Client Data Protection Privacy Notice 

This notice explains what personal data (information) we hold about you, how we  collect it, and how we use and may share information about you during your contract  and after it ends. We are required to notify you of this information under data protection  legislation. Please ensure that you read this notice (sometimes referred to as a privacy  notice’ or ‘privacy policy’) (the ‘Notice’) and any other similar notice we may provide to  you from time to time when we collect or process personal information about you. 

This Notice also explain what your rights are in relation to any personal data about you  that is processed by us. 

Who collects the information? 

Scott Le Breton Limited is a data controller and gathers and uses certain information  about you.  

Relevant Law  

The way in which we process personal data is governed by data protection law, which  includes the Data Protection (Jersey) Law 2018 (the ‘DPJL 2018’), the Data Protection  Authority (Jersey) Law 2018 (the ‘Authority Law’) and, where relevant, the General Data  Protection Regulation (EU) 2016/679 (‘GDPR’). 

Data protection principles 

We will comply with the data protection principles when gathering and using personal  information. 

What information 

We process data in order to set up a contract for a service you have requested us to  provide.  

  • Your name, contact details (i.e. address, home and mobile phone numbers,  email address) 
  • Project contract information 
  • Information to meet legal and regulatory requirements and to allow us to check  and verify your identity prior to engagement, including information on source of  funds and source of wealth 
  • We may collect information such as your business contact details if we meet  you in person, or at a telephone, or online meeting (including images or video  obtained during visits to events hosted by us or in which we are involved)
  • Any other information you may provide to us including that which you provide by  filling in the contact form on our website. 

How we collect the information 

We will usually collect most information from you directly. However, we may also  collect information from: 

  • Publicly accessible sources, website, the Public Registry 
  • From your colleagues or third-party business contacts who have referred you to  us, or put you in touch with us; 
  • From a third party with your consent (e.g. Engineer, Architect);  
  • From automated monitoring of our websites and other technical systems, such  as our computer networks and connections, CCTV and access control systems,  communications systems, remote access systems, email and instant  messaging systems, intranet and Internet facilities, telephones, voicemail,  mobile phone records. 

Why we collect the information and how we use it 

We will typically collect and use this information for the following purposes: To enter into client relationships and provide the services you have asked us to  provide 

  • To notify you about goods or services and updates about relevant industry  developments and our services, which may be of interest to you. 
  • To process invoices for payment.  

We seek to ensure that our information collection and processing is always  proportionate. We will notify you of any material changes to information we collect or to  the purposes for which we collect and process it. 

How we may share the information 

We may need to share some of the above information with other parties such as: Any sub-contractors, agents or professional service providers 

  • Law enforcement agencies where considered necessary for me to fulfil legal  obligations applicable to it 
  • Regulators or other governmental or supervisory bodies with a legal right to the  material or a legitimate interest in any material. 

Where we enter into an engagement with a third party pursuant to which data may be  processed by that third party, we will impose contractual obligations on them to ensure  that they are only allowed to use your information to complete the tasks we have asked  them to carry out and that they take appropriate measures to protect your personal  data. 

We may also disclose your personal data to third parties: 

  • If we are under a duty to disclose or share your personal data in order to comply  with any legal obligation, or in order to enforce any agreement with you; or To protect our rights, property, or safety or that of our employees or any third  party we interact with.

Other than as set out above, and save insofar as is necessary in order for us to carry out  our obligations arising from any contracts entered into between us and you, we will not  share your data with third parties unless we have procured your express consent to do  so. 

Where information may be held 

Information may be held in physical and digital form at our offices and third party  agencies, service providers, representatives and agents as described above. Information is stored inside a secure office with limited access, and on password  protected secure systems and servers. 

How long we keep your information 

We keep your information during and for up to 10 years after all of the project has been  completed, or for no longer than is necessary for the purposes for which the personal  information was collected. 

Your rights 

Under data protection legislation, you have various rights in connection with any  personal data about you that is processed by us as data controller. These include rights  to: 

  • Access to your personal data and to certain other supplementary information  that this notice is already designed to address 
  • Require us to correct any mistakes in your information which we hold Require the erasure of personal data concerning you in certain situations Receive the personal data concerning you which you have provided to us in a  

structured, commonly used and machine-readable format and have the right to  transmit those data to a third party in certain situations 

  • Object at any time to processing of personal data concerning you for direct  marketing 
  • Object to decisions being taken by automated means which produce legal  effects concerning you or similarly significantly affect you 
  • Object in certain other situations to our continued processing of your personal  data 
  • Otherwise restrict our processing of your personal data in certain circumstances Claim compensation for damages caused by our breach of any data protection  laws. 

Further information on those rights can be found on the website of the Jersey Office of  the Information Commissioner: www.jerseyoic.org 

If you would like to exercise any of those rights, please call, email or write to us. We are  obliged to respond to your request. 

Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from  being accidentally lost, used or accessed in an unauthorised way. We limit access to  your personal information to those who have a genuine business need to know it. Those 

processing your information will do so only in an authorised manner and are subject to  a duty of confidentiality. We also have procedures in place to deal with any suspected  data security breach. We will notify you and any applicable regulator of a suspected  data security breach where we are legally required to do so. 

Unfortunately, the transmission of information via the internet is not completely  secure. Although we will do our best to protect your personal data, we cannot  guarantee the security of your data transmitted to our website; any transmission is at  your own risk. Once we have received your information, we will use strict procedures  and security features to try to prevent unauthorised access. 

Our website may, from time to time, contain links to and from other websites including  the websites of our clients or partners who have provided feedback or testimonials;  industry-related websites such as: or networking or social media websites such as  LinkedIn and Twitter. If you follow a link to any of these websites, please note that these  websites have their own privacy policies and terms of use and we do not accept any  responsibility or liability for these policies and terms of use. Please check these  policies before you submit any personal data to these websites. 

How to complain 

You can also complain to the Jersey Office of the Information Commissioner (JOIC) if  you are unhappy with how we have used your personal data. 

JOIC’s address: 

2nd Floor
5 Castle Street
St. Helier
Jersey
JE2 3BT 

enquiries@jerseyoic.org
+44 (0) 1534 716530 

Changes to this Notice 

We reserve the right to modify this notice at any time. 

Last updated: 9 July 2025