Privacy Policy

Amberton Asset Management Limited Privacy Policy


Amberton Asset Management Limited (“AAM”) (“We”) or (“Us”) conform with the General Data Protection Regulation EU 2016/679 (“GDPR”). Amberton is a Data Controller registered with the Office of the Data Protection Commissioner. Group entities related to AAM are registered with the local Supervisory Authority within their individual jurisdictions and conform with the GDPR.

AAM can be contacted regarding this Privacy Policy at: Data Controller, Amberton Asset Management, Block C, Hirzel Court, Hirzel Street, St Peter Port, Guernsey, GY1 2NL.

AAM has determined it is unnecessary to appoint a Data Protection Officer, however, the Data Controller is the main contact regarding privacy issues.

This Privacy Policy sets out how we will use personal information we collect and receive about you.

AAM is committed to ensuring any personal data is processed fairly with appropriate safeguards which consider your privacy rights. We limit access to your personal information to employees who we believe have a reasonable need to access your information in order to carry out their jobs.

Policy statement

We will only collect and use your personal information where we have lawful grounds and legitimate business reasons to do so. We will be transparent in our dealings with you and will tell you how we will collect and use your personal information. If we have collected your personal information for a particular purpose we will not use it for any other purpose unless you have been informed, or where we are legally obliged to. We will update our records when you inform us your details have changed. We will implement appropriate retention policies and ensure your personal information is securely disposed of at the end of the appropriate period. We will observe the rights granted to you under the applicable privacy and data protection laws. We will train our staff on their privacy obligations. We will ensure we have appropriate organisational and technical measures to protect your personal information and when we outsource any processes, the supplier has appropriate measures in place.

What information we collect

We will collect personal information about you and any associated parties you are authorised to disclose data about. This will include information such as names, addresses, telephone numbers, email addresses, date of birth, nationality, financial and banking details, identification documents, tax identification numbers, and technical details including your Internet Protocol (“IP”) address, login information, browser type and operating system.

Where the application is on behalf of a business we will require personal information relating to the Principals, including but not limited to any directors, partners, members, shareholders, ultimate beneficial owners, trustees, settlors and/or beneficiaries (where the case may be).

We also receive other information from third-party sources when we are conducting due diligence for Anti-Money Laundering (“AML”) purposes and to verify your and any associated party’s identities.

We will also collect information regarding your business.

Where we obtain the information

This information will be collected when you access our website, register your interest for our services and complete an application for a facility. We will also collect information from any intermediaries acting on your behalf and from our employees when interacting with you regarding the use of our facilities. We will collect information during the term of any contract between you and us.

Fraud prevention agencies, anti-money laundering service providers and company register services will provide information when we conduct our due diligence.

What we do with the information

We are required to process your information at your request to enter a facility or contract with us and to manage a facility or contract you enter into with us. Failure to provide the necessary information will not permit us to offer you such facility.

We will use your information to assess the suitability of the facility or contract and to conduct necessary searches for anti-money laundering and fraud prevention purposes, which we have a legal obligation to complete.

We will contact you from time to time to tell you about similar products or services which we believe you could be interested in, which we have legitimate interest in doing so.

We will share your information with other companies in our Group, ensuring adequate protection of your information, which we have a legitimate interest in doing so.

In the event that we are unable to enter into a contract with you we will share your information with third-party companies who offer similar products and may be able to assist you, which we will require your explicit consent to do so.

We will share your information with fraud prevention agencies where appropriate during the term of any facility or contract you have with us, which we are legally obliged to.

We will share your information with other categories of recipient, subject to the purpose of processing. These may include (and not limited to): Property Agents; Valuers; Surveyors; Legal Services; Debt Recovery Services and Intermediaries.

We will share your information with law enforcement of other government bodies when requested, to assist them in preventing crime, tax avoidance or other fraudulent activities.

We will use your information for statistical purposes for us to improve our products and services, which we have a legitimate interest in doing so.


There are certain regulatory requirements for the retention of any personal data we hold. We will only hold data for as long as necessary which considers these requirements. For instance, we will retain your personal data for 6 years after the last transaction/dealing with us, unless we have a legitimate reason to retain it for longer

Transferring or storing data outside the EU

Occasionally we will be required to share data with other parties. These parties may be located within or outside of the European Union. Where these parties operate (i) in territories within the EU, (ii) are in territories which have been granted EU adequacy for transferring of data, or (iii) operate within the US and subscribe to the US-EU Privacy Shield, there are appropriate safeguards in place for the transfer of your personal data. Where these parties may be located in another territory we will ensure there are adequate contractual clauses in place to safeguard the transfer of your personal data.

Your rights

Under the GDPR, you are given certain rights about how your data is used, these rights are:

  • the right to be informed how your data will be processed– we will provide a Fair Processing Notice at the time of collecting your personal data at the time of making an application, which informs you how we will process your data. (If another party has provided the data, this notice will be provided within one-month of processing your data);
  • the right to withdraw consent– if we require consent for a specific process you may withdraw this consent at any time preventing us from any further processing. You may withdraw consent by contacting us, selecting communications preferences on the web-site or by selecting unsubscribe in any emails we send to you;
  • the right of access– we will confirm if we hold and process any personal data, and describe the purpose of the processing; the categories of the data concerned; the recipients or categories of recipients where the data has been or will be disclosed; the envisaged period the data will be retained (or the criteria for determining the retention period); any information available regarding the source of your information where we have not collected it from you; the existence of any automated decision making or profiling; and we will confirm your rights. AAM will not charge for such request and will provide the information within one-month. If there are any exceptions, we will confirm these exceptions in writing within one-month;
  • the right of rectification– where you believe data we hold is inaccurate you have the right to request this inaccuracy is rectified;
  • the right of erasure (to be forgotten)– in certain circumstances you have the right to have your personal information erased. If you make a request to erase data which we are not obliged to erase, we will confirm the reason in writing;
  • the right to restrict processing– in certain circumstances you have the right to restrict how we process your personal information. If you make a request to restrict data processing which we are not obliged to restrict, we will confirm the reason in writing;
  • the right to data portability– we will provide the personal data which you provided us in an appropriate format which you may pass to another data controller;
  • the right to object to automated decision making or profiling– if we make automated decisions or use your data for profiling you may object to this processing and request ‘human intervention’;
  • the right to complain to the Supervisory Authority– you may make a complaint to the Office of the Data Protection Commissioner if you believe we are processing your data inappropriately/illegally.

The transmission of information via the internet may not be completely secure. We will do our best to protect your personal information, but we cannot guarantee the security of data transmitted to our site. A transmission is at your own risk.


How to complain to AAM:

You can make a complaint directly to AAM by contacting by email to or in writing to: Complaints, Amberton Asset Management Limited, Block C, Hirzel Court, Hirzel Street, St Peter Port, Guernsey, GY1 2NL.

How to complain to Supervisory Authority:

If you believe we are processing your personal data inappropriately or without a lawful basis for processing the data, you may make a complaint to the Office of the Data Protection Commissioner. You can contact the Office of the Data Protection Commissioner by telephone on 01481 742074, or you can write at: Data Protection Office, Guernsey Information Centre, North Esplanade, St Peter Port, Guernsey, GY1 2LQ

Further information is available at


Cookies contain information that is transferred to your computer. Some of the Cookies we use are essential for the web-site to operate. Some Cookies allow us to recognise and count the number of visitors and to see how visitors move around the site when they’re using it. This helps us to improve the way our website works and deliver a better and more personalised service, for example by making sure users are finding what they need easily. We may obtain information about your general internet usage by using a cookie file which his stored on your browser or the hard drive of your computer

You may choose to block Cookies by activating the setting on your computer which allows you to refuse the setting of all or some Cookies. However, if you choose to block all Cookies (including essential Cookies) you will not be able to access your account on the web-site. Unless you have adjusted your browser so that it will refuse Cookies, our systems may issue Cookies when you visit our site.

Changes to this policy

We keep our privacy policy under regular review and any updates will be included on this web-page. This privacy policy was last updated on 22 May 2018.