Rock Trustees Limited is committed to processing your personal data in accordance with Guernsey data protection laws and the new General Data Protection Regulation (GDPR) which was implemented in Guernsey and the EU from 25th May 2018. Please read the following policy to understand how your information will be treated.

Who We Are

Rock Trustees Limited gathers and processes your personal information in accordance with this privacy notice and in compliance with the relevant data protection regulation and law. This notice provides you with the necessary information regarding your rights and obligations, and explains how, why and when we collect and process your personal data.

Rock Trustees Limited registered office is at 31 Mill street, St Peter Port, Guernsey, GY1 1HG. We are a company registered in Guernsey under the GFSC, our company number is 44219 and we act as the data controllers. Our designated compliance officer for the organisation is ELM Compliance.

Information That We Collect

Rock Trustees Limited may collect your personal data in a number of ways, this can include:

  1. From telephone calls or emails
  2. When you sign up to our website
  3. When you enter into an agreement with us
  4. When you enquire about our services
  5. From third party introducers or agencies
  6. From public sources e.g. Companies House

The personal data that we may collect from you is: –

The information we collect when using our website:

You are not required to provide any personal information on the public areas of our website. However, you may choose to do so by completing forms on various sections of our website, including:

How We Use Your Personal Data

It may be necessary for you to give us your personal data so that we can provide you with any requested products and services; fulfil any contractual relationship with you, as a result of applicable laws, regulations and/or codes of practice and for any other purposes as set out in this notice.

We will use this data to:

  1. verify your identity
  2. verify the accuracy of the data you have provided to us
  3. provide products and/or services requested by you
  4. manage your accounts
  5. manage any contractual relationship with you
  6. detect and prevent fraud and money laundering
  7. comply with applicable laws, regulations and/or codes of practice

Consequences of Not Providing Your Data

You are not obligated to provide your personal information to Rock Trustees Limited; however, as this information is required for us to provide you with our services, we will not be able to offer some/all of our products or services without it.

Your Right of Access, Right to Erasure and Data Portability

You have the right to access any personal information that Rock Trustees Limited processes about you and to request information about: –

If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to update/correct it as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure of your personal data or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use.

Furthermore you have a right to request that we transfer your personal data from one data controller to another, this is known as data portability and can be provided in certain circumstances.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request; this is to ensure that your data is protected and kept secure.

Sharing and Disclosing Your Personal Information

Rock Trustees Limited uses a third parties to provide IT and compliance services (the names/contact details are listed below), however all processors acting on our behalf only process your data in accordance with instructions from us and comply fully with this privacy notice, the data protection laws and any other appropriate confidentiality and security measures.

Amazon EC2 Glacier Storage:

We use this company for data storage and back-up of our network systems. The hardware is based in Ireland on a secure cloud system. The data is only accessible via a secure encrypted connection with secure keys.

For more information about Amazon EC2, please read their Privacy Notice at:

ELM Compliance:

We also outsource our compliance to ELM Compliance in Guernsey, they do compliance checks quarterly. They will ask us to view specific files, we have to agree to this and they have restricted access to these files.

For more information about ELM Compliance, please refer their website

Transfer of Personal Data outside the European Economic Area (“EEA”)

We may transfer your personal data to recipients who may carry out services on our behalf located in countries outside of the EEA, including in South Africa.  If we transfer your personal data to a country where the data privacy laws are not equivalent to those in the EEA, we will take all necessary steps to protect your personal data in accordance with applicable data privacy laws.

How Long We Keep Your Data

Rock Trustees Limited only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. We are required under Guernsey tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed. During the time that we hold your data we will take steps to protect your personal data against loss or theft, as well as from unauthorised access, disclosure, copying, use or modification, regardless of the format in which it is held.

Lodging a Complaint

Rock Trustees Limited only processes your personal information in compliance with this privacy notice and in accordance with the relevant data protection laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint with the supervisory authority.

All complaints should be addressed to Dean Southern, Data Protection manager, whose contact details are:

Address: Rock House, Sark, GY10 1SB

Email Address:

Telephone: 01481832901

In the event your complaint is in relation to Dean Southern, or to a matter which is under his supervision please contact his nominated alternate Lauren Ker, Managing Director ( All complaints will be conducted in accordance with RTL’s Complaints procedure. Alternatively, Clients are also entitled to make a complaint to the Guernsey Financial Services Commission.

Revisions to this policy

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes.

If you have any questions in relation to this policy, please contact us at

Disclosure Policy:

The content of this website, its design, layout, look, appearance, graphics, text, visual images and other materials remain the property of Rock Trustees Limited and are protected by all applicable copyright laws and international treaties.

No permission is granted to copy, modify, upload, post, publicly display or perform, frame, produce derivative works from, distribute or otherwise transmit the content of this website except for informational purposes only.

The use of the internet to transfer information is not secure. Whilst we do our best to maintain security within our website and to safeguard your personal information, we cannot ensure or warrant the security of any information which you may transmit to us.