutions
Ways to bank
Ways to bank
Internet Banking Setup
Learn
Learn
News
News
Wealth
Contact us

Privacy statement

SBO Privacy Statement

Privacy Statement

The Standard Bank Group is an Africa-focused, client-led and digitally enabled financial services organisation. We provide comprehensive and integrated financial and finance-related solutions to our clients and operate across the African continent and internationally through our subsidiaries.

This Privacy Statement applies to all clients (as defined below) (“you, your”) of any company (a data controller) within the Standard Bank Offshore Group (“we, us, our”).

“Standard Bank Offshore Group” is the collective term for a group of companies that are based in Jersey, the Isle of Man and Mauritius, and which are ultimately jointly owned by Standard Bank Group Limited and Standard Bank Group International Limited. Details of the companies that comprise the Standard Bank Offshore Group and their contact details can be found at the end of this statement.

The relevant Standard Bank Offshore Group data controller(s) in respect to your personal data will, unless otherwise stated, always be the Standard Bank Offshore Group company(ies) with whom you:

  • a) have made an enquiry as regards the provision of one of our products and/or services but whose products and/or services you have not yet formally applied for; and/or
  • b) are presently applying to for the provision of one of our products and/or services; and/or
  • c) already have a formal written contract (either a letter of engagement, and/or terms and conditions, and/or a written agreement, and/or any other legally binding documentation) for that Standard Bank Offshore Group company(ies) to provide you personally with the products and/or services you require; or
  • d) if you do not have a formal written contract but are associated or connected (for example, as an ultimate beneficial owner, in some managerial capacity, or a protector of a trust), to a customer or non-natural customer or potential customer (for example, a trust, company, foundation or other non-natural customer) of a Standard Bank Offshore Group company(ies) then the Standard Bank Offshore Group data controller(s) in respect to your personal data will be the Standard Bank Offshore Group company(ies) which that customer or non-natural customer has either enquired of, and/or applied to, and/or has a formal written contract with (either a letter of engagement, and/or terms and conditions, and/or a written agreement of some description and/or any other legally binding documentation).

For the purposes of this Privacy Statement “client” is to be given its widest possible interpretation and includes, but is not limited to, any natural person being a past, present or prospective client or customer of a Standard Bank Offshore Group company for the provision of products and/or services. Client also includes any natural person associated with or connected to a non-natural past, present or prospective customer of a Standard Bank Offshore Group company and whose personal data that Standard Bank Offshore Group company collects and uses as a result of this association or connection. Client therefore includes any natural person associated with or connected to a trust, company, foundation, or any other legal or non-legal entity, structure or body to whom a Standard Bank Offshore Group company provides a product and/or service (for example, a human director, shareholder, account signatory, trustee, protector and beneficiary).

Due to the integrated nature of the Standard Bank Group business, clients whose primary business is with one entity of the Standard Bank Group are viewed as clients of the Standard Bank Group as a whole for client-centricity, information quality and risk management purposes.

The Standard Bank Group’s simplified legal structure highlights the major subsidiaries and businesses and can be viewed on its website at About us | Standard Bank

Regulation of data privacy and protection

As we operate in various countries and through various legal entities, we comply with the applicable data protection and privacy laws in each of these countries. Accordingly, the specific Standard Bank Offshore Group legal entity that is responsible for determining the purpose and means of processing your personal information (responsible party or controller), in other words the legal entity who holds the business relationship with you will not always be the same. It will be made clear to you when you use a banking channel (branch or digital) to take up a product or service, who the responsible party or data controller is.

What is the purpose and scope of this statement?

The purpose of this statement is to inform you about how we collect, use, store, make available, disclose, update, safeguard, destroy or otherwise deal with (process) your personal information (also referred to as personal data in some countries) and also to explain your rights relating to the privacy of your personal information and how the law protects you.

We may combine your personal information, available across the Group, and use the combined information for any of the purposes set out in this statement where we have lawful grounds for doing so. Your personal information may be processed in another country that does not provide you with the same data protection that the country of origin does, but we will only process in and transfer personal information to countries that we are satisfied will provide adequate data protection.

Protecting the privacy, confidentiality and security of your personal information is very important to us as it is critical for us to maintain your trust and act in the right way to meet your needs. We have therefore implemented Group-wide policies and procedures to ensure that your personal information is protected.

This Privacy Statement provides an overviews of:

  • the type of personal data we collect and use;
  • the purposes for which we use it (including whether you have an obligation to provide us with your personal data and any consequences of you not doing so);
  • how we collect your personal data;
  • where we keep your personal data;
  • how we keep your personal data secure;
  • who we disclose your personal data to and where those recipients are in countries outside of those of the Standard Bank Offshore Group how we safeguard those arrangements;
  • how long we keep your personal data for;
  • your rights in respect to your personal data and how you can exercise those rights; and
  • whether your personal data is subjected to any automated decision-making, including profiling, and information about the logic, the significance and envisaged consequences of that decision making for you.
What is personal information and what types of personal information do we collect?

Personal information is any information from which you can be identified. Depending on the nature and means of your enquiry and/or the product/service sought or provided then we will typically collect and use:

  • your contact information: your name (and any previous names); your home and/ or business address(es); your telephone number(s); email address(es); and any other contact information we reasonably require (eg social media accounts);
  • other personal data about you: your identity and/or passport documentation; proof of address documentation; source of wealth information; bank account, financial and tax information; transactional information on your accounts/ dealings, including financial behaviour, goals and needs; your marital status; your gender; date and place of birth; your occupation and income including employment history; your dependants;
  • your signature; photographs or other visual images of you such as CCTV footage; shareholder information such as number of shares and structure of shareholding; telephone conversations with our staff; and information you provide for secure passwords;
  • certain “special category/sensitive personal data”, by which we mean information relating to political opinions/exposure you or those closely related/ associated to you may have, trade union memberships held, criminal behaviour, and, in certain cases, ethnicity and health and disability related information; and
  • certain other personal data about you as collected by our cookies when you visit our web pages such as IP and geo location (see further explanation below and the cookies pop-up we use when you visit our applicable websites).
  • engagements with us including use of products or services, transactions, requests, queries, applications and complaints;
  • internal reports and other derivative data based on the personal information we collect;

The personal data mentioned above is an indicative list only and not exhaustive.

How do we collect your personal information?

We will collect personal information directly from you or by telephone or through online channels such as our website, mobile applications, Internet Banking or electronic messaging platforms.

We also collect personal information about you from other sources where lawful and reasonable, such as reputable third parties that you deal with or that the Standard Bank Offshore Group interacts with for the purposes of conducting its business. These third parties include:

  • Business partners (including partners and participating partners involved in reward programmes, campaigns or other business activity, joint-venture partners, social media and platform partners) or companies that we may acquire or that merge with us.
  • Service providers (including payment processors, card network providers, debt collection and tracing agencies, credit agencies and bureaux, electronic communication service providers, public and private data and data verification providers including data registries, aggregators, search engines, social media and marketing list providers).
  • Employers, advisers, agents, associates, assignees, concessionaries, successors in title, trustees, executors, curators and appointed third parties (including lawyers and contractors).
  • Government departments, regulatory authorities, courts of law and law enforcement agencies, ombudsmen and tax authorities.

If you are a third-party service provider, we may collect personal information about you as a data subject in order to ensure that the business relationship and matters relating to the agreement between you and us can be fulfilled. You warrant that, if you provide us with any personal information about other persons, such as employees, shareholders or your directors, you are authorised to share their personal information with us for purposes set out in this statement.

Providing your personal information to us is usually voluntary. However, it may be mandatory under certain circumstances, for example when you apply for products and/or services or to comply with anti-money laundering and tax reporting legislation. If you fail to provide us with your personal information when requested, we may not be able to provide the products or services to you or comply with our legal obligations.

Whenever you provide us with the personal information of third parties, you must inform them that you need to disclose their personal information to us. We will process the information in accordance with this statement.

 

Why do we process your personal information?

Our responsibilities to you are very important to us and we aim to provide you with personalised services to meet your needs. We may process your personal information for any of the reasons outlined below.

Contract requirements

We may need to process your personal information if we require it to conclude or perform under a contract or agreement with you for a product or service that you have applied for either with us or through our business partners with whom we have entered into a partnership, collaboration or alliance arrangement or for purposes of:

  • providing products and services to you that involve opening and maintaining your account, executing transactions, administering claims where applicable, collecting payments due to us by you, managing our risks and maintaining our overall relationship with you;
  • communicating with you regarding the products or services you have with us in order to ensure you always have the knowledge of the products and service we have available for you to make informed decisions about your banking and give you recommendations aligned to your needs;
  • providing you with further information that you request from us regarding the products or services you have with us.

 

Legal obligations

We may need to process your personal information for the following purposes:

  • To complete integrity and business conduct checks required for compliance purposes including due diligence and onboarding processes, monitoring and assurance reviews and conduct sanctions screening against any sanctions lists.
  • To comply with other risk management, regulatory and legislative requirements.
  • To comply with voluntary and mandatory codes of conduct and laws (for example, investment, banking, trust and corporate services and/or tax reporting laws) ; and
  • To detect, prevent and report theft, money laundering, terrorist financing, corruption or other potentially illegal activity, or activity that could lead to loss.

 

Legitimate Interest

The Standard Bank Offshore Group, after considering your personal fundamental rights and freedoms and determining that our/the third party’s legitimate interest is, on balance, or is not overridden by your rights and freedoms, may process your personal information as per the following:

  • The personal data is not sensitive/ special category data;
  • Maintain, monitor, improve and develop our business policies, systems and controls;
  • Maintain and improve data quality;
  • Design, develop and test products, services and solutions for clients, which may include combining sources and types of your personal information across multiple legal entities and countries, subject to compliance with applicable laws;
  • Personalise and customise products, services and solutions, messaging and advertising;
  • Respond to client enquiries and communications and to record these interactions for the purpose of analysis and improvement;
  • Manage business emergencies and stress events;
  • Process and settle transactions and payments;
  • Meet record-keeping obligations;
  • Conduct research and analysis (among other things, to assess product suitability, credit quality, insurance risks, market risks and affordability, to conduct behavioural profiling, to develop credit models and tools and to obtain related information);
  • Enable clients to use value-added solutions and participate in reward programmes
  • prevention and detection of crime, including fraud; and
  •  the safety of our staff, clients and the wider public (CCTV).
  • for handling enquiries, complaints and legal claims from parties that are not known to us.

 

Consent

In addition to the reasons given above, we may process your personal information where we have your specific consent for a defined purpose. This may be for example where we believe you will be interested in hearing from other companies within the Standard Bank Group for the purposes of wealth management planning or from trusted third parties which supply complementary products/services. Where this is the case, we will fully inform you of what we plan on doing with the data and you will then have the opportunity to consent (and have the right to withdraw that consent at any time) or decline it.

 

Vital interests

If it is in your or another person’s vital interests for us to do so (for example, in an emergency situation where harm may otherwise result)

Where will we process your personal information?

Due to the integrated nature of the Standard Bank Group’s business and to provide you with efficient access to our products and services, we may process your personal information in multiple jurisdictions including South Africa or in countries where we have a presence and where our products or services are provided or where our third-party service providers operate. We will only process and transfer personal information to countries that we are satisfied will provide adequate data protection, and we ensure our third-party service providers comply with the minimum data protection standards of the Standard Bank Group.

Our electronic systems and databases are used to process and store your personal data, in an integrated way,  for the purposes of administering our client relationships and related activities. All such systems and databases only collect, receive, use and share your personal data in accordance with, and as permitted by applicable laws, and/or internal business policies, standards, processes and procedures applicable to Standard Bank Offshore Group.

Integrated processing holds the following benefits for you:

  • A single, holistic view of your information that helps us to manage your client profile, authenticate your identity and protect you against fraud.
  • Improved business processes and service delivery (and less duplication of information provided).
  • Where client personal data is retained in hard copy (paper) format it is kept secure and safe in locked secure storage either onsite at our various Standard Bank Offshore Group company office locations or outside those office locations with duly vetted and reputable safe storage organisations.
How long do we retain your personal information?

We only hold personal data in a format which permits your identification for as long as is necessary for the purposes for which it was obtained.

Where legal requirements oblige us to retain records for a particular period of time then those periods are the minimum period for which we will retain the relevant record, this will generally be for no longer than six years from your last transaction with us.

Comprehensive, local law compliant, record retention and disposal policies for all of the different types of records we hold exist for each of the three jurisdictions (Jersey, Isle of Man and Mauritius) in which the data controllers of the Standard Bank Offshore Group operate can be obtained by contacting us.

How will we communicate with you?

Besides in-person communication, we use a wide array of channels to engage with you regarding your existing products and services and to keep you updated. These include SMSes, email, phone calls, automated calls, notifications sent to your mobile device, social media platforms and in-app notifications. We need to keep you up to date on an ongoing operational basis about your existing products and services and their new features especially where we are making them more secure and as we make banking more convenient for you. We may contact you through these means for research purposes or to communicate with you for marketing of new products or services as explained in greater detail below.

How do we use your personal information for marketing?

Whether you are an existing client or a prospective client with whom we have had previous interactions in respect of your financial well-being or needs, you are important to us and therefore we would like to share information about our products, services and special offers with you (subject to applicable local laws).

If you are a prospective client, and we have had no previous interaction or have no relationship with you, we will seek your express consent in compliance with local laws to market to you electronically.

If we have previously communicated marketing information to you and you have not elected to unsubscribe or otherwise “opt out” from those communications, which you are entitled to do at any time, or if you are a new client, and you do not unsubscribe or “opt out” then we will contact you from time to time with such marketing information.

We will usually do this through telephone calls, email, messaging services, social media platforms or notify you on your mobile applications. If you have not already done so, you may select your preferred method ofcommunication by contacting us. You always have the right to opt-out of receiving these marketing communications at any time by following the instructions on the communication itself or through our customer service channels.

We will always seek your consent before sending any marketing or promotional materials to you about products and services from any of our other Group companies or from any third-party service provider.

Monitoring for unusual and/or fraudulent activity

We automatically monitor your account/transaction activity to try and spot unusual or fraudulent transactions in order to help prevent and detect crime and to help us “know our client” to better comply with applicable anti-money laundering legislation. The logic of doing this is to use your personal data (for example the frequency, currency, amounts, places of your typical transactions) to spot anything out of the ordinary and hopefully prevent loss/damage from occurring to either you or us. The consequences of this form of monitoring is that you may from time to time be contacted about a particular transaction in order to confirm whether it is a legitimate transaction and that we may have to report any suspicious activities to the relevant law enforcement authorities.

Each Group entity that you have a relationship with will allow you to manage your marketing preferences in line with locally applicable laws.

 

When, how and with whom will we share your personal information?

We share information with third parties, auditors and advisers supporting our services to you, with our trusted partners to introduce products and services to you, with agencies and other financial institutions on credit, fraud and risk matters, with data validation and trust providers to verify your data and identity and with the relevant local and foreign government and other authorities as required by law.

We take extra care when we transfer or share information and will enter into suitable contracts with the trusted parties with whom we share your information, thus ensuring your rights under relevant data protection legislation are upheld.

We maintain comprehensive and detailed registers of all the third parties with whom we share personal data that we are responsible for. These registers include information on 3rd party service providers that we instruct and who process personal data on our behalf (our data processors), and also 3rd parties we may otherwise share personal data with (such as service providers who are also data controllers and tax or regulatory or government authorities – our data transfers).

The registers also include information regarding the countries/territories in which each those organisations are based.

Where we share personal data it is primarily with other organisations in countries/ territories in which the Standard Bank Offshore Group companies are themselves based (Isle of Man, Jersey and Mauritius) and/or certain other countries/territories that are either part of the European Economic Area (EEA) or have been granted EU adequacy rulings from a data protection perspective (if different).

The only other organisations with which we may routinely share certain limited client personal data as required for the specific purposes for which it is required are:

  • tax and/or regulatory and/or governmental and/or law enforcement/judicial authorities in your home country/territory or other countries/territories where we are legally obliged to do so;
  • where you have used a financial adviser and/or other professional adviser/ services business to engage and/or liaise with us on your behalf the wider

Standard Bank group of companies (see https://www.standardbank.com/. For our different Standard Bank offices and their locations), including South Africa, when necessary, proportionate and lawful to do so; limited sharing to service providers in the USA for service management solutions in supporting some of our information technology requirements and with VISA in relation to various matters concerning the security of our debit card offering;

  • other banking and/or financial services and/or investment services providers and institutions worldwide where we are required to provide personal data (sometimes of both the remitter and the payee as part of an instruction) for cheque or payment or transaction processing on your behalf;
  • other employer organisations worldwide with whom you have indicated having past or present employment and where we may seek to verify any past or present employment you have confirmed details of to us;
  • other business/professional services/product providers worldwide where this is required by you or considered necessary in our legitimate interests for the provision and delivery of our services/products to you or in order for us to establish, exercise or defend a legal claim (see the Categories of other business, professional services and product providers table below):

Vendor category

Definition

Managed Services

A service supplier that manages and assumes responsibility for providing a defined set of services to the Standard Bank Offshore Group, for example, Debit Card Services.

Co-managed

A partnership arrangement between a vendor and the Standard Bank Offshore Group companies in which they work together using each of their respective knowledge/specialist skills/systems to achieve the end goal, for example, local Telecoms companies.

Hardware/Software Supplier

Companies/individuals that specialise in providing the Standard Bank Offshore Group with appropriate software and hardware to support the business needs, such as Microsoft.

Professional Services

An organisation or professional that offers customised, knowledge- based services to the Standard Bank Offshore Group companies. They include lawyers, advertising professionals, accountants, property surveyors, and financial advisers.

Business Consultants

Used for various projects required to implement change initiatives for the Standard Bank Offshore Group companies, for example, changes to enhance client experience or to implement new processes to ensure compliance with new legislation and regulation.

 

Legal disclaimer

  • We reserve the right to disclose your personal data to governmental bodies, exchanges and other regulatory or self-regulatory organisations should we be required to do so by law or should we believe that such action is necessary to:
  • comply with the law or with any legal process; • exercise, protect and defend our legal rights and property;
  • prevent fraud, theft or abuse; and/or • protect your personal safety or property and that of our staff or other customers or the general public (if you provide false or deceptive information about yourself or misrepresent yourself as being someone else, we may disclose such information to the appropriate regulatory bodies and commercial entities). In addition, we may disclose data, if required to do so, to any regulatory authorities in connection with any investigation of fraud, intellectual property infringements, or other activity that is illegal or may expose us to legal liability.
How is your personal information protected?

When we share personal data with a data processor then we ensure we have a lawful basis for doing so, have a formal vetting procedure that we follow to assess that data processor’s ability to look after any personal data shared with them, ensure we have a written contract in place with them to apply appropriate safeguards to protect personal data to a standard and in a manner that provides us with sufficient guarantees as to the security of that personal data and undertake ongoing monitoring of that relationship. When we share personal data with another third party but not to process that personal data on our behalf then we ensure we have a lawful basis for doing so, have a formal procedure that we follow to consider and approve the transfer beforehand, and we follow best practice guidelines to govern the data privacy elements of the relationship whenever that is possible.

Where the personal data is to be shared with organisations outside of the EEA (eg USA and South Africa), we will perform additional safeguards including a risk assessment ,  independent vetting (eg adherence to US Data Privacy framework) and the implementation of EU Standard Contract Clauses where appropriate.

The security of your personal information is important to us and we take reasonable steps to keep your personal information safe and to prevent loss, destruction of and damage or unlawful access to your personal information by unauthorised parties. We require the same level of security to be implemented by our service providers and other third parties. However, you must not share or send us any personal information through unauthorised channels, as these are not a secure way of communication and carry a risk of interception and unauthorised access. You should only share personal information through our authorised channels.

What are your rights?

You have a number of rights in respect to your personal data:

  1. You have a right of access to your personal data;
  2. You have a right to take action to rectify inaccurate personal data;
  3. You have a right to erase personal data;
  4. You have a right to restrict the processing of your personal data;
  5. You have a right to data portability;
  6. You have a right to object to processing of personal data (including direct marketing);
  7. You have a right not to be subject to a decision based solely on automated processing of your personal data, including profiling, which produces legal effects/significantly affects you;
  8. You have a right to seek compensation for any material or non-material damage caused by a breach of our statutory obligations to look after your personal data;
  9. You have a right to lodge a complaint with a data protection supervisory authority; and
  10. You have a right to an effective judicial remedy against us.

Circumstances where your personal data is subjected to any automated decision-making, including profiling, and information about the logic, the significance and envisaged consequences of that decision making for you. We do not currently subject your personal data to any automated decision making, however, if this changes, we will amend this Privacy Statement accordingly.

Use of cookies on our website

While you are using our websites or mobile applications, we automatically process certain personal data. We use this information to find out which areas of our websites people visit most and to monitor the use of our websites. This helps us to add more value to our services. This information is gathered in such a way that we do not get personal data about any individual or their online behaviour on other websites.

Cookies

A “cookie” is a small text file that is stored on your computer, smartphone, tablet or other device when you visit a website or use an application. It helps to distinguish you from other users and contains specific information related to your use of our website or application, such as your login details and your preference settings, and helps the website or the application to recognise your device.  

Cookies help to make a website or app function better and make it easier for us to give you a better user experience on our online channels. To use or store cookie types that are not required for the functioning of the website or app and are optional, we will obtain your consent first.

For this reason, we limit our use of cookies to:

  • providing products and services that you request;
  • delivering advertising through marketing communications;
  • providing you with a better online experience and tracking website performance; and
  • helping us make our website more relevant to you.

We use the following types of cookies on our online channels, such as our website.

 

  • Strictly necessary cookies

These cookies are mandatory and are required for the effective operation and functioning of our website on your device. They enable you to use the website and the features on the website and cannot be switched off.

  • Performance cookies

These are optional cookies that collect information about how you use the website but not any personal information. Performance information is anonymous and mostly statistical and is used to improve the performance of our website.

  • Marketing cookies or advertising cookies

These cookies are also optional and are used to deliver and display advertisements that are relevant and engaging for you as the user. They help us measure how effective our advertising campaigns are by your interaction with the advertisement.

  • Session cookies

These cookies are temporary and optional and only exist while you browse our website to remember your activities on the website. As soon as you close the website or move to a different website, the cookies are deleted.

  • Persistent cookies

These are permanent, optional cookies that are stored on your device until they reach a set expiry date or until you delete them. They remember your preferences or actions on our website (or in some cases across different websites). We may use them for various reasons, for example to remember your preferences and choices when you use our website, or to display relevant advertising campaigns to you.

  • First-party cookies

These are cookies that we create and store when you use our website and relate to information obtained directly from you.

  • Third-party cookies

These cookies are owned and created by a third party that provides a service to us such as social media sharing, website analytics or content marketing. These cookies are intended to collect information directly from you by us and we share the personal information with the third party through the cookies that the third-party stores on our website.

Once you select your cookie preferences you can always change them later by enabling or disabling them here: Manage Cookies | Standard Bank.

Where we use cookies to collect personal information, it will always be done in accordance with this statement. You can stop your browser from accepting cookies, but if you do, some parts of our websites or online services may not work properly. We recommend that you allow cookies. Explore the settings and options on your browser to disable or enable them or visit https://www.aboutcookies.org for detailed information about managing cookies.

Social Media

We operate and communicate updates through our designated channels, pages and accounts on some social media sites to inform, help and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our services.

When you engage with us through our social media accounts, your personal information may be processed by the social media platform owner. This process is outside our control and the processing activities may be in a country outside of Isle of an, Jersey and Mauritius that may have different data protection laws. For more information about the privacy practices of a social media platform, please refer to and read the terms and conditions of that social media platform before you use it or share any personal information on it.

Our social media accounts are not appropriate forums to discuss our clients’ products or financial arrangements. We will never ask you to share personal, account or security information on social media platforms. We may, however, ask you to message us in private through one of our official social media accounts.

We regularly update and monitor our social media accounts and welcome feedback and ideas sent to us through these channels. We try to join conversations whenever possible, but may not reply to all messages sent to official Standard Bank social media accounts.

General and Contact

We may change this statement from time to time in accordance with changes in our products or services or regulatory requirements. We will make every reasonable effort to notify you through suitable communication channels.

If you have any questions regarding data privacy and protection at Standard Bank Group, please contact the Data Protection Officer.

The Standard Bank Offshore Group’s appointed Data Protection Officer (“DPO”) can be contacted on the below details:

Jersey: Data Protection Officer Standard Bank Jersey Limited 47–49 La Motte Street St. Helier Jersey JE2 4SZ Email: [email protected]

Isle of Man: Data Protection Officer Standard Bank Isle of Man Limited One Circular Road Douglas Isle of Man IM1 1SB Email: [email protected]

Mauritius: Data Protection Officer Standard Bank Trust Company Mauritius Limited Level 9, Tower B, 1 Cyber City, Ebene, Mauritius, 72201 Email: [email protected]

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), we have appointed European Data Protection Office (EDPO) as our GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to GDPR, where you wish to exercise your rights: – By using EDPO’s online request form on https://edpo.com/gdpr-data-request/ or – By writing to EDPO at Regus Block 1, Blanchardstown Corporate Park, Ballycoolin Road, Blanchardstown, Dublin D15 AKK1, Ireland.

Regardless of which Standard Bank Offshore Group company(ies) is/are your data controller(s) we treat the personal data we collect from you or about you through, for example, any application forms you may complete (electronically or in hard copy), our website(s), associated websites, mobile sites, mobile applications and other communication channels as private and confidential.