Euro Pacific Bank

General Data Protection Regulation (GDPR)

What is the GDPR?

The EU General Data Protection Regulation (“GDPR”) comes into force across the European Union on May 25, 2018 and brings with it the most significant changes to data protection law in two decades. The primary goal of these changes is protection of personal data and rights, while meeting the requirements of the digital age.

The 21st century brings with it, the broad use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardize data protection laws and processing of personal data, affording individuals stronger, more consistent rights to access and control their personal information.

Our Commitment

Euro Pacific Bank (EPB) (‘we’ or ‘us’ or ‘our’) is fully committed to upholding the privacy and rights of our customers, including:

  • Ensuring the security and protection of personal information that we process
  • Providing a compliant and consistent approach to data protection
  • Developing a data protection regime that is effective, fit for purpose, and demonstrates an understanding of, and appreciation for the new Regulation

We have always had a robust and effective data protection framework in place which complies with existing law and abides by the data protection principles. However, we recognize the requirement and importance of updating and expanding this program to meet the demands of the GDPR and the UK’s Data Protection Bill.

Our preparation plans for the GDPR have been summarized in this statement and includes the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum compliance at all times.

Frequently Asked Questions

When does the GDPR come into force?
The GDPR comes into force across the EU on the 25th May 2018 where it will replace the current data protection rules in each EU country.

What information does the GDPR apply to?
The GDPR applies to ‘personal data’, which means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to a specific data point (ex. name, ID number, etc.).

Does the GDPR only apply to EU organizations?
The GDPR applies to processing carried out by organizations operating within the EU. It also applies to organizations outside the EU that offer goods or services to individuals in the EU.

Who does the GDPR apply to?
The GDPR applies to ‘controllers’ ‘joint controllers’ and ‘processors’ of personal data. A controller determines the purposes and means of processing personal data (see Article 24 of GDPR). A joint controller shares pre-agreed responsibilities with another controller (see Article 26 of GDPR). A processor is responsible for processing personal data on behalf of a controller (see Article 28 of GDPR).

How is processing defined?
The GDPR definition of ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Will Consent be covered in the Terms & Conditions?
No, it is no longer satisfactory to have consent bundled into another document or agreement. It needs to be explicit and unambiguous, and recordable.

What data protection policies and procedures are required under GDPR?
The key data protection policies and procedures under GDPR include:

  • Data Protection Policy
  • Subject Access Request Policy
  • Breach Management Policy
  • Privacy Policy
  • Data Retention Policies
  • IT Policy (usage of IT equipment)

Where can I find the EPB Privacy Policy?
The EPB Privacy Policy can be found on our website along with our Cookies Policy for the EPB website use.


August 29, 2022: Euro Pacific Bank liquidation has commenced. Please read our formal instructions here as it is time-sensitive.

September 2, 2022: Update on pending transactions, brokerage, and account migration.

September 8, 2022: Qenta has emailed a welcome letter to all EPB clients. You can read a copy of it here.

September 16, 2022: Update on pending transactions for clients opting out of Qenta Inc. migration.

September 28, 2022: Update on pending transactions for clients opting out of Qenta Inc. migration.

September 30, 2022: Update on bank liquidation, pending transactions, and migration of assets to Qenta Inc.

October 8, 2022: Update on opt-out deadline for EPB clients who do not wish to migrate their account to Qenta Inc..

October 14, 2022: Customer Update & Townhall.

October 21, 2022: Update on Opt-out deadline - Extended.

November 01, 2022: Mutual funds & outgoing wire requests update.

December 05, 2022: Migration & liquidation update.

December 16, 2022: Comprehensive FAQ is published.

January 27, 2023: Correspondent bank update.

March 8, 2023: Migration & liquidation update.

March 31, 2023: Migration & liquidation update.

April 20, 2023: Liquidation update- Action required.

May 05, 2023: Migration & Liquidation update.

May 31, 2023: Migration & Liquidation update.

June 17, 2023: Receiver's report.

June 23, 2023: Migration & Liquidation update.

July 20, 2023: Migration & Liquidation update.

September 01, 2023: Migration & Liquidation update.

September 22, 2023: Report & Communication Portal.

September 22, 2023: Report & Communication Portal.

November 20, 2023: Progress Report (Opt-out Only).

November 21, 2023: Migration Update (Opt-in Only).

February 02, 2024: Migration & Liquidation update.

February 19, 2024: Migration & Liquidation update.

March 03, 2024: Migration & Liquidation update.

March 11, 2024: Receiver's Reports.

April 13, 2024: Migration & Liquidation update.

April 16, 2024: Receiver's Reports.