Our Privacy and Cookie Notice below sets out in detail how we process your personal data, and we encourage you to read it in full.
As a brief overview of how and why we process your personal data, we only collect and process your personal data for two purposes: to be able to respond to any messages sent via our Contact form and for recruitment purposes in the event that you apply for any of the positions offered in the website.
We are committed to protecting your privacy and personal data. This Privacy and Cookie Notice (the Notice) will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you. We may modify this Notice from time to time. Any changes to our Notice will become effective upon posting of the revised Notice on the Website. We recommend that you review this Notice from time to time.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
2. Data Controller
Our legal status under data protection law is that of a controller (also known as data controller), and in this capacity, we will securely store and process your personal data, which you have provided to us. Controller is the legal term used to signify the organisation that controls what to do with any given personal data.
If you have a concern or any questions about our handling of your personal data, please contact our appointed Data Protection Officer (DPO) to try to resolve your query using the email email@example.com.
If, however you feel we have not dealt with your concern and that we are failing to meet our legal obligations, you can report this to the supervisory authority: the Office of the Information and Data Protection Commissioner (IDPC) that governs our company in relation to data protection issues. IDPC: https://idpc.org.mt/en/Pages/contact/complaints.aspx
3. Information we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which includes:
Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.
Contact Data includes billing address, email address and telephone number as well as any other information provided at the time of contacting us via our Website for any purpose.
Correspondence Data includes information you provide when making a Customer Support enquiry and any other records of correspondence if you contact us about any matter. Your telephone conversations may be recorded both to assist us in training and in quality management, and to allow for the speedy resolution of queries.
Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data includes information about how you use our website.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
4. How is your personal data collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us personal data by filling in forms or by corresponding with us. This includes personal data you provide when contact us via our contact and careers forms in the Website.
Automated technologies or interactions. As you interact with our Website, we may automatically collect data about your equipment, browsing actions and patterns, which may include personal data. We collect this personal data by using cookies, server logs and other similar technologies. Please see our cookie section below for more information.
5. How we use of your information
In accordance with data protection laws, we will only process your personal data where we have a lawful basis for doing so. In respect of your personal data, these bases are: (i) where it is necessary to manage the response to your queries via the contact form; (ii) where it is necessary for the management of your candidature for the job applied; (iii) where you have given your consent; and (iv) where it is in our legitimate interests to process your personal data provided that these interests do not prejudice your own rights, freedoms and interests.
We will process your personal data for the purposes and in accordance with the following bases:
Purpose: Responding to communications you send to us
Lawful Basis: Consent
Purpose: Manage our recruiting activities
Lawful Basis: Consent and eventually necessary for the performance of a contact.
Purpose: Manage our relationship with you
Lawful Basis: Consent
We may use non-personal information (which is non-identifiable information that, when taken alone, cannot be used to identify or contact you). As such, we are not aware of the identity of the user from which the non-personal information was collected. We use such information for different purposes, such as the improvement of our services and performing web analytics. We may gather such information, either independently or through the help of our third-party service providers.
Where we process your personal data as set out above, we may do this directly or appoint members of our group or service providers (known as processors) to do this on our behalf and all of whom adhere to this Notice, and who only process your personal data on our behalf for the purposes set out above.
6. Data transfer
Since we operate globally, it may be necessary to transfer your Information to countries outside the European Union. The data protection and other laws of these countries may not be as comprehensive as those in the European Union − in these instances we will take steps (such as via standard contractual clauses pursuant to European Commission Implementing Decision (EU) 2021/914 of 4 June 2021 available here) to ensure that an adequate level of protection is given to your personal data.
We employ security measures to protect your personal data from access by unauthorised persons and to prevent unlawful processing, accidental loss, destruction and damage. These safeguards vary based on the sensitivity of the information that we collect and store. Protection of your personal data is a priority for us.
Data on our secure pages is encrypted using TLS v1.2 at a minimum. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Websites, you are responsible for keeping this password confidential.
Any personal data which identifies you will always be encrypted whilst in transit over the internet. SSL is a special protocol that automatically encrypts any information sent by you on our secure pages. Our server then reads the information using a private key. This means that your personal data, be it debit or credit card information or any other personal details, is turned into a code that can only be decoded with the private key or password. If your browser is suitably configured, you will receive a warning message when you first access any secure page on the Website. This is simply information to advise you that the Website is protecting your Information.
Unfortunately, the transmission of Information via the internet is not completely secure. Although we will do our best to protect your Information, we cannot guarantee the security of any personal data that you disclose online. You accept the inherent security implications of using the internet and will not hold us responsible for any breach of security unless we have failed in our obligations under data protection legislation. For your own privacy protection, we encourage you not to include sensitive Information (such as credit/debit card numbers) in any emails you may send to us.
We will hold your personal data for so long as necessary to manage your request and for no more than three years in the case of data for recruitment purposes (unless required to be kept longer in accordance with legal and regulatory requirements). We will endeavour to delete any personal data sooner where it is not necessary for us to hold this, but please be aware that we may hold personal data for longer if we are under a legal obligation to do so or where we have a reasonable belief that it is necessary to do so for business or legal reasons.
9. Your legal rights, fees and what we may need from you
Requests: Under certain circumstances, you have rights under data protection laws in relation to your personal data. If you wish to exercise any of the rights set out below, please contact us at firstname.lastname@example.org. Please note, however, that not all rights are absolute.
Fees: You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you: We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond: We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Your legal rights:
Request Access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request Correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request Erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal or regulatory reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request Restriction of Processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We currently do not offer this service and we are obliged to tell you pursuant to this Notice that this is not currently available.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
From time to time, and provided that we get prior consent from you, we may use your contact details to send you information about our services, which you accessed or subscribed to, including, but not limited to news about product updates, events, promotional materials and contests. You can opt out of these communications should you wish. Additionally, it is also possible to discontinue all general communications whilst receiving important update messages. For ease, each communication from us will include instructions for discontinuing the receipt of further communications.
11. Third party collection of information
Please keep in mind that this Notice does not apply to any third-party websites, services or applications, even if they are accessible, downloadable, or otherwise distributed through the Website. You should always review their privacy practices carefully before providing personal information to such third parties.
12. Corporate transaction
We may share Information in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, reorganization, bankruptcy, consolidation or asset sale of an asset or transfer in the operation thereof) in relation to any company within the Group. In the event of the above, the acquiring company or transferee will assume the rights and obligations as described in this Notice.
13. Disclosure for legal reasons
We may occasionally be required by law, court order or governmental authority to disclose certain types of personal data. Examples of the type of situations where this would occur would be:
in the administration of justice; or where we have to defend ourselves legally.
14. Cookies and Pixels Notice
A 'cookie' is a small text file containing small amounts of information which is downloaded to your device when you visit a website or use applications. The cookie enables the server to collect information from the browser. We may use the following types of cookies:
PERSISTENT COOKIES: These are saved on your computer for a fixed period and are not deleted when the browser is closed. Such cookies are used where we need to know who you are for repeat visits, so the correct language is presented and to improve our users’ experience of the Website as well as present different marketing messages and advertisements for existing users;
FUNCTIONAL COOKIES: Functional cookies are used to remember your preferences on our Website, enhancing the user experience. This can have a range of functions such as remembering your username or recording that you have read a site message so you don’t need to view it again;
SESSION COOKIES: Session cookies are used by the server to store information about user page activities so users can easily pick up where they left off on the server's pages.
We use a number of different cookies on this Website to help us to recognise you, track your activity and improve your use and experience of the Website. In addition, we use a number of third party service providers, who also set cookies on this Website, in order to deliver the services that they are providing to us. Such services include, but are not limited to, helping us to improve your use and experience of the Website by tracking your activity on the Website, measuring the effectiveness of the Website and the effectiveness of our marketing campaigns.
Some people find the idea of a website storing information on their computer or mobile (or other) device intrusive, particularly when this information is stored and used by a third party without them knowing. Although this is generally quite harmless, you may not, for example, want to see advertising that has been targeted to your interests. If you prefer, it is possible to block some or all cookies, or even to delete cookies that have already been set but you need to be aware that you might lose some functions of that website. Most online browsers automatically accept cookies. However, if you wish to restrict or block cookies you can modify your browser settings.
We also use pixel-based tracking to track a visit or event on the platform and to track advertisements' impressions. This information is also used by us for remarketing purposes and for tracking conversions that are used to optimize our marketing activities. We may share such information (which is non-personal information) with our advertising and marketing partners. Please see specific information about our marketing practices in section 8. By accessing and using the Website and services, you consent to the placement of cookies and pixels on your device in accordance with this Notice.
Date: Last updated on 12th July 2021