PREAMBLE
This protocol governs the cryptographic security, jurisdictional routing, and statutory processing of classified client data across the Sutherland ecosystem. It is enforced strictly by the technology holding company, Sutherland Private Office SAS (Entity A), acting as the sole Data Controller, in absolute compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the European Data Protection Board (EDPB) guidelines, the EU Data Act, and the French Loi Informatique et Libertés.
Supremacy of European Law & Jurisdictional Conflict: Regardless of the domicile or nationality of the data subject (e.g., United States, United Kingdom, United Arab Emirates), all data processing and sovereign infrastructure governance are subject exclusively to the material laws of the French Republic and the European Union. Extraterritorial claims invoked under foreign privacy frameworks, including but not limited to the California Consumer Privacy Act (CCPA/CPRA), the UK GDPR, or the UAE Personal Data Protection Law (PDPL), are expressly rejected and legally void within this jurisdiction.
1. THE DOCTRINE OF DATA SOVEREIGNTY & STRUCTURAL BIFURCATION
Sutherland recognizes that the acquisition of prime assets requires an impenetrable perimeter of confidentiality. We execute a fiduciary standard of information security. To shield our global clientele, we have engineered our infrastructure to repel external surveillance and extraterritorial data requisitions.
The Chinese Wall & Intra-Group DPA: To maintain absolute legal integrity, a strict structural bifurcation (Chinese Wall) is enforced. Sutherland Private Office SAS (Entity A) collects, encrypts, and processes data exclusively to execute structural tax modeling and to enable its regulated execution subsidiary, Sutherland International Realty SAS (Entity B), to fulfill its statutory Loi Hoguet and TRACFIN anti-money laundering obligations. This internal data transit is strictly governed by a binding Intra-Group Data Processing Agreement (DPA) executed pursuant to Article 28 of the GDPR, ensuring Entity B processes data exclusively under the absolute directives of the Data Controller.
Role-Based Access Control (RBAC): Access to the Sutherland VDR and proprietary tax models is governed by a strict "Need-to-Know" operational paradigm. Internal access protocols across both Entity A and Entity B are cryptographically enforced via Role-Based Access Control (RBAC), ensuring that regulated brokerage personnel are granted access solely to the data strictly requisite for specific transactional execution.
2. JURISDICTIONAL FIREWALLS, DATA ROUTING & SUBPOENA DEFENSE
To ensure absolute data integrity, our digital infrastructure is sovereign, decentralized, and strictly compartmentalized:
Core Processing (Data at Rest): All primary databases, client registries, and operational parameters are physically restricted to our sovereign servers in Germany, hosted by MechanicWeb. This ensures absolute enforcement of the GDPR. Your personally identifiable information (PII) never rests on United States territory.
Sutherland VDR (Highly Classified Data): Sensitive documentation, Ultimate Beneficial Owner (UBO) registries, tax structuring data, and proprietary forensic due diligence are isolated within our XXXXXXXXXX (country) infrastructure, hosted by XXXXXXXXXX (provider). The jurisdiction of XXXXXXXXXX benefits from a formal Adequacy Decision by the European Commission, providing banking-grade immunity against foreign data requisitions.
Edge Delivery Protocol & TIAs: To mitigate latency globally and repel cyber-threats, we utilize an encrypted Edge network (QUIC.cloud). Data in transit is secured via End-to-End Encryption (E2EE). Any transit through routing nodes outside the European Economic Area (EEA) is executed in strict compliance with the EU-US Data Privacy Framework (DPF) and European Standard Contractual Clauses (SCCs). Pursuant to EDPB jurisprudence, Sutherland conducts continuous Transfer Impact Assessments (TIAs) on all global edge routing nodes to mathematically verify that local surveillance laws in transit jurisdictions cannot breach our E2EE architecture.
Metadata & Traffic Analysis Minimization: All network transit metadata (e.g., routing headers, edge IP addresses) generated during the cryptographic handshake is mathematically purged immediately upon session termination, rendering retrospective Traffic Pattern Analysis by foreign intelligence apparatuses mathematically obsolete.
Cryptographic Agility & Post-Quantum Resilience: To neutralize "Harvest Now, Decrypt Later" (HNDL) interception strategies, our encryption architecture integrates post-quantum resilience protocols, ensuring UHNWI wealth data retained for statutory decades remains permanently uncompromised.
External Sub-Processor Governance: Pursuant to Article 28 of the GDPR, the engagement of any third-party sub-processor requires rigorous preliminary security auditing and the execution of strict Data Processing Agreements (DPAs) that mathematically preclude unauthorized data exposure.
Foreign Subpoena & Extraterritorial Requisition Defense: Sutherland formally refuses voluntary compliance with non-EU or non-Swiss judicial data requests. Any extraterritorial subpoena (e.g., US CLOUD Act, FISA) will be actively contested in competent European courts and solely acknowledged if validated by a formal Mutual Legal Assistance Treaty (MLAT).
Sovereign Change of Control (M&A Poison Pill): In the event of a merger or change of control transferring jurisdictional authority of Sutherland Private Office SAS to a corporate entity domiciled outside the EEA or Switzerland, clients will be granted an absolute, preemptive right to execute the Cryptographic Shredding of all VDR assets prior to the jurisdictional transfer taking legal effect.
3. CLASSIFIED DATA, ALGORITHMIC GOVERNANCE & FORENSIC LOGGING
Sutherland Private Office SAS processes strictly what is required for institutional risk management and asset acquisition.
Biometric Processing Isolation (Article 9 GDPR): Biometric Liveness Detection utilized for Enhanced Due Diligence (EDD) constitutes a "Special Category of Data" under Article 9 of the GDPR. Biometric processing is executed within a cryptographically isolated enclave, strictly contingent upon explicit consent, and is immediately destroyed upon verification parity.
Multi-Family Office (MFO) & Authorized Proxies: Classified data transmitted by Authorized Proxies (legal counsel, trustees) is granted absolute sovereign protection, strictly contingent upon the prior forensic validation of their legal mandate (pouvoir de représentation).
Data Integrity & Immutable Forensic Logging: Every interaction with classified data within the Sutherland VDR generates a cryptographically secured, immutable audit trail, ensuring absolute traceability and structurally thwarting insider threats.
Wealth Intelligence & Data Syndication Ban: Sutherland categorically prohibits the extraction, syndication, or automated scraping of our client registries by third-party data brokers, PropTech aggregators, or global wealth intelligence syndicates (e.g., Wealth-X, Altrata).
Automated Decision-Making Exemption (Art. 22 GDPR) & Bias Mitigation: All fiduciary determinations are strictly validated through a "Human-in-the-Loop" governance architecture. Pursuant to the EU AI Act, proprietary algorithms (Sutherland OS) are strictly audited for algorithmic neutrality. Structuring and valuation models are predicated exclusively on quantitative mathematical and financial parameters, structurally precluding any profiling or discrimination based on prohibited demographics.
Explicit AI/LLM Training Prohibition: Under no circumstances is classified client data, transactional metadata, or structural tax modeling ingested into generative Artificial Intelligence (AI) or Large Language Models (LLMs) for training purposes.
4. OPERATIONAL RESILIENCE & THE DORA/ANSSI BENCHMARK
While Sutherland Private Office SAS operates strictly outside the statutory scope of the European Digital Operational Resilience Act (DORA), our proprietary digital infrastructure is voluntarily engineered to meet its Tier-1 operational resilience frameworks.
Our sovereign architecture aligns with ISO 27001 cryptographic standards, the DORA benchmark, and the strict logical isolation principles established by the French National Cybersecurity Agency (ANSSI) under the SecNumCloud qualification framework. Pursuant to the NIS2 Directive and French cybersecurity frameworks, severe structural anomalies will trigger an Initial Early Warning to ANSSI within twenty-four (24) hours, preceding the standard 72-hour GDPR notification to the CNIL.
5. STATUTORY RETENTION, E-DISCOVERY VS. THE "RIGHT TO BE FORGOTTEN"
Pursuant to Article 17(3)(b) of the GDPR, the right to erasure is expressly subordinate to Sutherland’s overriding statutory and fiduciary obligations. To comply with the French Monetary and Financial Code and TRACFIN reporting mandates, all KYC, AML, and transactional data will be retained within our secure infrastructure for a mandatory, non-negotiable period of ten (10) years.
Litigation Hold & E-Discovery: Furthermore, the statutory right to erasure is immediately suspended upon the receipt of a formal Litigation Hold, E-Discovery mandate, or subpoena from competent European jurisdictions pertaining to civil, corporate, or matrimonial disputes involving the data subject. Premature erasure requests under such conditions will be categorically denied to prevent the spoliation of evidence.
6. DATA SUBJECT PREROGATIVES & DPO ESCALATION
Subject to the statutory AML retention laws outlined in Section 5, clients maintain the prerogative to request full access, rectification, portability, or restriction of processing of their data.
Algorithmic Output & EU Data Act Exemption: The statutory right to data portability strictly applies to raw, unformatted data provided directly by the client. Enriched analytical models, structural tax projections, and asset valuations generated by the Sutherland OS constitute the exclusive intellectual property of Sutherland Private Office SAS and are expressly exempted from automated portability protocols.
Post-Mortem Directives: Pursuant to Article 85 of the French Loi Informatique et Libertés, users maintain the statutory right to formulate specific directives regarding the conservation, deletion, or cryptographic transfer of their VDR assets and structural tax models in the event of succession.
Official requests to exercise these rights, or to escalate matters regarding data sovereignty, must be directed to our designated Data Protection Officer at: dpo@sutherlandam.com. You retain the absolute statutory right to lodge a formal inquiry or complaint with the French Data Protection Authority (CNIL).