Purpose

In our dealings with you, we are called upon to process your personal data. The purpose of this Data Protection Notice is to explain to you:
1. Who we are and how we may be contacted;
2. The categories of personal data we collect;
3. The purpose for which we collect your personal data and the lawful basis for such collection;
4. The intended recipients of the personal data;
5. Whether the supply of personal data is voluntary or mandatory;
6. Your rights relating to your personal data being processed by us;
7. The possible existence of automated decision making in respect of your personal data;
8. The period for which we will store your personal data;
9. Whether, and in what circumstances, we may transfer your personal information to another country, and the safeguards we have put in place in relation to such transfer; and
10. How we conduct direct marketing.

Application

This Data Protection Notice applies to any processing of your personal information by us, whether such information is provided to us through our website, by email, through the filling of forms (including employment-related ones), through the exchange of contractual documents, by letter or fax, verbally, or through any other means.
By entering into a business relationship with us, or by providing your personal data to us, you confirm that you are agreeable to the processing of your personal data in accordance with the terms of this Data Protection Notice.

Technical terms

We have tried to use simple and plain English as far as possible in this Data Protection Notice. However, data protection is a complex subject and the use of technical terms from time to time is inevitable. We have therefore set out below definitions of the technical terms we have used in this document:
“Personal data”: Any data which allows or could allow us to identify you.
“Processing”: Any manipulation of personal data, including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1. Who we are and how we may be contacted

Details about us and how we may be contacted are set out in the table found in the schedule of this Data Protection Notice (the “Information Table”).
We have appointed a Data Protection Officer to monitor the adherence to data protection principles within our organisation. His name and contact details are also set out in the Information Table. You may wish to contact him if you have any query regarding this Data Protection Notice or any other matter relating to your personal data.

2. The categories of personal data we collect

2.1. Categories

The categories of personal data we collect are set out in the Information Table.
While we have attempted to make the list as exhaustive as possible, there is a possibility we may have omitted come categories due to the complexity of our organisation and the intricacies of our operations. We encourage you to get in touch with our Data Protection Officer if you find that any of your personal data which we collect is not listed in this Data Protection Notice. We will then
endeavour to promptly amend this Data Protection Notice accordingly.

2.2. Personal data of children

We do not knowingly process data relating to a child under the age of 16, without the consentnof his parents or guardians. If you are a child under the age of 16, please ensure that you (a) obtain the consent of your parents or guardians before providing such data to us; and (b) provide a record of such consent to us.
If you provide us with the personal data of another person, you are responsible for ensuring that such person is made aware of the information contained in this Data Protection Notice and that the person has given you his consent for sharing his personal data with us.

2.3. Special categories of personal data

Special categories of personal data are data pertaining to racial or ethnic origin, political opinion or adherence, his religious or philosophical beliefs, membership of a trade union, physical or mental health or condition, sexual orientation, practices or preferences, genetic data or biometric data uniquely identifying someone or data relating to the commission or alleged commission of an offence.
We do not collect any of your personal data which falls within the special categories of personal
data, unless:
(a) you have consented to the processing for one or more specified purposes;
(b) the processing is necessary:
(i) for the performance of a contract to which you are a party or in order to take steps
at your request before entering into a contract;
(ii) for compliance with any legal obligation to which we are subject;
(iii) for the purpose of historical, statistical or scientific research; or
(iv) for such other legitimate purposes as may be authorised by law.
The special categories of data which we may collect, in accordance with the above terms,
are set out in the Information Table.

2.4. Cookies

Please note that we collect information via cookies and other similar technologies (such as web beacons).

Cookies are small text files that are automatically placed on your computer or mobile device when you visit a website. They are stored by your internet browser. Cookies contain basic information about your use of the internet. Your browser sends these cookies back to our website every time you visit it, so it can recognise your computer or mobile device and personalise and enhance your browsing experience.

We invite you to read our Cookie Policy if you wish to further understand our use of cookies
in relation to your personal data.

3. The purpose for which we collect personal data and the lawful basis for such collection

3.1. Purpose

We collect personal data for a number of purposes, including:
(a) to provide services to our clients. You will find a brief description of the services we provide in the Information Table;
(b) to enter into contractual relationships with suppliers and service providers and execute such contracts;
(c) to keep a database of clients and potential clients to communicate with in respect of our services and matters related thereto;
(d) to comply with our legal obligations towards authorities, including the Mauritius Revenue Authority, the Registrar of Companies and the regulators;
(e) to keep a database of candidates who have sent CVs to us, for potential future use;
(f) to keep appropriate employment-related information on employees;
(g) to provide facilities and benefits to our employees;
(h) for security purposes;
(i) to generate statistics and reports on different aspects of our business; and
(j) for such other purposes as may be related, directly or indirectly, to our business activities.

3.2. Lawful basis

The law (a) provides that we cannot process personal data unless we have a lawful basis for such processing; and (b) lists a number of lawful bases for the processing of data.
The lawful bases which apply to our processing of your personal data are as follows:
(a) your consent having been obtained; and/or
(b) the processing being necessary:
(i) for the performance of a contract to which you are a party or in order to take steps at
your request before entering into a contract with you; and/or
(ii) for compliance with any legal obligation to which we are subject; and/or
(iii) for the purpose of historical, statistical or scientific research; and/or
(iv) for the legitimate interests pursued by us (except if the processing is unwarranted in
any particular case having regard to the harm and prejudice to your rights and
freedoms or legitimate interests).

4. The intended recipients of the personal data

The primary purpose of collecting your personal data is for our own uses, in connection with our business relationship with you. In this context, we may disclose your personal information to our collaborators, including our employees, consultants, advisors, directors and service providers who need to access the personal data.

However, we may also be required to disclose your personal data to third parties to comply with our legal obligations. Such third parties may include the Registrar of Companies, the Mauritius Revenue Authority, the Stock Exchange of Mauritius Ltd, the Financial Services Commission and other government authorities. As you are aware, we form part of the Rogers Group. In this context, we may, from time to time, disclose your personal information to other companies forming part of the Rogers Group. The objective of this disclosure is to develop a centralised database of clients, which would
help the Rogers Group better identify your needs and provide tailor-made packages and services to you. If you do not wish that your personal data be communicated to other companies within the Rogers Group, we encourage you to notify our Data Protection Officer as soon as possible.

5. Whether the supply of personal data is voluntary or mandatory

The provision of personal data is of course entirely voluntary. You are free to choose whether to provide your personal data to us or not. Please note however that if you choose not to provide your personal data to us, we may not be able to provide certain services to you or enter into a contractual relationship with you.

6. Your rights relating to your personal data being processed by us

The law confers upon you a number of rights relating to the personal data being processed by us. These rights are set out below. If you wish to exercise any of the said rights, we encourage you to contact our Data Protection Officer.

6.1. Right to withdraw consent at any time

Where we process your personal data on the basis of your consent, you may withdraw such consent at any time. The withdrawal of your consent will not affect the lawfulness of any processing done by us prior to such withdrawal.
Please note that withdrawing your consent may result in us not being able to provide certain services to you or enter into a contractual relationship with you.

6.2. Right of access

You may request a copy of the personal data we hold about you. Kindly ensure that such request is made in writing to our Data Protection Officer.
Please note that if, in our opinion, your request is manifestly excessive, we may either not attend to your request or charge a fee for attending to same.

6.3. Rectification, erasure or restriction of processing

You may also, at any time, request:
(a) to have any inaccurate personal data we hold on you corrected. This includes the right to supplement and/or update existing personal data provided to us;
(b) that we erase any personal data we hold on you where (i) such data is no longer necessary in relation to the purpose for which it was collected or otherwise processed; (ii) you have withdrawn your consent to us holding and processing such data and there are no overriding legitimate grounds for the continued processing; or (iii) your personal data has been unlawfully processed. You will understand that this right is not absolute and that it will not be applicable where the exceptions provided for by law apply, including where our processing of your personal data is necessary for the purpose of historical, statistical or scientific research or for compliance with a legal obligation or for the establishment, exercise or defence of a legal
claim;
(c) us to restrict processing of your personal data where (i) the accuracy of your personal data is contested by you. This restriction will apply for such period as may be necessary to enable us to verify the accuracy of the data; (ii) we no longer need the personal data for the purpose of processing; (iii) you deem the processing of your personal data to be unlawful, but do not wish us to erase it; or (iv) you have objected to the processing of your data. Such restriction will apply pending verification as to our legitimate grounds to keep processing the personal data, despite your objection.

6.4. Right to object

You have the right to object to our processing of your personal data at any time. Upon receiving
such objection, we will stop processing your personal data, except where there are compelling
legitimate grounds to continue such processing;

6.5. Right to lodge a complaint

If you feel that we have not processed your personal data lawfully, please do feel free to contact us through our Data Protection Officer.
If you remain unsatisfied, you may lodge a complaint with the Data Protection Commissioner in Mauritius. Her contact details are as follows:

Address: 5th Floor, SICOM Tower, Wall Street, Ebène
Email address: dpo@govmu.org
Phone number: + (230) 460-0253
Fax: + (230) 489-7346

7. The possible existence of automated decision making in respect of your personal data

Unless one of the following exceptions apply, we will not process your personal data in such as way to subject you to a decision which produces legal effects concerning you or which significantly affects, you, based solely on automated processing, including profiling:
(a) where the decision is necessary for entering into, or performing, a contract between us;
(b) where the decision is authorised by a law to which we are subject and which lays down
suitable measures to safeguard your rights, freedoms and legitimate interests; or
(c) where the decision is based on your explicit consent.

8. The period for which we will store your personal data

The law provides that where the purpose for keeping any personal data has lapsed, we should destroy the data as soon as reasonably practicable.
We will keep storing your data for as long as is necessary:

(a) for us to fulfill the purposes we collected it for;
(b) for the performance of any contract which may exist between us;
(c) for us to share with you the latest news regarding our organisation and our services;
(d) for us to keep a record of your preferences in order to service you again on future occasions;
(e) for us to satisfy any legal requirement, including statutory reporting obligations;
(f) for the keeping of adequate records for historical, financial or statistical purposes;
(g) for security purposes;
(h) for the prevention of fraud and abuse; and
(i) for us to defend or enforce our rights.
We wish to draw your attention to the fact that the legal prescription period in Mauritius (i.e. the period during which one party may sue another after the happening of an event) is 10 years for non-immovable-property-related matters. Depending on the nature of our relationship with you, we may, in this context, also choose to keep your personal data for at least the legal prescription period in order to be able to defend or enforce our rights.
In some circumstances, we may anonymise your personal data by pseudonymisation or encryption, such that the personal data can no longer be associated with you, for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. Whether, and in what circumstances, we may transfer your personal information to another country, and the safeguards we have put in place in relation to such transfer

Please refer to the Information Table.

10. How we conduct direct marketing

You may from time to time receive communication of advertising or marketing material from us (“Direct Marketing”) if:
(a) you have given your consent;
(b) you asked for a quote or other information on us;
(c) you have, at any time, purchased goods or services from us and have not opted out of
receiving advertising or marketing material;
(d) you have entered into a contractual relationship with us; or
(e) you have provided us with your personal data when you entered a competition or registered for a promotion.
You have the right, at any time, to object to the processing of your personal data for direct marketing purposes. Where we receive such an objection from you, we will stop processing your data for direct marketing purposes.

11. Queries

If you have any queries on this Data Protection Notice, we encourage you to get in touch with us through our Data Protection Officer.

Schedule
The Information Table

Who we arePlease refer to Annex A below for the list of our entities.
Our contact detailsAddress: Rogers House, No. 5 President John Kennedy Street, Port
Louis, Mauritius
Telephone number: 230 2031100
Fax number: 230 2031150
Email address: contact@rogerscapital.mu
Our Data Protection
Officers
Ms Sooraiya Capery, Ms Nasreenbhai Adam Essack and Ms
Mukshina Ramlochun
Their contact details are the same as above.
The categories of
personal data we
collect (including the
special categories of
personal data)
Please refer to Annex B below.
Our servicesPlease refer to Annex A below for the list of our entities and their
corresponding activities.
Transfer of personal
data to another country
We endeavour to ensure that whenever we transfer personal data to
other countries, the recipients of such personal data comply with all
applicable data protection laws and principles.

Annex A
The List of entities that form part of the enterprise

EntityBusiness Activity
Rogers Capital Corporate Services Limited
(“RCCS”)
Management of Companies, Accounting and
Tax Services
Rogers Capital Fund Services Ltd (“RCFS”)Management of Companies, Accounting and
Tax Services
Rogers Capital Trustees Services LtdCorporate Trusteeship
Rogers Capital Nominee LtdNominee shareholding for companies under the management of RCFS
Rogers Capital Nominee 1 LtdNominee shareholding for companies under the management of RCCS
Rogers Capital Nominee 2 LtdNominee shareholding for companies under the management of RCCS
River Court Nominees LimitedNominee shareholding for companies under the management of RCCS
Rogers Capital City Executives LtdCorporate directorship for Global Business
Category 2 companies under the management
of RCCS and RCFS
Rogers Capital Corporate Services (Seychelles)
Ltd
Management of Companies incorporated in
Seychelles
Globefin Management Services Limited (“GMS”)Management Company
Globefin Corporate Services LtdCompany secretarial services to domestic
companies
Globefin Nominees LtdNominee shareholding for companies under the management of GMS
Rogers Capital Specialist Services LtdInvestment Holding
Rogers Capital Captive Insurance Management
Services Ltd*
Insurance Manager and Captive Insurance
Agent
Rogers Capital Business Services LtdOutsourcing services
Rogers Capital Accounting Services LtdAccounting and related services
Rogers Capital Payroll Services LtdPayroll and related services
Rogers Capital Corporate Services Pte (Singapore) LtdAdministration of companies incorporated in
Singapore

*This entity is managed by Rogers Capital Corporate Services Limited and therefore has been included as part of this Data Protection Notice.

Annex B
The categories of personal data we hold

Categories of personal dataExamples
Identity- First name
- Maiden name
- Last name
- Username or similar identifier
- Marital status
- Job title
- Date of birth
- Gender
- Signature
- National Identity Card
- Passport
- Proof of Address
- Bank Reference Letter
Contact detailsEmail Address
- Telephone numbers
- Fax numbers
- Address
- Telephone number of next of kin for emergency
purposes
Financial- Credit/Debit card numbers
- Payment card details (including security code
numbers) and other related billing information
- Bank details
- Payment card details
- Details of source of funds and source of wealth
- Salary details
Transactional- Payments to and from you
- Services/goods purchase history
TechnicalInternet Protocol (IP) address
- Login data
- Browser type and version
- Time zone setting and location
- Browser plug-in types and versions
- Operating system and platform
- Other technology on the devices used to access our
website
- Traffic data
Preferences and interests- Hobbies
- Dietary requirements
Usage- Information about how you use our website and
service (You may also wish to consult our Cookie
Policy).
Additional information we collect if your
relationship with us is an HR-related
one (solicitation, recruitment or
employment)
Qualifications and related details
- CVs
- Records of past employment including previous salary
- Employment records, including remuneration details,
attendance records, performance-related information
- Fingerprints, if we operate a fingerprint-based access
systems
- Contact details of next of kin for emergency purposes
Special categories of personal data Criminal records, including certificate of character (for
HR purposes and to meet our obligations towards the
Financial Services Commission)
- Health records (if you are an employee and are or
wish to become a member of Rogers Pension Fund or
Rogers Group Provident Association)
OthersPhotographs
- Videos, including where we operate CCTV
surveillance systems