Money Laundering Privacy Statement

---

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 require us to tell you about how we will use any personal data supplied to us in the course of our client onboarding process.

What personal data may we collect?

In order to comply with our regulatory obligations, we may collect the following:

• Personal information, such as name, address and date of birth.
• Personal identification documents that may reveal nationality.
• Information that may reveal criminal convictions or offences information.

How will we use the personal data?

Personal data will only be used for carrying out customer due diligence for the purposes of preventing money laundering and terrorist or proliferation financing, or in order to comply with other legal and regulatory obligations.

If we wish to process personal data for any other purpose, we will contact you before doing so.

Do we share personal data with third parties?

We may share your personal data with trusted third parties, Sage UK and Credas, who will assist us in carrying out customer due diligence for the purposes of preventing money laundering and terrorist or proliferation financing. For more information regarding how these third parties process personal data, please use the below links to their respective Privacy Notices:

• Sage UK
• Credas
   
  • In order to support us in carrying out our customer due diligence, Sage UK may also share your personal data with the following credit reference agencies: Experian Ltd (“Experian”), TransUnion International UK Limited (“TransUnion”) and/or Equifax Ltd (“Equifax”), collectively, the "Agencies".
    
  • Please note that:
    
    • The Agencies may keep a record of your personal data (known as a ‘search footprint’, which will remain on your credit file). Search footprints made via TransUnion will read as having been made by Sage UK and Project Peace;
      
    • A search will be carried out with the Agencies for the purposes of verifying your identity;
      
    • The Agencies may disclose your personal data, including the fact that a search was made, to their other customers for the purposes of assessing the risk of giving credit and occasionally to prevent fraud, money laundering and to trace debtors; and
      
    • The Agencies may check your personal data against any particulars on any database (public or otherwise) to which they have access in order to verify your identity.
       
  •  For more information about how the Agencies will process your personal data, please see their respective Credit Rating Information Notices at:
    
    • Experian
    • TransUnion
    • Equifax

How long will we retain your personal data?

We are required by law to retain customer due diligence files for a period of at least five years after a business relationship ends. We have processes in place to ensure your personal data is appropriately deleted after seven years post the end of a business relationship in accordance with this requirement.

Please note that Sage, Credas, and the Agencies will have their own data retention periods, information on which can be found via the relevant links in this Notice.

Further information

To learn more about how Project Peace processes your personal data, or to find out about your rights, please see our Privacy Notice.