Privacy Policy

Berdain LLP ("Berdain LLP," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, store, share, and protect the personal data we obtain from you when you use our services or interact with our website (https://berdain-llp.com).

By using our services, you consent to the data practices described in this policy.

1. Information We Collect

We collect various types of information to provide and improve our services to you. This may include:

• Personal Identification Information: Name, date of birth, nationality, passport/ID details, residential address, email address, phone number, and other contact details.
• Financial Information: Bank account details, source of funds, financial statements, and payment information.
• Professional Information: Occupation, company name, business activities, and corporate structure details.
• Due Diligence Information: Information required for Know Your Customer (KYC), Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and Foreign Account Tax Compliance Act (FATCA) compliance, which may include criminal background checks, politically exposed person (PEP) status, and sanctions list checks.
• Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
• Usage Data: Information about how you use our website and services, such as pages visited, time spent on pages, links clicked, and navigation paths.
• Communication Data: Records of your correspondence with us, including emails, chat transcripts, and phone calls.

2. How We Collect Your Information

We collect information through various methods:

• Direct Interactions: You provide us with your personal data when you apply for our services, fill out forms on our website, communicate with us by phone, email, or otherwise, or provide us with due diligence documentation.
• Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical Data and Usage Data using cookies, server logs, and other similar technologies.
• Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties and public sources, such as:
  • Due diligence service providers (e.g., identity verification services, sanctions screening tools).
  • Public registries (e.g., company registries, electoral rolls).
  • Introducers or professional advisors (e.g., lawyers, accountants) with your consent.

3. How We Use Your Information

We use your personal data for the following purposes:

• To Provide Services: To deliver the services you have requested, including company formation, merchant account setup, nominee director services, offshore banking assistance, accounting, corporate secretarial services, virtual office, and gaming license assistance.
• To Manage Our Relationship: To manage our relationship with you, including notifying you about changes to our terms or privacy policy, responding to your inquiries, and providing customer support.
• For Legal and Regulatory Compliance: To comply with our legal and regulatory obligations, including KYC, AML, CTF, FATCA, and other anti-financial crime regulations. This involves verifying your identity, conducting background checks, and reporting suspicious activities to relevant authorities.
• To Improve Our Services: To analyze usage trends, troubleshoot problems, and improve the functionality and user experience of our website and services.
• For Marketing and Communication: To send you updates, newsletters, promotional materials, and other information that may be of interest to you, where you have consented to receive such communications. You can opt-out at any time.
• For Security and Fraud Prevention: To protect our services and systems from fraud, unauthorized access, and other security threats.
• For Internal Business Operations: For internal record keeping, auditing, and business analysis.

4. Disclosure of Your Information

We may share your personal data with the following categories of recipients:

• Our Affiliates and Group Companies: For internal administrative purposes and to provide integrated services.
• Service Providers: Third-party service providers who assist us in delivering our services, such as IT service providers, payment processors, due diligence providers, legal advisors, and auditors. These providers are contractually bound to protect your data and only process it according to our instructions.
• Governmental and Regulatory Authorities: When required by law or regulation, or to comply with a valid legal process (e.g., court order, subpoena), we may disclose your information to government agencies, regulatory bodies, tax authorities, or law enforcement. This includes reporting obligations under AML, CTF, and FATCA regulations.
• Financial Institutions: Banks and other financial institutions involved in setting up your offshore accounts or merchant facilities.
• Professional Advisors: Lawyers, accountants, and other professional advisors, where necessary for the provision of services or legal compliance.
• Successors in Business: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.

We will not sell, rent, or lease your personal information to third parties for their marketing purposes without your explicit consent.

5. International Data Transfers

As an offshore services provider, our operations often involve the transfer of your personal data to and from various jurisdictions around the world, including countries outside the European Economic Area (EEA) or the UK, where data protection laws may differ.

When we transfer your data internationally, we take appropriate safeguards to ensure that your personal data receives an adequate level of protection, such as:

• Transferring data to countries deemed to provide an adequate level of protection by the European Commission or the UK government.
• Using standard contractual clauses (SCCs) approved by the European Commission or the UK Information Commissioner's Office (ICO).
• Obtaining your explicit consent for specific transfers.

6. Data Security

We have implemented appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest where appropriate.
• Access controls and authentication procedures.
• Regular security assessments and vulnerability testing.
• Employee training on data protection and security.
• Physical security measures for our premises and data storage facilities.

Despite our efforts, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

7. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Typically, we retain client records and due diligence information for a period of five to seven years after the termination of our client relationship, as required by AML/CTF regulations and other relevant laws.

8. Your Rights

Depending on your jurisdiction and applicable data protection laws (e.g., GDPR), you may have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): Request the deletion of your personal data under certain circumstances.
• Right to Restrict Processing: Request the restriction of processing of your personal data under certain circumstances.
• Right to Object to Processing: Object to the processing of your personal data for direct marketing purposes or on grounds relating to your particular situation.
• Right to Data Portability: Request the transfer of your personal data to another organization or directly to you, in a structured, commonly used, machine-readable format.
• Right to Withdraw Consent: Withdraw your consent at any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
• Right to Lodge a Complaint: Lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

To exercise any of these rights, please contact us using the contact details provided below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

9. Third-Party Links

Our website may contain links to third-party websites. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party websites you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: