Effective Date: 3/10/2025
Last Updated: 07/10/2025
Burtony & Associates Ltd (“Burtony & Associates“, “we”, “us”, or “our”) values your privacy and is committed to protecting the personal data we collect and process. This Privacy Policy describes how we collect, use, disclose, retain, and safeguard your personal data when you:
Use our website: https://burtony-associates.com (“the Website”)
Interact with us in person, by phone, email, or through social media
Engage with our services (consulting, company formation, legal advisory, compliance, investment support, or relocation services)
We are a data controller under the Mauritius Data Protection Act 2017 and comply with applicable international standards, including the EU General Data Protection Regulation (GDPR).
By using our Website or services, you acknowledge and consent to the practices described in this policy.
We may collect, store, and use the following categories of personal data:
Full name
Email address
Phone number
National ID / Passport number
Date of birth
Residential and business address
Occupation / Job title
Company name and registration number
BRN, VAT number, and licensing data
Shareholding and directorship information
Bank account or business financial details (where necessary)
IP address
Browser type and version
Device identifiers
Operating system
Traffic logs and site interaction history (via cookies or analytics tools)
Only where required for legal or compliance reasons (e.g., KYC, AML checks), we may collect:
Political exposure status (PEP)
Source of funds
Financial statements or tax information
Biometric verification (if used through third-party services)
We may collect your data through:
Website forms (contact forms, inquiry submissions)
Email, telephone, or WhatsApp correspondence
Physical meetings or consultations
Third-party referrals or business partners
Use of cookies, analytics tools (Google Analytics, etc.)
We only process your data when a valid legal basis applies, including:
Consent – where you have given us explicit permission (e.g., newsletter)
Contractual Necessity – to fulfill our agreement or pre-contractual steps
Legal Obligation – where required by law (e.g., AML/KYC checks)
Legitimate Interests – for business operations, fraud prevention, improving services, or client communication (where it does not override your rights)
We use personal data for the following purposes:
To register and onboard you as a client
To provide and manage services you’ve requested
To comply with legal, regulatory, and AML obligations
To process payments and issue invoices
To provide customer support
To send legal, compliance, or service-related updates
To manage internal audits, risk assessments, or quality assurance
To improve our website performance and security
We do not sell your personal data. However, we may share it with the following:
Our employees, legal advisors, and consultants with a legitimate business need.
Government bodies (e.g., EDB, Registrar of Companies, MRA, FSC)
Banks or financial institutions
Auditors or accountants
Compliance platforms or KYC verification tools
Cloud and IT service providers (CRM, email marketing, hosting)
All third parties are bound by confidentiality agreements and data processing contracts to protect your information in line with applicable data protection laws.
If data is transferred outside Mauritius or the EU, we ensure adequate safeguards such as:
Transfer to countries with adequate protection (as per DPA or GDPR)
Standard Contractual Clauses (SCCs)
Binding Corporate Rules (BCRs)
We retain your personal data only as long as necessary to fulfill the purpose it was collected for, including:
Clients: Data is retained for up to 7 years after the end of the client relationship (or longer if required by regulatory laws).
Inquiries: Data is retained for up to 2 years from the date of last communication.
Marketing Lists: Until you unsubscribe or withdraw consent.
We securely delete or anonymize data once it is no longer needed.
You have the following rights regarding your personal data, subject to applicable law:
Right to Access – Request a copy of the data we hold about you.
Right to Rectification – Correct inaccurate or incomplete data.
Right to Erasure – Request deletion of data when no longer necessary.
Right to Restrict Processing – Limit the way your data is used.
Right to Object – Object to processing based on legitimate interests.
Right to Data Portability – Receive your data in a structured format.
Right to Withdraw Consent – Withdraw previously given consent.
Right to Lodge a Complaint – With the Data Protection Commissioner of Mauritius or your local authority.
To exercise your rights, please email us at:
📧 info@burtony-associates.com
We take technical and organizational measures to protect your personal data from:
Unauthorized access or use
Loss, theft, or corruption
Unlawful processing or disclosure
Security measures include:
Encrypted data transfers (SSL)
Secure servers and backup protocols
Role-based access controls
Regular audits and risk assessments
Employee confidentiality training
Our website uses cookies to enhance functionality, track usage, and analyze traffic. These may include:
Essential Cookies – For core site functionality
Analytical Cookies – For traffic analytics and user behavior
Preference Cookies – To remember your settings
Marketing Cookies – For retargeting or advertising (if applicable)
You can control cookie preferences via your browser settings or our cookie banner.
Our Website may contain links to external websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review their policies before providing personal data.
Our services are not directed to individuals under the age of 18. We do not knowingly collect or process data from minors. If you believe a child has provided us with personal data, please contact us for immediate deletion.
We may update this Privacy Policy from time to time to reflect legal or operational changes. The most current version will always be available on our website, and we may notify you of material changes by email or notice.
Last reviewed on: 03/10/2025