- Who We Are
- The Company acknowledges that, in collecting Your Personal Data, We are bound by the laws of Malta and will process Your Personal Data in accordance with the GDPR. For any further request or query about how We use Your Personal Data, You may address Our Data Protection Officer through the following email address: firstname.lastname@example.org.
- Any notice, demand, request or other communication which You address to the Company shall be sent by e-mail to email@example.com. All communication done by e-mail shall be deemed received on the business day following the day of transmission.
Capitalised terms in this Policy shall have the meaning assigned to them under the GDPR or the Terms and Conditions of this Website and shall be construed accordingly. Furthermore, the following definitions shall apply:
- User – accesses and browses the Website (‘You’, ‘Your’);
- Services – the services provided by the Company through the Website.
- Subject Matter
- Principles of Data Processing
- We fully respect Your fundamental rights and consider protection of Your Personal Data to be a priority. Accordingly, when processing Your Personal Data, We follow the following basic principles:
- We submit Your Personal Data only for lawful and fair processing, and We maintain full transparency vis-à-vis the way We handle Your Personal Data;
- We process Your Personal Data only to the extent that it is necessary and appropriate to purposes for which it is collected;
- We make reasonable efforts to ensure that Your Personal Data is accurate and, where necessary, updated with regard to the purposes of the processing, taking all reasonable steps to immediately delete or correct it in case of inaccuracy; and
- We process Your Personal Data in a manner that guarantees its security by using appropriate technical and organizational measures.
- In general, We comply with all applicable laws statutory obligations, as Data Controller of Your Personal Data.
Types of Personal Data Collected
The Company may collect and process the following Personal Data:
Personal Data upon access to the Website:
- IP Address
- Age confirmation
- Users device data
- General communication data
- Browsing data
- Information on user preferences regarding the Website
- Purposes and Legal Basis for Data Processing
- The Company may process Your Personal Data to fulfill its obligations under the Terms and Conditions, to comply with its legal obligations and for the following purposes:
- Administration and development of the Website;
- Enhancement of User’s experience;
- Detection, investigation and prevention of fraudulent activity and other illegal activities and protection of Your rights and rights of the Company;
- Collection, processing and performing statistical and other research and analysis of information for enhancement of the Website and the Services;
- Verifying compliance with the Terms and Conditions of the Website.
- The Company may request and process additional Personal Data only with Your lawful consent for the following purposes:
- For the purposes of commercial communication, marketing and advertising of Our Services or third-party Services via SMS, telephone, e-mail, internet, fax, mail, social media and/or any other appropriate communication channels.
- For personified market research and/or analysis purposes to better understand Your needs, preferences, interests, experiences and / or habits as a consumer.
- You have the right to withdraw Your consent to Our processing of Your Personal Data at any time in writing to Our contact details mentioned in this Policy. Withdrawal of Your consent does not affect the lawfulness of the treatment of Your Personal Data prior to its revocation.
- Data Recipients
- In the event that We are required by a court or other administrative authority, pursuant to an investigation relating to unlawful activities such as money laundering and in any other case that We are legally bound to do so, the Company may transfer Your Personal Data to public authorities to the extent specified by applicable law.
- Data Security and Confidentiality
- In order to ensure the proper use and integrity of Your Personal Data and to prevent unauthorised or accidental access, processing, deletion, alteration or other use, the Company applies appropriate internal policies and takes all appropriate organizational, technical and procedural security measures, as well as technical standards, in accordance with applicable laws and regulations.
- The processing of Your Personal Data by the Company is conducted in a manner that ensures confidentiality and security, taking into account the latest developments, implementation costs and the nature, scope, context and purposes of the processing, as well as the risks for Your rights and freedoms, which are applicable in each circumstance.
- Your Personal Data is processed solely by authorised personnel of the Company, bound by strict obligations of confidentiality.
- Retention of Personal Data
- We retain Your Personal Data for as long as is necessary to fulfill the relevant purposes of processing explained in this Policy, in accordance with the Data Minimisation and Storage Limitation principles.
- Furthermore, the Company may retain Your Personal Data after the expiration of the relevant processing purposes in the following limited cases:
- In case that there is a legal obligation under a relevant statutory provision.
- In case of any claims against the Company, for as long as necessary to defend Our rights and legitimate interests before any competent court and any other public authority.
- After the period of retention, Your Personal Data is erased from Our databases and systems.
- For more information about data retention terms in relation to specific Personal Data, please contact Us at firstname.lastname@example.org.
- Your Rights
- You have the right:
- To request access to Your Personal Data and information related to their processing and obtain a copy thereof.
- To request for the rectification of any inaccuracies or any of your missing Personal Data.
- To request for the erasure of Your Personal Data.
- To request for the restriction of the processing of Your Personal Data in cases explicitly provided for by law.
- To request for the portability of Your Personal Data to another Data Controller in a structured, commonly used and machine-readable format.
- To object to the processing of Your Personal Data in cases explicitly provided for by law.
- To object to a decision taken solely on the basis of automated processing, including profiling, which has impact on You or significantly affects You.
- Any requests relevant to this Section 10 must be addressed in writing to email@example.com.
- We will respond to any of Your requests within one (1) month from their receipt. Upon prior notice, this period may be extended by a further two (2) months if necessary, taking into account the complexity of the request and the number of any other pending requests. In case of rejection of Your request, We will provide relevant justification.
- If Your request does not meet the requirements of applicable law, We reserve the right either to: (a) impose a reasonable fee, taking into account the administrative costs of providing the information or communicating or executing the requested action, or (b) reject Your request.
- If there are any doubts as to the identity of the individual submitting the request, We reserve the right to request the provision of additional information necessary to confirm their identity.
- If Your rights are infringed, You have the right to file a complaint with the Office of the Information and Data Protection Commissioner at the following website: https://idpc.org.mt/.
- Your Obligations
- By using Our Website and by providing Your Personal Data, You acknowledge that You are required to provide Your actual, accurate and complete data as requested by the Company. Furthermore, You must inform Us of any changes to Your information so as to ensure it is kept up-to-date and accurate.