Privacy and Security Statement
Bespoke Financial Services – Privacy and Security Statement
Bespoke Financial Services (“Bespoke”) has prepared this Privacy and Security Statement in accordance with the Protection of Personal Information Act No.4 of 2013 (“POPIA”). The purpose of this Privacy and Security Statement is to outline how we collect, use, store, share and otherwise process personal information and rights in relation to that information.
Bespoke provides investment advisory and intermediary services. All of the personal information we collect or is provided to us, directly or indirectly, is necessary for and/or relates to the delivery of our services or products. We do not process personal information for reasons other than for legitimate business and other lawful purposes.
When you become a Bespoke client
When you become a client of Bespoke and over the course of our relationship with you, we will obtain your personal information and/or the personal information of your representatives or office bearers. Most of the personal information we collect is necessary for us to comply with our legal obligations or other legitimate business purposes.
The collection of this information is mandatory (unless otherwise indicated) and if you don’t supply the information, we will not be able to enter into a contract and/or business relationship with you, or otherwise provide you with a product or service.
There may be circumstances in which the supply of certain personal information is voluntary, enabling you to choose how much information you provide to us. Please note that when you elect not to supply us with voluntary information, this may affect the quality of the service or information we are able to provide to you.
Where do we get your information from?
The main source of the personal information we have about you, originates from you. We collect this information as part of our client/supplier on-boarding process and when you correspond with us (via our website, email or telephonically). We rely on you to let us know when your personal information changes. We may also obtain your personal information from third parties.
These include, but are not limited to, parties that:
-
supply information to assist us to monitor and prevent money laundering and financial crime
-
obtain background, criminal and/or credit checks, where applicable
-
have been appointed by you to manage investments/business on your behalf or are entitled by law to do so
We may also source information on you that is available in a public record to assist us in complying with our regulatory, legal, and contractual obligations.
What do we use your personal information for?
We use your personal information to enable us and our service providers to deliver the product or service you have requested, and to fulfill our contractual and legal obligations.
This may include, but is not limited to:
-
Onboarding you as a new client – processing your instructions or otherwise provide a service to you, enabling payments to be made, investigating complaints, sharing your information internally or with our service providers that we rely on to deliver the product/service, and generally for the purposes of meeting our responsibilities to you and the administration of any agreement that we have concluded with you;
-
Onboarding you as a supplier – enabling payments to be made and generally for purposes related to the administration of your agreement with us;
-
Helping us identify you when you contact us and for communicating with you (including for the purposes of sending required reports and other information, and responding to your requests);
-
Ensuring you meet the requirements for investment into a particular product;
-
Providing you with publications (including, without limitation, articles, bulletins, podcasts, greeting cards, visual or audio recordings of webinars) and/or invitations to attend and/or participate in any Bespoke events;
-
Enabling us to trace you (or your beneficiaries’ whereabouts) when necessary;
-
Helping us to detect and prevent fraud, money laundering and financial crimes (including providing personal information to third parties who assist with the verification of your information or the obtaining of additional information as is needed for us to meet regulatory obligations);
-
Meeting our contractual, legal and regulatory obligations (including providing personal information to third parties, such as local and/or international governmental, regulatory and non-regulatory bodies, law enforcement agencies and any other person with whom we are required, by law, to share the information);
-
For any other purpose related to us conducting our business, including:
-
keeping and maintaining financial, client and operational records (including sharing personal information with third parties that provide us with professional or recordkeeping services);
-
general administration, financial and tax purposes, and to enable us to transact with third-party service providers;
-
the management and auditing of our business systems and operations;
-
business continuity and disaster recovery purposes;
-
enabling us to adhere to best practice guidelines, where appropriate.
When do we share your information, and with whom?
Bespoke will not sell, rent out or trade your personal information with anyone. We will, however, disclose information under certain circumstances (including, for example, to comply with our legal, regulatory and contractual obligations) and in order to exercise or defend Bespoke’s rights and property.
We may share your personal information with the following categories of recipients:
-
Foreign and local governmental and regulatory bodies, financial and non-financial regulators and ombudsmen, commissions of inquiry, law enforcement agencies, industry bodies, and any other person with whom we are required, by law, to share the personal information;
-
Your authorised representatives and agents;
-
Contracted third-party service providers that enable us to deliver a product or service to you or provide a product or service to us, to enable and/or enhance the functioning of our business;
-
These include, but are not limited to, parties that provide the following types of services:
-
Fund administration
-
Capturing, organising, reporting, printing and storing of data and/or records
-
IT, information systems and security
-
Professional services providers (for example auditing firms)
-
Communications
-
Conducting AML and FICA-related checks or otherwise assisting with establishing and/or obtaining additional information on you and your affiliated parties, or assisting with the prevention of fraud and/or financial crime
-
Customer satisfaction, quality assurance and research services
-
Health and safety
-
Facilities management
-
Event organisation
-
Marketing and advertising
-
Banking, trading and transaction services
-
Staff augmentation
We are not able to control all processing of your personal information by third parties, particularly in cases where those parties are not our contracted service providers, like regulators for instance, or where you instruct us to provide your personal information to another party on your behalf). We take all reasonable measures to ensure that the third parties that we contract with have appropriate security and privacy safeguards in place.
Do we transfer personal information outside of South Africa?
Bespoke may transfer your personal information outside the borders of South Africa but will only do so in accordance with the requirements of POPIA. Steps are taken to ensure that the third parties we use are bound by laws, binding corporate rules or binding agreements that provide an adequate level of protection and uphold principles for reasonable and lawful processing of personal information referenced in POPIA.
Cookies
We do not make use of “cookies” on this website.
The “Contact Us” section of our website
When you use the “Contact Us” section of our website, we collect the personal information you provide to us to respond to you and for further communications with you. We may share your personal information with third parties that enable us to address your query accurately and completely. If your personal information is sent cross-border, this will be done in compliance with POPIA.