Privacy Policy

In line with the European Union’s General Data Protection Regulation (GDPR) a new and more appropriate legislation was implemented in Mauritius, the Data Protection Act 2017, giving individuals more control and personal autonomy over their personal data.

In order to service our clients, Lemuel Corporate & Trust Management Ltd (hereinafter “Lemuel” “we” or “us”) collects personal data from individuals while being compliant with the new regulations. As a registered Data Controller with the Data Protection Office, we are subject to a range of statutory requirements.

Lemuel wants to ensure a high level of data protection as privacy is a cornerstone in gaining and maintaining the trust of our clients, employees and suppliers and thus, ensuring Lemuel’s business in the future.


For the purposes of this policy, the terms below have the following meaning.

Personal data: Any information which may be related to an identified or identifiable natural person.

Data subject: An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, phone number, age, gender, an employee, a job applicant, clients, suppliers and other business partners. This also includes special categories of personal data (sensitive personal data) and confidential information such as health information, account number, identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: An operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as, collection, recording, organization, structuring, storage, restriction, erasure or destruction, use, etc.

Data Controller: A person who or public body which, alone or jointly with others, determines the purposes and means of processing of personal data and has decision making power with respect to the processing.

Processor: A person who, or a public body which, processes personal data on behalf of a data controller.

Data Subjects and Processing of Personal Data

This Privacy Policy, along with guidelines for processing of personal data, constitutes the overall framework for processing of personal data within Lemuel. Although, information regarding companies/businesses is not as such, personal data, please note that information relating to contacts within such companies/businesses, e.g. name, title, work email, work phone number, etc. is considered personal data.

Lemuel collects and uses personal data for a variety of legitimate business purposes, including establishment and management of customer and supplier relationships, completion of purchase orders, recruitment and management of all aspects of terms and conditions of employment, communication, fulfilment of legal obligations or requirements, performance of contracts, providing services to clients, etc.

Processing covers any activity involving Personal Data and includes but shall not be limited to the collection, recording, storage, adaptation, use, disclosure to authorized parties and permanent destruction of Personal Data.

Personal data shall always be:

  1. processed lawfully, fairly and in a transparent manner;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that Personal Data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay;
  5. kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data is processed;
  6. processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

We also make sure that your Personal Data is securely stored within our database and will not be freely shared except when required by Regulators or by institutions for a defined purpose where you are informed of first, e.g. this could be a bank for a bank account opening process.

Whose Personal Data do we process?

Clients (and potential clients)

In order to provide its corporate services, it is inevitable that Lemuel will process Personal Data. As a potential client and then (if applicable) as a client, the Personal Data that Lemuel processes will include persona and/or professional contact details (addresses, telephone numbers, email addresses), copy identity documents and proofs of address, copy professional and educational certificates, details of bank accounts and/or other payment details, details of financial standing and investment objectives.  Lemuel also sends to all potential clients before onboarding them with a Lemuel CDD individual forms, Company Application form and source of funds form that they have to complete and send back to us.

Investors, Legal and Beneficial Owners, Settlors, Protectors and Beneficiaries

Lemuel also deals with individuals and other organisations that are connected with clients, such as investors, owners, beneficiaries.

As a connected person to the client/potential client, Lemuel is bound to process your personal data to be in line with its statutory requirements.  The Personal Data that Lemuel processes include: copy identity documents, proofs of address, copy professional and educational certificates and data to facilitate tax information exchange.

Potential employees/employees

If you are an applicant for a job with us, the Personal Data that we process about you shall include:

  1. your name, address and contact details, including telephone numbers and email addresses;
  2. details of your qualifications, skills, experience and employment history;
  3. information about your current level of remuneration, including entitlement to benefits;
  4. whether you are categorized as a disable person;
  5. equal opportunity monitoring information, including details about your ethnic origin, sexual orientation, health and religion or beliefs.

If you have already been recruited, we shall also ask for your bank account details in order to process remuneration/salaries.

Enquirers and visitors to our website

You may give us Personal Data by filling in a contact form on our website or by corresponding with us by email.  In such instance, the Personal Data we process shall include your personal and/or professional contact details (addresses, contact numbers, email addresses).

We will also automatically collect certain information every time you visit our website and these will include:

  1. technical information including the Internet protocol (IP) address used to connect your computing device to the internet, your browser type and version, time zone setting, operating system and platform;
  2. information about your visit which may include the pages viewed, page response times; and
  3. your country of location by reference to a look-up of your IP address against public sources.

Our website also uses cookies and/or similar technologies to collect and store certain information about your interaction with our website.


If the collection, registration and further processing of Personal Data on Clients, Potential Clients, Investors, Legal and Beneficial Owners, Settlors, Protectors, Beneficiaries, Potential Employees, Employees, Enquirers and visitors to our website and other data subjects are based on the consent from the data subject to the processing of Personal data for one or more specific purposes.  Lemuel shall be able to demonstrate that the data subject has consented to processing of such personal data.

Consent shall be freely given, specific, informed and unambiguous.  The data subject must actively consent to the processing of Personal Data by a statement or by a clear affirmative action.

Sharing your data

We may share your Personal Data with:

Third parties who process personal data on our behalf to provide us or you with products or services linked to your business/professional relationship with Lemuel.

The third parties include:

  1. Professional advisers: lawyers, advisers, tax advisers amongst others;
  2. Screening service providers: due diligence and financial crime screening database providers, such as risk screen KYC 360, Thomson Reuters World-check amongst others;
  3. IT consultants and service providers: Including hosting and cloud service providers, such as Microsoft;
  4. other suppliers and providers of services to us: Including banks, our sub-contractors agents and other entities within our Group. i.e our subsidiaries or associates or subsidiaries and associates of our parent company.

Other third parties, where required or permitted by law, for example:

  1. Regulatory authorities;
  2. Government departments;
  3. To the extent required by law, regulation or court order, for example, if we are under a duty to disclose your personal information in order to comply with any legal obligation;
  4. When we consider disclosure to be necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal purpose;
  5. In the context of organisational restructuring (merger or other related transactions);
  6. For the prevention or detection of any fraud or other criminal activity.

Rights of data subjects under the GDPR

You have a right to see the information we hold on you and this will be made available upon request.  Furthermore, you can also have your Personal Data corrected if it is wrong and in certain circumstances, have it deleted.  You can also at any time restrict our processing of your Personal Data or as a last resort, even withdraw the consent you have given to us to process same.

Data Security in the Internet

Please note that the World Wide Web is a publicly accessible system. Therefore, it is possible for a third party to be aware that you are accessing this website. Furthermore, making personal information voluntarily available online is done at your own risk. Your data can be lost during transmission or be accessed by unauthorised parties.

Contact and Complaints

Kindly send us an email on the following email if you have any query on the above or any complaint about Lemuel’s processing of Personal Data: