Data protection declaration (Privacy policy)

Version dated 25 May 2018

Updated 14 March 2022

Data protection is important to ATU General Trust (BVI) Limited and accordingly, in this privacy policy we explain how we collect and process personal data (i.e. data that refers to a specific or determinable person such as name, address, nationality, E-mail address, interests and hobbies, user behaviour on websites). This privacy policy is based on the British Virgin Islands' Data Protection Act, 2021 which aims to meet the United Kingdom and European Union ("EU") Standards of data protection as established by the EU's General Data Protection Regulation (GDPR).

1 Controller, data protection officer and representative

(1) Mr. Allan Vergel, ATU General Trust (BVI) Limited, is the controller.

(2) The contact information of the data protection officer is as follows: info@atubvi.com, phone: +1 284 494 1122.

2 Collection of personal data and purposes of the processing

(1) We restrict the processing of personal data primarily to personal data that we receive in connection with our services and products from our clients, our collaboration partners or other persons involved, or which we collect on our website or applications from the users.

(2) In particular, we collect the following personal data from you on a case-specific basis and depending on the purpose (see below):

  • Salutation/title
  • Given name, family name
  • Address
  • E-mail address
  • Telephone number(s)
  • Date of birth
  • Place of birth
  • Nationality
  • Hobbies/personal interests
  • Tax identification number
  • Bank data
  • Family circumstances

(3) In addition, if permitted and appropriate, we obtain and process other data from publicly accessible sources (e.g. land registers, commercial registers, the media, the Internet, World-Check database) on a case-specific basis, or receive such data from other Group companies (, from authorities, from institutions e.g. banks, asset managers or auditors), from your personal environment such as family, legal advisors or other third parties.

(4) We require this data, in particular, to serve the following purposes:

  • to identify you as a client or collaboration partner
  • to correspond with you
  • to carry out our due diligence obligations
  • to comply with other legal provisions
  • to conclude and process service agreements, e.g. instructions regarding formation, mandate agreement, asset management agreement
  • to conclude and process purchase and sale agreements, e.g. for the purchase of products from suppliers or sale to interested parties
  • to render invoices
  • to provide other services from our company or, if applicable, in collaboration with third parties
  • to provide you with the best possible and customised services, and to further develop our service and product offers
  • to communicate with third parties
  • to evaluate and respond to applications
  • to promote and market our services and products (provided you have not indicated that you object to the use of your data for this purpose)
  • to enforce our legal claims or generally defend our position
  • to ensure our operation generally (e.g. IT, website, apps)
  • to conduct video monitoring as a security component for access management (including visitor lists or other access controls)
  • to ensure additional security aspects

(5) We only process your personal data if we have a legal (e.g. due diligence obligation) or contractual (e.g. instructions regarding formation) basis to do so, or the data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. We only process data apart from this if you have given your consent and have not withdrawn such consent or if a legitimate interest on our part takes precedence (e.g. continuing to send newsletters to existing clients provided that here too, consent has not been withdrawn). Consent may be withdrawn at any time.

(6) Your data is not subject to an automated evaluation process pursuant to Art. 22 GDPR. If such a process should be used in an individual case, we shall inform the person affected to the degree provided by law.

3 Recipients of personal data and data transmission abroad

(1) We only transfer your personal data to recipients or third parties in line with the above-described purposes, insofar as permitted and appropriate. Third parties may, in particular, include:

  • Group companies
  • Service providers such as banks, asset management companies, insurance companies, IT providers, printing companies
  • Suppliers, distributors, transport companies, subcontractors or other collaboration partners
  • Authorities, government institutions, courts
  • Associations, public interest institutions

(2) Any such data transfer is based on either a legal obligation (e.g. data transmission in the course of the automatic exchange of information), performance of a contract (e.g. asset manager abroad), your consent, a public interest or on the basis of a legitimate interest on our part, unless your interests or fundamental rights and freedoms in relation to the protection of personal data take precedence.

(3) Recipients may be at home or abroad. In particular, we would like to point out to you that we may exchange personal data within our Group companies or transmit personal data to countries in which service providers are located from which we obtain services (e.g. Microsoft).
In case of recipients outside our company in the EU/EEA or in countries which are recognised as having adequate data protection (e.g. Switzerland), we ensure data protection by concluding, if necessary and appropriate, contract data processing agreements. If we transmit personal data to third countries without adequate legal data protection, we ensure, in accordance with legal requirements, an adequate level of protection.

4 Use of our website

In addition to the above stated, we inform you as follows on the use of cookies, analytics/tracking or other technologies in connection with the use of our website:

(1) If the website is used for merely informational purposes (i.e. if you do not log in, register or otherwise transmit information), we do not collect any personal data with the exception of data that your browser transmits to enable you to use the website. This may include, in particular, the following data:

  • IP address
  • Date and time of the query
  • Time zone difference relative to Greenwich Mean Time (GMT)
  • Contents of the request (specific page)
  • Status of access/HTTP status code
  • Volume of data transferred each time
  • Website from which the request is made
  • Browser used
  • Operating system and its interface
  • Language and version of browser software

(2) Our website uses cookies. These are small text files that are stored on your terminal with the help of the browser. Cookies do not cause any damage.
We simply use them to make our offers more user-friendly. Some cookies remain stored on your terminal until you delete them. They enable us to recognise your browser when you next visit.
If you do not wish this, you may set your browser to notify you on the placement of any cookies and to enable you to accept them on a case-by-case basis only. However, we would like to point out that in this case, you may potentially not be able to use all of the functions of our website.

(3) If you complete a contact form or send us an email or another type of electronic message, your information will be used solely for the processing of your enquiry and any possible further associated questions and saved and processed only within the framework of the enquiry. Once your enquiry has been dealt with, we will delete your email address.

5 Storage period

As a general rule, we store your personal data for only as long as it is necessary for the purposes for which it was collected in accordance with this privacy policy. However, there may be cases where we are required by law or for evidence purposes within the framework of the statute of limitation to store certain data for a longer period of time. In such cases, we ensure that your personal data is handled in accordance with this privacy policy throughout the entire period. Once the business relationship has come to an end, this data is stored on the basis of the statutory provisions for at least 10 years.

6 Your rights

(1) You have the right to request information from us at any time and free of charge about your personal data stored with us, as well as its origin, recipients or categories of recipients to which this personal data is forwarded, and the purpose of its storage.

(2) You further have the right to request at any time that we rectify, erase – to the extent permissible by law –, or restrict the processing of your personal data. You also have the right to data portability.

(3) In addition, you have the right to object at any time to the processing of your personal data by us.

(4) If you have given us your consent to use your personal data, you may withdraw this consent at any time without having to provide reasons.

(5) You furthermore have the right to lodge a complaint directly with the Liechtenstein Data Protection Office: https://www.datenschutzstelle.li/

(6) If you would like to assert the above rights, please contact the address indicated in paragraph 1.

7 Data security

We provide for the latest technical measures to ensure data security, in particular to protect your personal data against risks in the case of data transmission and against the risk of third parties gaining knowledge of your personal data. These measures are continuously adapted to correspond to state-of-the-art technology.

8 Amendments

As part of the technical development of our range of services and the legal framework, we will amend our privacy policy on a regular basis. Amendments to the privacy policy will be published on our website. Therefore, please periodically read the most recent version of this privacy policy. Subject to the applicable legislation, all amendments to the privacy policy enter into effect as soon as the updated privacy policy is published. If we have already recorded data about you and/or are subject to a legal duty to provide information, we will notify you, in addition, about any major changes to our privacy policy and ask for your consent if this is required by law.