Privacy Notice


Meghraj Group (“Meghraj”)


This Privacy Notice sets out how Meghraj deals with company and/or personal data which we collect in the course of our business dealings with people, companies and entities interacting with Meghraj entities.  We take privacy and security of information seriously and will only use such company and/or personal information as set out in this Privacy Notice and in ways which are reasonably ancillary to what is set out below.

Meghraj is made up of different legal entities. This Privacy Notice is issued on behalf of the entire Meghraj Group so when we mention “we”, “us” or “our” in this Privacy Notice, we are referring to the relevant company in Meghraj Group responsible for processing your data.   For further details on the Meghraj Group of companies please refer to our website

References to “you” include all individuals and/or companies whose personal and company data we collect, hold and process in the course of operating the various businesses within Meghraj.

Meghraj may act as a controller and a processor of company and/or personal data as part of our obligation to provide a service to you and to a third party or parties, including but not limited to fulfilling our legal and regulatory obligations in connection with Client Due Diligence (“CDD”).  The identity of the relevant Meghraj entity responsible for your personal data in such situations can be provided to you by emailing



All queries relating to privacy, company and personal data and European General Data Protection Regulation (GDPR) can be sent to



We may collect various types of company and/or personal data, including:

  • Personal identification information (which may include name, ID card and passport numbers, nationality, place and date of birth, gender, photograph and/or IP address and personal data relating to claims, court cases and convictions, politically exposed person (PEP) status, personal data available in the public domain and such other information as may be necessary for Meghraj to provide services and to complete the CDD process and discharge any regulatory obligations
  • Tax status information (which may include tax residency, tax ID and/or tax status)
  • Contact information (which may include postal address and e-mail address and home and mobile telephone numbers)
  • Professional and employment information (which may include level of education and professional qualifications, employment, employer’s name and details of directorships and other offices held)
  • Financial information, sources of wealth and assets (which may include details of assets, sources of wealth, shareholdings and beneficial interest in assets, bank details and credit history)

We may also collect and process company and/or personal data regarding people connected to you, either by way of professional (or other) association or by way of family relationship.



We collect your company and personal information from the following sources:

  • Company and personal information which is given to us, including but not limited to:
  • such forms and documents as we may request that are completed in relation to the provision of any of our services
  • information gathered through CDD
  • any company and/or personal information provided by way of correspondence with us by phone, e-mail or otherwise
  • Company and personal information we receive from third party sources, such as:
  • entities in which you or someone connected to you has an interest
  • legal and/or financial advisors
  • other financial institutions who hold and process your company and/or personal information
  • credit reference agencies and financial crime databases
  • company and/or personal information received in the course of dealing with advisors, regulators, official authorities and service providers by whom you are employed or engaged or for whom you act



  • We may share your company and/or personal information with our group companies and third parties, including banks, financial institutions or other third-party lenders, IT service providers, auditors and legal professionals to facilitate the running of our business
  • Where we transfer your company and/or personal information, we will do our utmost to ensure that it is protected and transferred in a manner consistent with the legal requirements applicable to the relevant jurisdiction



Your company and/or personal information will be retained for as long as required:

  • for the purposes for which the company and/or personal information was collected
  • in order to establish or defend legal rights or obligations or to satisfy any reporting or accounting obligations
  • by data protection laws and any other applicable laws or regulatory requirements
  • based on our internal rules



Please let us know as soon as possible if any of your company and/or personal information changes (including your correspondence details) by contacting your local office or via  Failure to provide accurate information or to update information when it changes may have a detrimental impact upon our ability to provide our services. When receiving updated information, we must also comply with all local laws and regulations with respect to anti-money laundering and associated verification.  Please note these legal obligations override any rights under GDPR for European Union individuals.



People who email us

All companies within Meghraj Group use opportunistic TLS (Transmission Layer Security) encryption to secure email messages in transit.  Where possible, we will always try to encrypt connections with the most secure version of TLS first, working down a list of TLS ciphers until one can be found which both parties support. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.  Please contact us for further detail should you require it.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Visitors to our website

We are committed to protecting and respecting your privacy on-line. We are aware of the concern which exists over the use of personal information provided over the internet and therefore, we do not collect personal data through our website,

We do not control and are not responsible for the privacy policy of any website or organisation to which our website provides links. By including references, hyperlinks or other connections to such third-party websites, we do not imply any endorsement of them or any association with their owners or operators.

The website has a disclaimer page which highlights to users the terms of using the site.   The disclaimer advises users that the website uses cookies and Google Analytics.  However, user consent is not sought prior to using the website as the cookies and Google Analytics on the website are not able to collect data to be able to identify individual users.  The following has been confirmed by the website hosting company in January 2019:

  • Google Ads are not used by
  • Meghraj’s website does not have any way for users to enter data into the site, there is no logon screen or request for personal data
  • Meghraj’s website cookies do not collect any other data which could specifically identify individual users, eg name, email address
  • Meghraj’s website cookies do not collect any detailed geographic data which could specifically identify individual users, eg postal code, latitude/longitude coordinates

Google Analytics

Our website uses Google Analytics to help analyse how users use the site.  The tool uses “cookies,” which are text files placed on your computer, to collect standard Internet log information and visitor behaviour information in an anonymous form.  The information generated by the cookie about your use of the website (including IP address) is transmitted to Google.  This information is then used to evaluate visitors’ use of the website and to compile statistical reports on website activity for Meghraj.

Google may use the data collected on our website to contextualise and personalise the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to our website is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

You can opt-out of Performance and Advertising cookies by deleting or blocking these in your browser settings at any time.



Access and Control of Personal Information

Under the GDPR, individuals in the European Union have the following rights (which may be exercisable depending on the circumstances) in respect of the personal information about you that we process:

  • the right to access and port personal information
  • the right to rectify personal information
  • the right to restrict the use of personal information
  • the right to request that personal information is erased
  • the right to object to processing of personal information

You also have the right to lodge a complaint about the processing of your personal information either with us via email to or with the applicable jurisdictional regulator for data protection matters.

Where we have relied on consent to process your personal information, you have the right to withdraw consent at any time.

You also have the right to object to processing on the basis of legitimate interests (although this right is subject to certain exceptions).   If you wish to exercise any of the rights set out in this paragraph, please submit a formal written request to  Please note that we shall only respond to email requests where the address corresponds to that which we have on file.

Lawful Grounds for Processing:

We may hold and process your personal information on the following lawful grounds:

  • The processing is necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests
  • The processing is necessary to comply with our contractual duties
  • The processing is necessary to comply with our legal and regulatory obligations
  • Where we have obtained your consent to processing your personal information for a specific purpose
  • On rare occasions, where it is needed in the public interest

Purposes of Processing

Pursuant to the lawful grounds for processing, your personal information may be processed for the purposes set out below:

  • facilitating the administration of our business and/or our service providers
  • communicating with you as necessary in connection with our services
  • monitoring and storing telephone and electronic communications and transactions
  • for quality, business analysis, training and related purposes in order to improve service delivery
  • for investigation and fraud prevention purposes, for crime detection, prevention, investigation and prosecution of any unlawful act (or omission to act)
  • disclosing your personal information to any bank or financial institution in providing our services
  • to enforce or defend our legal and contractual rights or those of third party service providers
  • to comply with legal or regulatory obligations imposed on us
  • collecting, processing, transferring and storing customer due diligence, source of funds information and verification data under applicable anti-money laundering and terrorist financing laws and regulations
  • liaising with or reporting to any regulatory authority (including tax authorities) with whom we are either required to cooperate or report to, or with whom we decide or deem it is appropriate to cooperate in relation to tax matters



If you have any questions about this data protection Privacy Notice or how we handle your personal information (e.g. our retention procedures or the security measures we have in place), or if you would like to make a complaint, please email