1 Introduction
Attard & Co Ltd. is a company registered under the laws of Malta having its registered address at [-] (“We”/ “Us”/ “Our” or the “Company”) We are committed to respecting the privacy and personal data collected about individuals. If you wish to contact Us about Our privacy practices please feel free to do so by post on the abovementioned address or by email at [email protected]. You may also wish to contact us by telephone on 21237555.
Our Data Protection Officer is Brian Schembri who may be contacted by email at [email protected] or by telephone on +356 21 32 2118.
Please read this Privacy Notice carefully to understand our practices with respect to your personal data. The purpose of this policy is to set out Our practices with respect to personal data in line with the relevant legislation and to describe the steps that the Company is taking to ensure that it complies with the law.
References to “data controller”, “data subject”, “personal data”, “process”, “processed”, “processing” and “Data Protection Officer” in this Privacy Notice have the meanings set out in, and will be interpreted in accordance with applicable laws, including but not limited to the Data Protection Regulation (EU) 2016/679 and the Data Protection Act, Chapter 586 of the Laws of Malta and subsidiary legislation thereto, as may be amended from time to time.
2. What Amounts to Personal Data?
The term “personal data” refers to all personally identifiable information about you, such as your name, surname and address, and includes all information which may arise that can be identified with you personally.
3 What Personal Data Do We Process?
In its everyday business operations the Company makes use of a variety of data about identifiable individuals, including data about:
- Current, past and prospective employees
- Customers
- Users of its websites
- Subscribers
- Other stakeholders
In collecting and using this data, the organisation is subject to a variety of legislation controlling how such activities may be carried out and the safeguards that must be put in place to protect it.
This control applies to all systems, people and processes that constitute the organisation’s information systems, including board members, directors, employees, suppliers and other third parties who have access to Attard & Co Group systems.
The following policies and procedures should be read in conjunction with this document:
- Data Protection Impact Assessment Process
- Personal Data Mapping Procedure
- Legitimate Interest Assessment Procedure
- Information Security Incident Response Procedure
- GDPR Roles and Responsibilities
- Records Retention and Protection Policy
We can provide you with a hard copy if you contact us on [email protected].
4. Your Rights
The data subject also has rights under the GDPR. These consist of:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
You may exercise these rights as follows by contacting us on [email protected]:
- Right of access – you have the right to ascertain the personal data We hold about you and to receive a copy of such personal data;
- Right to complain – you have the right to lodge a complaint regarding the processing of your personal data with the supervisory authority for data protection matters. In Malta this is the Information and Data Protection Commissioner (contact details provided below);
- Right to Erasure – in certain circumstances you may request that We delete the personal data that we hold about you;
- Right to Object – you have a right to object and request that We cease the processing of your personal data where We rely on Our, or a third party’s legitimate interest for processing your personal data;
- Right to Portability – you may request that We provide you with certain personal data which you have provided to Us in a structured, commonly used and machinereadable format. Where technically feasible, you may also request that we transmit such personal data to a third party controller indicated by you;
- Right to Rectification – you have the right to update or correct any inaccurate personal data which We hold about you;
- Right to Restriction – you have the right to request that We stop using your personal data in certain circumstances, including if you believe that We are unlawfully processing your personal data or the personal data that We hold about you is inaccurate;
- Right to withdraw your consent – where Our processing is based on your consent, you have the right to withdraw your consent. Withdrawal of your consent shall not affect the lawfulness of the processing based on your consent prior to the withdrawal of your consent; and
- Right to be informed of the source – where the personal data We hold about you was not provided to Us directly by you, you may also have the right to be informed of the source from which your personal data originates.
5. What Personal Data do we process?
The personal data that we typically collect and process about our data subjects are:
- The personal data that We collect for the fulfilment of our obligations in rendering the goods and, or services to you;
- Your identity details such as your name, surname, employer, title, position, and status;
- Your contact information such as your email address, physical address and telephone numbers;
- Your bank account details and other financial information;
- Any information you provide to Us when posting a query, complaint or observation through our website;
- Information you provide to Us for the purposes of attending meetings or events;
- Personal data provided to us by, on behalf of or in relation to our clients, business partners, service providers and employees
- Any personal data lawfully generated by Us in the course of executing Our client’s instructions
- CCTV footage, when you visit Our offices; and,
- Any personal data which you may voluntarily provide to Us.
6. Cookies
We use cookies when you visit our group websites. Cookies are pieces of information that a website transfers to your computer’s hard disk or to your browser’s memory. There are four main types of cookies that we use. Here’s how and why we use them:
- Site functionality cookies – these cookies allow you to navigate the site and use our features, such as “save flight”.
- Site analytics cookies – these cookies allow us to measure and analyse how our customers use the site, to improve both its functionality and your online experience.
- Customer preference cookies – when you are browsing, these cookies will remember your preferences (like your language or location), so we can make your online experience as seamless as possible and more personal to you.
- Targeting or advertising cookies – these cookies are used to deliver ads that are relevant to you. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.
Please note that the cookies used by us do not personally identify you but they simply identify your computer or other device.
Most browsers are initially set to accept cookies. However, if you prefer, you can set your browser to block all, or certain, cookies. You can also set your browser to prompt you each time a cookie is offered. If you wish to block cookies, here’s a guide on how to do so for the most common browsers, such as Microsoft Internet Explorer, Google Chrome, or Mozilla Firefox.