International
Online Banking Investment Portal INTERNATIONAL INVESTMENT PLATFORM
Portfolio Online
Link to complete an online application
If you have already started an online application for an account, please click on the link below to complete the process. To start a new application, apply via the product page
Continue opening my bank account
Personal
Overview
Products and Services
Products and Services
Bank with us
International bank accounts
Borrow for your needs
Loans
Grow your money
Savings accounts
Investment solutions
Leaving a legacy
Fiduciary services
Ways to bank
Ways to bank
Learn more
Learn more
News
News
About us
About us
About Standard Bank Offshore
Working at Standard Bank Offshore
Isle of Man
Jersey
Report to society
Business
Overview
Products and services
Products and services
Bank with us
Bank accounts
Borrow for your needs
Loans
Grow your money
Savings accounts
Investment Solutions
Ways to bank
Ways to bank
Internet Banking Setup
Learn
Learn
News
News
Wealth
Contact us

Privacy statement

Standard Bank Offshore Group (“SBO”) Privacy Statement

Privacy Statement

The Standard Bank Group is an Africa-focused, client-led and digitally enabled financial services organisation. We provide comprehensive and integrated financial and finance-related solutions to our clients and operate across the African continent and internationally through our subsidiaries.

This Privacy Statement applies to all clients (as defined below) (“you, your”) of any company within the Standard Bank Offshore Group (“Group, we, us, our”) where that company acts as a data controller of your personal data.  For the avoidance of doubt, this Privacy Statement does not replace or override the privacy notices of companies or foundations administered by us, where those entities are the registered data controllers in their own right.

“Standard Bank Offshore Group” is the collective term for a group of companies that are based in Jersey, the Isle of Man and Mauritius, and which are owned by Standard Bank Group International Limited, which is in turn owned by Standard Bank Group Limited. Details of the companies that comprise the Standard Bank Offshore Group and their contact details can be found under “General and Contact”

The relevant Group data controller(s) in respect to your personal data will, unless otherwise stated, always be the Group company(ies):

  1. with which you have engaged directly, whether by making an enquiry, applying for products or services, or entering into a contractual relationship; or
  2. with which a past, present or prospective client or non-natural client is engaged, where you are associated with or connected to that client or non-natural client, including for example as an ultimate beneficial owner, director, trustee, protector, enforcer, shareholder or similar role.

For the purposes of this Privacy Statement “client” is to be given its widest possible interpretation and includes, but is not limited to, any natural person who is a past, present or prospective recipient of products and/or services from a Group company.  Client includes, without limitation:

  1. Any past, present or prospective recipient of products or services from a Group company.
  2. Any natural person associated with or connected to a trust, company, foundation or other legal or non-legal structure to which a Group company provides products or services.  For example, a director, alternate director, shareholder, ultimate beneficial owner, trustee, co-trustee, protector, enforcer, foundation council member, attorney, account signatory or beneficiary.
  3. Any natural person acting in a professional or service provider capacity to such a trust, company, foundation or other structure, where the Group company is required to collect and process that person’s personal data.  For example, an investment manager, investment adviser, asset manager, property manager, agent, tax adviser, legal adviser, accountant, auditor, administrator or other professional adviser.

Any natural person who receives, or is intended to receive, a payment, distribution, benefit or other transfer of value from a trust, foundation, company or other structure administered by a Group company.  For example, a beneficiary, discretionary recipient, payee, creditor, counterparty, settlement recipient or other recipient of funds. Due to the integrated nature of the Standard Bank Group business, clients whose primary business is with one entity of the Group are viewed as clients of the Standard Bank Group as a whole for client-centricity, data quality and risk management purposes.  As such, relevant client information may be shared within the Group in accordance with our internal agreements and applicable regulations.

Data Protection Regulation

As we operate in various countries and through various legal entities, we comply with the applicable data protection and privacy laws in each of these countries. Accordingly, the specific Group company that is responsible for determining the purpose and means of processing your personal data (responsible party or controller), in other words the legal entity who holds the business relationship with you, will not always be the same. It will be made clear to you when you take up a product or service, who the responsible party or data controller is.  If you are unsure who your data controller is, please contact our data protection officer at [email protected] for confirmation and contact details.

The applicable data protection legislation for Group companies is:

  • Jersey - Data Protection (Jersey) Law 2018
  • Isle of Man - Data Protection (Application of GDPR) Order 2018
  • Data Protection Act 2017 - Mauritius

In addition, where we process personal data of residents of the European Union, EU GDPR may also apply in respect of such processing.

Definitions

Automated Processing / Automated decision-making Decisions made solely by computers or algorithms without human intervention.
Data controller The entity that determines the purposes and means of processing your personal data.
Data processor An entity that processes personal data on behalf of a data controller.
Data Subject The person to whom personal data relates.
EU GDPR / GDPR The European Union General Data Protection Regulation that governs the processing of personal data.
Group The collective term for Standard Bank Offshore Group entities in Jersey, Isle of Man, and Mauritius.
Jersey Standard Contractual Clauses The Jersey Addendum to the EU Standard Contractual Clauses issued by the Jersey Data Protection Authority under Article 67(2)(c) of the Data Protection (Jersey) Law 2018, providing appropriate safeguards for international transfers where no adequacy decision applies.
“KYC” (Know Your Customer) and “CDD” (Customer Due Diligence) documentation The information and records collected to verify a client’s identity, understand ownership or control (for entities), and comply with legal and regulatory obligations, including the prevention of financial crime such as money laundering, terrorist financing, or fraud.
Personal data Any information that identifies you directly or indirectly.
Special category or sensitive personal data Data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, health information, or criminal records.
Standard Bank Group A leading African financial services group that owns the Standard Bank Offshore Group.
Vulnerable individual A person who, due to their personal circumstances, may have a reduced ability (on a temporary or permanent basis) to understand, make or communicate informed decisions or to protect their own interests, and who may therefore require additional care, support or safeguards when engaging with us or when their personal data is processed.
What is the purpose and scope of this statement?

The purpose of this statement is to inform you how we collect, use, store, make available, disclose, update, safeguard, destroy or otherwise deal with (process) your personal data (also referred to as personal information in some countries) and also to explain your rights relating to the privacy of your personal data and how the law protects you.

We may combine your personal data, available across the Group, and use the combined data for any of the purposes set out in this statement where we have lawful grounds for doing so.

Where necessary, your personal data may be processed in other jurisdictions outside of where these Group entities normally operate and under different local data protection requirements, however we will only process in and transfer personal data to countries that we are satisfied provide adequate data protection, and for which we have robust legal provision for us to share the personal data.

Protecting the privacy, confidentiality and security of your personal data is very important to us as it is critical for us as a Group to maintain your trust and act in the right way to meet your needs. We have therefore implemented Group-wide policies and procedures to ensure that your personal data is always protected.

This Privacy Statement provides an overview of:

  • what is personal data, and the types of personal data we collect;
  • how we collect your personal data;
  • why we process your personal data;
  • where we process  your personal data;
  • how long we  retain your personal data;
  • how we communicate with you;
  • how we use your personal data for marketing;
  • when, how and with whom we share your personal data;
  • how is your personal data protected;
  • what are your rights;
  • use of cookies on our website;
  • social media;
  • general and contact.

 

What is personal data and what types of personal data do we collect?

Personal data is any data from which you can be identified. Depending on the nature and means of your enquiry and/or the product/service sought or provided then we will typically collect and use:

  • your contact data: your name (and any previous names); your home and/ or business address(es); your telephone number(s); email address(es); and any other contact data we reasonably require (e.g. social media accounts);
  • other personal data about you: your identity and/or passport documentation; proof of address documentation; source of wealth data; bank account, financial and tax data; transactional data on your accounts/ dealings, including financial behaviour, goals and needs; your marital status; your gender; date and place of birth; nationality; your occupation and income including employment history; your dependants (including minors upon parent/ guardian consent);
  • verification/ security data; your signature; photographs or other visual images of you such as CCTV footage; biometric feature such as your voice (subject to your consent); shareholder data such as number of shares and structure of shareholding; telephone conversations with our staff; and data you provide for secure passwords;
  • certain “special category” or sensitive personal data, meaning data relating to political opinions (including those of close family or associates), trade union memberships, criminal convictions, offences or related security measures (processed only where permitted by law), and, in certain cases, health and disability related data; 
  • certain other personal data about you as collected by our cookies when you visit our web pages such as IP and geolocation (see further explanation below and the cookies pop-up we use when you visit our applicable websites).

The personal data mentioned above is an indicative list only and not exhaustive.

How do we collect your personal data?

We will collect personal data directly from you by telephone, in writing, or through online channels such as our website, mobile applications, Internet Banking or electronic messaging platforms.

We also collect personal data from other sources where lawful and reasonable to do so, such as reputable third parties that you deal with or that the Group interacts with for the purposes of conducting its business. These third parties include:

  • business partners (including partners and participating partners involved in reward programmes, campaigns or other business activity, joint-venture partners, social media and platform partners) or companies that we may acquire or that merge with us;
  • service providers (including payment processors, card network providers, debt collection and tracing agencies, credit agencies and bureaux, electronic communication service providers, public and private data and data verification providers including data registries, aggregators, search engines, social media and marketing list providers);
  • employers, advisers, agents, associates, assignees, concessionaries, successors in title, trustees, executors, curators and appointed third parties (including lawyers and contractors);
  • government departments, regulatory authorities, courts of law and law enforcement agencies, ombudsmen and tax authorities;
  • family members, referees or other individuals connected to you, where relevant (for example, for verification, references, emergency contact details or relationship confirmation purposes).

If you are a third-party service provider, we may collect personal data about you as a data subject to ensure that the business relationship and matters relating to the agreement between you and us can be fulfilled. You warrant that, if you provide us with any personal data about other persons, such as employees, shareholders or your directors, you are authorised to share their personal data with us for purposes set out in this statement, and that you will provide them with access to, or reference to this document.

Providing your personal data to us is usually voluntary, however, it may be mandatory under certain circumstances, for example when you apply for products and/or services or to comply with anti-money laundering and tax reporting legislation. If you fail to provide us with your personal data when requested, we may not be able to provide the products or services to you or comply with our legal obligations.

Whenever you provide us with the personal data of third parties, you must inform them that their personal data will be disclosed to us. We will process the personal data in accordance with this statement.

Where you provide us with personal data relating to a child (as defined under applicable law) or a vulnerable individual, you confirm that you are the parent, legal guardian, authorised representative, carer or otherwise have the necessary legal authority to provide such personal data and to consent to its processing on that individual’s behalf.

You also confirm that you will inform the child or vulnerable individual (where appropriate and taking into account their age, maturity and circumstances) about the processing of their personal data in accordance with this statement.

 

Why do we process your personal data?

Our responsibilities to you are very important to us and we aim to provide you with personalised services to meet your needs. We may process your personal data for any of the reasons outlined below.

Contract requirements

We may process your personal data to conclude or perform under a contract or agreement with you for a product or service that you have applied for, either with us or through our business partners with whom we have entered into a partnership, collaboration or alliance arrangement, or for purposes of:

  • providing products and services to you such as opening and maintaining your account, executing transactions, administering claims where applicable, collecting payments due to us by you, managing our risks and maintaining our overall relationship with you;
  • communicating with you regarding the products or services you have with us, in order to ensure you always have the knowledge of the products and service we have available for you to make informed decisions and give you recommendations that are appropriate and suitable for you;
  • protect you and your assets with us via activity monitoring (including call recording) to prevent fraud and identity theft and to improve our service for purposes such as staff training and dispute resolution;
  • providing you with further data that you request from us regarding the products or services you have with us.

Legal obligations

We may process your personal data for the following purposes:

  • to complete integrity and business conduct checks required for compliance purposes, including due diligence and onboarding processes, monitoring and assurance reviews and conduct sanctions screening against applicable sanctions lists;
  • to comply with other risk management, regulatory and legislative requirements;
  • to comply with voluntary and mandatory codes of conduct and laws (for example, investment, banking, trust and corporate services and/or tax reporting laws); and
  • to detect, prevent and report money laundering, terrorist financing, corruption or other potentially illegal activity, or activity that could lead to loss.

Legitimate Interest

We may, after considering your fundamental rights and freedoms and determining that our or a third party’s legitimate interest is not, on a balance, overridden by your rights and freedoms, process your personal data as per the following (excluding personal data which is sensitive or special category of data):

  • maintain, monitor, improve and develop our business policies, systems and controls;
  • maintain and improve data quality;
  • design, develop and test products, services and solutions for clients, which may include combining sources and types of your personal data across multiple legal entities and countries, subject to compliance with applicable laws;
  • personalise and customise products, services and solutions, messaging and advertising;
  • respond to client enquiries and communications and to record these interactions for the purpose of analysis and improvement;
  • manage business emergencies and stress events;
  • process and settle transactions and payments;
  • meet record-keeping obligations;
  • conduct research and analysis (among other things, to assess product suitability, credit quality, insurance risks, market risks and affordability, to conduct behavioural profiling, to develop credit models and tools and to obtain related data);
  • enable clients to use value-added solutions and participate in reward programmes;
  • prevention and detection of crime, including fraud;
  • the safety of our staff, clients and the wider public (CCTV);
  • for handling enquiries, complaints and legal claims from parties that are not known to us;
  • monitoring and auditing internal processes, staff activity, and systems to ensure compliance, quality, and operational effectiveness;
  • reviewing and training staff, including analysing interactions and communications, to improve service quality and client experience;
  • monitoring IT systems, networks, and access to detect, prevent, and respond to cyber threats, unauthorised access, or other security incidents; and
  • processing personal data to support regulatory reporting and risk management obligations, where lawful and proportionate;

Consent

In addition to the reasons given above, we may process your personal data where we have your specific consent for a defined purpose. For example, this may include informing you about wealth management planning from other companies within the Group, or about complementary products or services from trusted third parties that supply them.  Where this is the case, we will fully inform you of what we plan on doing with the data and you will then have the opportunity to consent or decline.  You also have the right to withdraw that consent at any time.

Vital interests

We may process your personal data if it is in your or another person’s vital interests for us to do so (for example, in an emergency situation where harm may otherwise result).

Where will we process your personal data?

Although the main processing of your personal data occurs within the relevant jurisdiction of the Group company that acts as the data controller, due to the integrated nature of the Group’s business, and to provide you with efficient access to our products and services, we may process your personal data in other  jurisdictions including South Africa, or in countries where we have a presence and where our products and services are provided, or where our third-party service providers operate. We will only process and transfer personal data to countries that we are satisfied provide adequate data protection, and we ensure our third-party service providers comply with the minimum data protection standards of the Group.

Our electronic systems and databases are used to process and store your personal data, in an integrated way, for the purposes of administering our client relationships and related activities. All such systems and databases only collect, receive, use and share your personal data in accordance with, and as permitted by applicable laws, and/or internal business policies, standards, processes and procedures applicable to the Group.

Integrated processing holds the following benefits for you:

  • single, holistic view of your data that helps us to manage your client profile, authenticate your identity and protect you against fraud;
  • improved business processes and service delivery (and less duplication of data provided);
  • where client personal data is retained in hard copy (paper) format it is kept secure and safe in locked secure storage either onsite at our various Group company office locations or outside those office locations with duly vetted and reputable safe storage organisations.

Please note that, notwithstanding the above benefits, each Group entity remains legally obliged to obtain its own KYC/CDD documentation. Accordingly, in circumstances where applicable law or regulation requires a fresh submission of documents, you may be requested to provide such information even if you are already a client of another Group entity.

How long do we retain your personal data?

We only hold personal data in a format which permits your identification for as long as is necessary for the purposes for which it was obtained.

Where legal requirements oblige us to retain records for a particular period of time then those periods are the minimum period for which we will retain the relevant record, this will generally be for no longer than six years from your last transaction with us.

Comprehensive, local law compliant, record retention and disposal policies for all of the different types of records we hold exist for each of the three jurisdictions (Jersey, Isle of Man and Mauritius) in which the data controllers of the Group operate can be obtained by contacting us [email protected].

How will we communicate with you?

Besides in-person communication, we use a wide array of channels to engage with you regarding your existing products and services and to keep you updated. These include SMSes, email, phone calls, automated calls, notifications sent to your mobile device, social media platforms and in-app notifications. We need to keep you up to date on an ongoing operational basis about your existing products and services, and their new features especially where we are making them more secure and as we make banking more convenient for you. We may contact you through these means for research purposes or to communicate with you for marketing of new products or services as explained in greater detail below.

How do we use your personal data for marketing?

Whether you are an existing client or a prospective client with whom we have had previous interactions in respect of your financial well-being or needs, you are important to us and therefore we would like to share data about our products, services and special offers with you (subject to applicable local laws).

If you are a prospective client, and we have had no previous interaction or have no relationship with you, we will seek your express consent in compliance with local laws to market to you electronically.

If we have previously communicated marketing information to you or if you are a new client and you have not unsubscribed or otherwise “opted out” from those communications then we may contact you with marketing information.

We will usually do this through telephone calls, email, messaging services, social media platforms or notify you on your mobile applications. If you have not already done so, you may select your preferred method of communication by contacting us.

You always have the right to opt-out of receiving these marketing communications at any time by following the instructions on the communication itself or through our client service channels.

We will always seek your consent before sending any marketing or promotional materials to you about products and services from any of our other Group companies or from any third-party service provider.

Each Group entity that you have a relationship with will allow you to manage your marketing preferences in line with locally applicable laws.

When, how and with whom will we share your personal data?

We may share your data with third parties, such as auditors and advisers who support our delivery of services to you; with our trusted partners to introduce products and services to you; with agencies and other financial institutions involved in credit, fraud and risk matters; with data validation and trust service providers to verify your data and identity; and with the relevant local and foreign government bodies and other authorities, as required by law.

We take extra care when we transfer or share data and will enter into suitable contracts with third parties with whom we share your data, thus ensuring your rights under relevant data protection legislation are upheld.

We maintain comprehensive and detailed registers of all the third parties with whom we share personal data that we are responsible for.

These registers include data on third party service providers that we instruct and who process personal data on our behalf (our data processors), and also third parties with whom we may share personal data such as service providers who are also data controllers and tax or regulatory or government authorities (our data transfers).

The registers also include data regarding the countries/territories in which each those organisations are based.

Where we share personal data it is primarily with other organisations in countries/ territories in which the Group companies are themselves based (Isle of Man, Jersey and Mauritius) and/or certain other countries/territories that are either part of the European Economic Area (EEA) or have been granted EU adequacy rulings from a data protection perspective (if different).

The only other organisations with which we may share certain limited client personal data, for the specific purposes for which it is required are:

  • tax, regulatory, governmental and law enforcement or judicial authorities in your home country/territory or other countries/territories where we are legally obliged to do so;
  • where you have used a financial adviser and/or other professional adviser/ services business to engage and/or liaise with us on your behalf the wider Standard Bank group of companies, including South Africa, (see https://www.standardbank.com/ for our different Standard Bank offices and their locations) .  When necessary, proportionate and lawful to do so; we may share limited data with  service providers in the USA for service management solutions in supporting some of our data technology requirements, and with VISA in relation to various matters concerning the security of our debit card offering;
  • other banking, financial services or investment services providers and institutions worldwide where we are required to provide personal data (sometimes of both the remitter and the payee as part of an instruction) for cheque or payment or transaction processing on your behalf;
  • employer organisations worldwide with whom you have indicated having past or present employment and where we may seek to verify any past or present employment you have confirmed details of to us;
  • business, professional services or product providers worldwide where this is required by you or considered necessary in our legitimate interests for the provision and delivery of our services/products to you or in order for us to establish, exercise or defend a legal claim (see the table of categories of other business,  professional services and product providers below):

Vendor category

Definition

Managed Services

A service supplier that manages and assumes responsibility for providing a defined set of services to the Group companies, for example, Debit Card Services.

Co-managed

A partnership arrangement between a vendor and the Group companies in which they work together using each of their respective knowledge/specialist skills/systems to achieve the end goal, for example, local Telecoms companies.

Hardware/Software Supplier

Companies/individuals that specialise in providing the Group with appropriate software and hardware to support the business needs, such as Microsoft and SalesForce.

Professional Services

An organisation or professional that offers customised, knowledge- based services to Group companies. They include lawyers, tax advisors, advertising professionals, accountants, property surveyors, financial advisers and monitoring and screening services such as FinScan.

Business Consultants

Used for various projects required to implement change initiatives for Group companies, for example, changes to enhance client experience or to implement new processes to ensure compliance with new legislation and regulation.

 

Legal disclaimer

We reserve the right to disclose your personal data to governmental bodies, exchanges and other regulatory or self-regulatory organisations where we are required to do so by law or where we believe that such action is necessary to:

  • comply with the law or with any legal process;
  • exercise, protect and defend our legal rights and property;
  • prevent fraud, theft or abuse; and/or
  • protect your personal safety or property and that of our staff or other clients or the general public. 

If you provide false or deceptive data about yourself or misrepresent yourself as being someone else, we may disclose such data to the appropriate regulatory bodies and commercial entities. In addition, we may disclose data, if required to do so, to any regulatory authorities in connection with any investigation of fraud, intellectual property infringements, or other activity that is illegal or may expose us to legal liability.

How is your personal data protected?

When we share personal data with a data processor, we ensure that we have a lawful basis for doing so, follow a formal vetting procedure to assess the data processor’s ability to protect any personal data shared with them, and have a written contract in place requiring appropriate safeguards.  These safeguards are designed to protect personal data to a standard and in a manner that provides us with sufficient guarantees as to the security of that personal data and we undertake ongoing monitoring of that relationship. When we share personal data with another third party but not to process that personal data on our behalf then we ensure we have a lawful basis for doing so, follow a formal procedure to consider and approve the transfer beforehand, and we implement appropriate measures to protect the data.

Where the personal data is to be shared with organisations outside of the EEA (e.g. USA and South Africa), we will implement additional safeguards including a risk assessment, independent vetting (for example, adherence to the EU-US Data Privacy Framework) and the implementation of Jersey Standard Contractual Clauses where appropriate.

The security of your personal data is important to us and we take reasonable steps to keep your personal data safe to prevent loss, destruction of and damage or unlawful access to your personal data by unauthorised parties. The Group develops and applies robust technical and organisational measures to ensure the safeguarding of our data and specifically our clients’ personal data, such as: applied antivirus and anti-malware software, a dedicated security team, access restriction by role, encryption of data in transit or at rest, password protected access, two-factor authentication, specifically designed training programme for all our employees, etc. We require the same level of security to be implemented by our service providers and other third parties. However, you must not share or send us any personal data through unauthorised channels, as these are not a secure way of communication and carry a risk of interception and unauthorised access. You should only share personal data through our authorised channels.

Monitoring for unusual and/or fraudulent activity

We automatically monitor your account/transaction activity to try and spot unusual or fraudulent transactions in order to help prevent and detect crime and to help us “know our client” to better comply with applicable anti-money laundering legislation. This monitoring may involve analysing  your personal data, such as the transaction frequency, currency, amounts, places of your typical transactions to identify activity  outside of your typical patterns. As a consequence, you may be contacted about a particular transaction in order to confirm whether it is a legitimate transaction.  We may report any suspicious activities to the relevant law enforcement or regulatory authorities, as required by law.

 

What are your rights?

You have several rights in respect to your personal data:

  1. You may access your personal data;
  2. You may take action to rectify inaccurate personal data;
  3. You may request erasure of personal data;
  4. You may restrict the processing of your personal data;
  5. You have a right to data portability;
  6. You may object to processing of personal data, including direct marketing;
  7. You have a right not to be subject to a decision based solely on automated processing of your personal data, including profiling, which produces legal effects concerning you or similarly significantly affects you.

We will inform you whenever your personal data is subject to any automated decision-making, including profiling, and provide information about the logic, significance and envisaged consequences of that decision making for you.  In such cases, you will have the right to request human intervention, express your point of view, and contest the decision.

We may use your personal data for automated decision-making to assess your suitability for our products and services (e.g. during online applications) in compliance with applicable law and excluding certain countries, as required. 

Use of cookies on our website

While you are using our websites or mobile applications, we automatically process certain data. We use this data to find out which areas of our websites people visit most and to monitor the use of our websites. This helps us to add more value to our services. This data is generally aggregated or anonymised so that it does not identify individual users. Some cookies, which may process personal data, will only be used with your consent.

Cookies

A “cookie” is a small text file that is stored on your computer, smartphone, tablet or other device when you visit a website or use an application. It helps to distinguish you from other users and contains specific data related to your use of our website or application, such as your login details and your preference settings, and helps the website or the application to recognise your device.  

Cookies help to make a website or app function better and make it easier for us to give you a better user experience on our online channels. To use or store optional cookie types that are not required for the functioning of the website or app and are optional, we will obtain your consent first.

For this reason, we limit our use of cookies to:

  • providing products and services that you request;
  • delivering advertising through marketing communications;
  • providing you with a better online experience and tracking website performance; and
  • helping us make our website more relevant to you.

We use the following types of cookies on our online channels, such as our website.

Strictly necessary cookies

These cookies are mandatory and are required for the effective operation and functioning of our website on your device. They enable you to use the website and the features on the website and cannot be switched off.

Performance cookies

Performance cookies are optional and help us understand how you use our website. While we aim to use aggregated data, some performance cookies may collect information that can be considered personal data (such as your IP address). We only deploy these with your consent.

Marketing cookies or advertising cookies

These cookies are also optional and are used to deliver and display advertisements that are relevant and engaging for you as the user. They help us measure how effective our advertising campaigns are by your interaction with the advertisement.  These cookies may collect personal data, and the data may be shared with the third party that sets the cookie in accordance with their privacy policy.

Session cookies

These cookies are temporary and optional and only exist while you browse our website to remember your activities on the website. As soon as you close the website or move to a different website, the cookies are deleted.

Persistent cookies

These are permanent, optional cookies that are stored on your device until they reach a set expiry date or until you delete them. They remember your preferences or actions on our website (or in some cases across different websites). We may use them for various reasons, for example to remember your preferences and choices when you use our website, or to display relevant advertising campaigns to you.

First-party cookies

These are cookies that we create and store when you use our website and relate to data obtained directly from you.

Third-party cookies

These cookies are owned and created by third parties who provide services to us such as social media sharing, website analytics or content marketing.  Personal data collected by these cookies may be shared with the third party in accordance with that party’s privacy policy and subject to your consent for optional cookies

Once you select your cookie preferences you can always change them later by enabling or disabling them here: Manage Cookies | Standard Bank.  This applies to all optional cookies.

Where we use cookies to collect personal data, it will always be done in accordance with this statement. You can stop your browser from accepting cookies, but if you do, some parts of our websites or online services may not work properly. Explore the settings and options on your browser to disable or enable them.

Social Media

We operate and communicate updates through our designated channels, pages and accounts on our official social media sites to inform, help and engage with our clients. We monitor and record comments and posts made about us on these channels so that we can improve our services.

When you engage with us through our social media accounts, your personal data may be processed by the social media platform owner. This process is outside our control, and the processing activities may be in a country outside of Isle of Man, Jersey and Mauritius that may have different data protection laws. For more data about the privacy practices of a social media platform, please refer to and read the terms and conditions of that social media platform before you use it or share any personal data on it.

Our social media accounts are not appropriate forums to discuss our clients’ products or financial arrangements. We will never ask you to share personal, account or security data on social media platforms. We may, however, ask you to message us in private through one of our official social media accounts.

We regularly update and monitor our social media accounts and welcome feedback and ideas sent to us through these channels. We try to join conversations whenever possible but may not reply to all messages sent to official Standard Bank social media accounts.

General and Contact

We may change this statement from time to time in accordance with changes in our products or services or regulatory requirements. We will make every reasonable effort to notify you through suitable communication channels.

If you have any questions regarding data privacy and protection at Standard Bank Offshore Group, please contact our appointed Data Protection Officer (“DPO”) using the details below:

Jersey: Data Protection Officer Standard Bank Jersey Limited and Standard Bank Offshore Trust Company Jersey Limited 47–49 La Motte Street St. Helier Jersey JE2 4SZ Email: [email protected]

Isle of Man: Data Protection Officer Standard Bank Isle of Man Limited One Circular Road Douglas Isle of Man IM1 1SB Email: [email protected]

Mauritius: Data Protection Officer Standard Bank Trust Company Mauritius Limited Level 9, Tower B, 1 Exchange Square, Wall Street, Ebene, Mauritius, 72201 Email: [email protected]

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), we have appointed European Data Protection Office (EDPO) as our GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to GDPR, where you wish to exercise your rights: – By using EDPO’s online request form on https://edpo.com/gdpr-data-request/ or – By writing to EDPO at Ground Floor, 71 Lower Baggot Street, Dublin, D02 P593, Ireland.

Regardless of which Standard Bank Offshore Group company(ies) is/are your data controller(s) we treat all personal data we collect from or about you – whether through application forms (electronic or hard copy), our website(s), associated websites, mobile sites, mobile applications and other communication channels - as private and confidential.

Supervisory Authorities

We always endeavour to process your personal data in line with relevant jurisdictional requirements and your expectations as a client.  However, there may be instances where you may disagree with the way we process your data. We encourage you to contact us first to share any concerns, and we promise to address and resolve those with professionalism and efficiency.

You also have the right to seek advice from or lodge a complaint with the local Supervisory Authority if you remain unsatisfied using the following address:

Isle of Man: Isle of Man Information Commissioner (inforights.im)

Jersey: Jersey Office of the Information Commissioner - Home (jerseyoic.org)

Mauritius:  Data Protection Commissioner - (dataprotection.govmu.org)