top of page

Privacy Notice

Compliancery Ltd (hereinafter the“Company” or “we” or “us”) is concerned about privacy issues and wants you to know how we are collecting, using, processing, disclosing and protecting your information in accordance with applicable law and the Mauritian Data Protection Act 2017.

​

The Company’s website is not intended for persons below the age of 18.

​

You agree to the collection and use of information in connection with this Privacy Notice (the “Notice”) if you are a data subject who chooses to use our services, purchase our product, is an employee, is in correspondence with us, or otherwise involved in the activities of the Company. Where the Company has a website, you will be requested to accept the terms of this Notice when visiting the website. However, where you do not consent to the collection and use of your information in certain circumstances, we may not be able to provide you certain products or services or react to a problem you raised.

​

You may not be asked for consent where the Company has a lawful basis for processing personal data, through performance of a contract, in compliance with legal requirements, for the protection of your vital interests as a data subject, for the performance of a task carried out in the public interest or the processing is necessary for other legitimate interests of us or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

​

The Company has the right at any time to update or modify this Notice. The most recent Notice will be updated on this page.

Personal Data We Collect

Personal data means any information relating to a data subject, as such term is defined under the Data Protection Act 2017. Personal data we collect includes, but is not restricted to:

Personal data such as criminal convictions and medical information are sensitive data according to the requirements under the Data Protection Act 2017 and as such are subject to enhanced security measures as required by the applicable law.

Use of Personal Data

To the extent permitted by law, we may use your information for purposes of operating our business and other legitimate purposes. We may use your personal information in the following ways:

​

  • Performance of a contract

  • To comply with a legal obligation

  • For recruitment and employment

  • To deliver services and products to you

  • To reply to your requests

  • Website- to know your preferences

  • Contacting you with information about our products and services

  • Sending you important notices

 

The purpose and retention conditions for which we collect the personal data will be stated in any consent form you are asked to accept or implied in any participation in a lawful basis for collection. Where we collect or use personal information other than as set out in this Notice, we will ensure that we do so in accordance with applicable law and the Data Protection Act 2017.

Disclosure of Personal Data

We may disclose to relevant authorities, our lawyers, auditors, insurers or to our third-party service providers your Personal Information:

​

  • With your consent; or

  • When it is required by law

  • To comply with law (judicial proceedings, court order, law enforcement, exercise our legal rights, defend against legal claim, request from public and governmental authorities)

  • When there is an investigation or in prevention, against illegal activities

  • When there is a suspected fraud

  • When there is a potential threat to a safety of any person

  • For the purposes set out in this Notice, to our affiliates

  • For due diligence procedures or tender award purposes

  • For promotional purposes

  • To our third-party service providers to provide service on our behalf, facilitate our service or perform related services

 

We ensure that any third-party processors we engage with are compliant with data protection regulations and have appropriate safeguards in place to protect your personal data. We conduct regular reviews and due diligence to ensure continued compliance with these regulations.

Retention of Personal Data

The Company only retains your personal data for a reasonable period and until the purpose for which the data was collected is achieved, including for the purposes of satisfying any legal, accounting, or reporting requirements. It is our policy to destroy personal information once we are no longer required to retain it by law or business.

 

Therefore, your personal data will be kept for the periods mentioned above or, where there is no fixed period, we shall apply market standards in assessing a retention period that complies with data protection regulations.

Third Party

The privacy practices and data protection policies of third parties are not covered by this Notice and cannot be controlled. Please read and refer to the third party’s privacy notice when you submit personal information to such a third party. In circumstances, we disclose your personal data to third parties for the purposes described in this Notice, they are bound by contractual obligation not to disclose or use the information for any other purpose.

 

If you choose to provide personal information of a third party (such as name, email and telephone number) to the Company, you represent and warrant that you have permission from the third party to do so (e.g. marketing material or job referrals). However, we do not accept any personal data of third party without the proof of consent.

Your Rights

The Company is committed to comply with regulations with respect to your rights. It is your responsibility as a data subject to assure that your information we collect is kept up to date and is accurate. The Company takes all reasonable step to discard or update any inaccurate data without delay.

You have certain rights in respect to how we use your personal data. These are:

  • to access the personal information we have about you as far as practical; unreasonable request, or information that is difficult or time consuming to retrieve, may be subjected to charges;

  • to amend your your personal data if they are not accurate, therefore it is your responsibility to submit correct and updated data to the Company and our responsibility is to update the data provided by you;

  • to have your personal data erased if the personal data collected, for the purposes for which it was collected, are no longer necessary, unless we are required by law to retain it;

  • to withdraw your consent whenever the Company processes your personal data based on your consent, subject to applicable laws;

  • to object to the processing of your personal data.

 

If you believe that the Company has not complied with your data protection rights, you have the right to make a complaint to the Mauritian Data Protection Office. You can contact them to the following address:

 

  • Data Protection Office

        Level 5, SICOM Tower,

        Wall Street, Ebene Cyber City, Mauritius

        Phone: +230 460 0251

        Email: dpo@govmu.org

Protecting Your Personal Data

The security of your personal data is important for us. We use appropriate methods to protect your personal data. The Company is compliant with the basic privacy and security principles such as access control to different categories of personal data, clear screen policy, clean desk policy, and lockable document storage cabinets. Wherever practical, we ensure that data is encrypted during transit and storage and that access to this data is strictly limited to a minimum number of individuals and subject to confidentiality obligations.

​

We also train our employees on privacy and security protection to raise awareness on personal data protection and to ensure the security of your personal data. Our personnel having access to your personal data are bound by a non-disclosure agreement with the Company.

Children's Personal Data

The Company is sensitive regarding children’s personal data, which is considered sensitive data. Children’s personal data is processed on the basis that controllers have obtained prior consent from their parents or guardians before collecting the data. The processing of children’s personal data shall be limited to reviewing customer due diligence documents within the scope of AML audits and client onboarding or ongoing monitoring.

Transfer of Data Outside Mauritius

By accepting this privacy notice, you consent to your personal data being processed or accessed outside Mauritius, where the Company’s affiliates, service providers, or business partners are located. This includes the storage of your data on Microsoft Exchange Servers. Whenever personal data is processed outside Mauritius, we implement appropriate safeguards to ensure that it is handled securely in accordance with our data protection policy and applicable laws. We use encryption where appropriate. The Company employs a wide range of legal mechanisms, such as standard contractual clauses with these parties, to ensure data is processed securely.

Contact Us

If you wish to exercise any of the above rights, if there are any questions regarding this Privacy Notice or if you have any complaints or concerns about privacy and want to contact the Company’s Data Protection Officer do not hesitate to contact us at:

 

  • Compliancery Ltd

       Data Protection Officer

       Residence Kensington Palms, Office 4

       Avenue Guy Forget

       Quatre Bornes, Mauritius

       dpo@compliancery.com

bottom of page