We hereby inform you that we process your personal data.
General Privacy and Personal Data Protection Policy – AD+PD
This General Privacy and Data Protection Policy (hereinafter, the “Policy”) describes how we collect your Personal Data and why we collect it, what we do with your Personal Data, who we share it with, how we protect it, and the choices you can make about your Personal Data.
This Policy applies to the processing of Personal Data within the various services, tools, applications, websites, portals, promotions (online), marketing campaigns, sponsored social media platforms, etc. that are provided or operated by us or on our behalf. This Policy contains general principles and explanations. It is supplemented by separate duty of information clauses relating to the aforementioned specific services, tools, applications, websites, portals, promotions (online), marketing activities, sponsored social media platforms, etc., which are provided or operated by us or on our behalf. These information obligation clauses will be provided to you when your Personal Data is processed as part of the aforementioned activities (for example, through websites, portals, individual communication services, newsletters, reminders, surveys, offers, events, etc.).
This Policy applies to all Personal Data collected and used by (or on behalf of) ADPD.
If you accept the provisions of this Policy, you also consent to the processing of your Personal Data as set out in this Policy.
At the end of this Policy you will find definitions of key terms used in this Policy with capital letters (e.g. Personal Data, Processing, Data Controller).
WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA?
The entities responsible for the Processing of your Personal Data (Data Controllers) are:ADPD with its registered office in Triq Isouard, Marsa MRS2019, Malta, registry number EO/22/16/D in Malta.
WHO CAN YOU CONTACT IF YOU HAVE QUESTIONS OR REQUESTS? DATA PROTECTION CONTACT POINT
ADPD has established a Data Protection Contact Point to answer your questions and requests related to this Policy, the information obligation clauses, your Personal Data (and their Processing).
If you have any questions, complaints relating to the application of this Policy and the Processing of Personal Data or requests relating to your rights, you may contact via the Data Protection Point of Contact:
by letter using the address:
ADPD with its seat in 51, Triq Isouard, Marsa MRS2019, Malta
by e-mail at:
We care about the Personal Data entrusted to us and are committed to processing it in a fair, transparent and secure manner. To this end, the ADPD applies the following principles:
Lawfulness: we will only collect and process your Personal Data in a lawful, fair and transparent manner.
Data Minimisation: we will limit the collection of your Personal Data to what is adequate and necessary to achieve the purposes for which it was collected.
Purpose limitation: we will only collect your Personal Data for specific, explicit and legitimate purposes and will not process your Personal Data in a manner incompatible with those purposes.
Correctness: we ensure that the Personal Data held is correct and up to date.
Data security and protection: in order to ensure data security and protection at an appropriate level, we implement technical and organisational measures, taking into account, among other things, the nature of the Personal Data to be protected. Such measures are designed to prevent unauthorised disclosure or access, unlawful destruction or accidental loss of data, alteration or any other unlawful form of Processing.
Access and rectification: we will process your Personal Data in such a way as to ensure that you can confirm whether or not your Personal Data is being processed, and that you can access your Personal Data and obtain the information you have requested, together with a request to rectify your Personal Data in accordance with your rights.
Limited retention period: we will retain your Personal Data in a manner consistent with applicable data protection laws and regulations and for no longer than is necessary to achieve the purposes for which it was collected or when required by law.
Protection in case of international transfer: we will ensure adequate protection of your Personal Data in case of transfer, in particular to countries outside the EEA.
Third Party Safeguards: we will ensure that access to Personal Data by third parties (and transfer of Personal Data to them) is carried out in accordance with applicable law and appropriate contractual safeguards.
PROCESSING OF YOUR PERSONAL DATA: WHAT PERSONAL DATA WE COLLECT AND ON WHAT LEGAL BASIS
Whenever you are asked to provide your Personal Data, you will be clearly informed which of your Personal Data is being collected. This information will be communicated to you in the form of an appropriate information obligation clause included with certain services (including communication services), web portals, electronic newsletters, Facebook Messenger Messages, reminders, surveys, offers, etc.
Please note that under data protection legislation, your Personal Data may be processed if:
you have given your consent to the Processing (as described in the disclosure clause relating to that particular Processing). If in doubt, you always have the right to withdraw your consent at any time; or
it is necessary for the performance of a contract to which you are a party; or
in the case of a specific Processing, we act on the basis of our legitimate interest, provided that your interests or fundamental rights and freedoms do not override it. The existence of such legitimate interest will be duly communicated to you in the form of an information obligation clause relating to that specific Processing; this is required by law.
FOR WHICH PURPOSES WE PROCESS YOUR PERSONAL DATA
We will only process your Personal Data for specific, explicit and legitimate purposes and will not further process your Personal Data in a manner incompatible with those purposes.
Such purpose may be, to improve the quality of our services based on your feedback on your visit to one of our websites or portals, to improve the quality of our products or services in general, to offer services or applications, communication and marketing activities, etc. The purpose of each Processing of your Personal Data is set out in the specific information obligation clause relating to that particular Processing. Information on specific Duty of Information clauses is made available, for example, through websites or portals, in applications, electronic newsletters, Facebook Messenger Messages, etc.
PROCESSING OF PERSONAL DATA IN SUCH A WAY AS TO ENSURE THAT THEY ARE ACCURATE AND UP-TO-DATE
Keeping your data accurate and up-to-date is very important to us. We ask that you inform us of any changes or errors in your Personal Data as soon as possible by contacting us via the Data Protection Point of Contact (see section 3 “Who can you contact with questions or requests?” for details). We will take appropriate steps to ensure that any incorrect or outdated Personal Data is deleted or adjusted accordingly.
ACCESS TO YOUR PERSONAL DATA
You have the right to access your Personal Data that we process and, if your Personal Data is inaccurate or incomplete, to request that we correct or delete your Personal Data. If you require further information regarding your privacy rights or would like to exercise these rights, please contact us via the Data Protection Point of Contact (see section 3 “Who can you contact with questions or requests?” for details).
HOW LONG WE KEEP YOUR PERSONAL DATA
We will store your Personal Data in a manner that complies with data protection legislation. We will only retain your Personal Data for as long as necessary for the purposes for which we process your Personal Data or for compliance with the law or where retention of your data for a period of time is required by law. For information on how long specific Personal Data will be retained before it is deleted from our systems and databases, please contact us via the Data Protection Point of Contact (see section 3 “Who can you contact with questions or requests?” for details). Relevant information will also be provided in the specific information obligation clauses that will be provided to you when your Personal Data is processed.
PROTECTION OF YOUR PERSONAL DATA
We have employed an appropriate set of technical and organisational measures to ensure that your Personal Data is protected against accidental or unlawful destruction, loss, modification, unauthorised disclosure or unauthorised access to your Personal Data. These have been specifically designed taking into account our IT infrastructure, the potential impact on your privacy and associated costs and in accordance with current industry standards and practice.
Your Personal Data may be subject to processing by a Third Party Data Processor only if that Data Processor undertakes to apply these technical and organisational data security measures.
Maintaining data security means protecting the confidentiality, integrity and availability of personal data:
- Confidentiality: we will protect your Personal Data from unwanted disclosure to third parties.
- Integrity: we will protect your Personal Data from modification by unauthorised third parties.
- Accessibility: we will ensure that authorised parties are able to access Personal Data when required.
Our data security procedures include: access security, backup systems, monitoring, review and maintenance of systems, security incident management and business continuity assurance, etc.
DISCLOSURE OF PERSONAL DATA
Depending on the purposes for which we collect your Personal Data, we may disclose your Personal Data to the following categories of recipients who will then, solely for the purposes indicated, process your Personal Data:
- As part of our activities:
Our authorised employees;
- External business partners:
Advertising, marketing and promotional agencies acting on our behalf: to help us deliver and analyse the effectiveness of our advertising and promotional campaigns;
Business partners: for example, trusted companies who may use your Personal Information to provide services and/or products you have requested and/or who may provide you with marketing materials (provided that you have consented to receive such marketing materials).
We ask such companies to always comply with applicable laws and this Policy and to pay particular attention to the confidentiality of your Personal Information;
ADPD’s Service Providers: companies that provide services to or on behalf of ADPD for the purpose of providing such services (for example, ADPD may disclose your Personal Data to third-party IT-related service providers);
- Other third parties:
where this is required by law or is legally necessary to protect the ADPD:
for compliance with the law, requests from state authorities, court orders, legal procedures, obligations to report and provide information to authorities, etc; for verifying or enforcing compliance with policies and agreements with the ADPD, and in order to protect the rights, property or safety of the ADPD and/or our subjects/contractors;
in connection with corporate transactions: in the context of a transfer or disposal of all or part of its undertaking or otherwise in connection with a merger, consolidation, change of control, reorganisation or liquidation of all or part of the activities of the ADPD.
Please note that the third party recipients listed in (b) and (c) above – particularly service providers who may offer products and services through services or applications or through their own channels – may collect Personal Data from you separately. In such case, these entities are solely responsible for the processing and control of such Personal Data, and your interactions with them will be subject to their terms and conditions.
DETAILED CONTACT DETAILS FOR [CLIENT’S NAME] STAFF
If you purchase a product or service from us (ADPD) or if you provide us with your Personal Data in any other case, you thereby establish an intrinsic relationship with us as Data Controller.
USE OF SOCIAL MEDIA
If, when using a ADPD tool and/or (website, portal…) you use a specific social media login (for example, Facebook account, Facebook messenger account, etc.), ADPD will register your Personal Data available on such social media and the use of such social media means that you have expressly consented to the transfer of the Personal Data registered by the ADPD through the tools of that social media.
ADPD sometimes facilitates the publication of Personal Data via social media such as Twitter and Facebook. Social media have their own privacy policies, which you must take into account if you use such social media. We would like to remind you that publishing content on social media may have certain consequences, including for your privacy or the privacy of the persons whose Personal Data you provide, e.g. the impossibility to withdraw the published content within a short period of time. You are fully responsible for what is published by you. The ADPD assumes no liability in this respect.
TRANSFER TO COUNTRIES OUTSIDE THE EEA
Your Personal Data may be transferred to recipients who are located outside the EEA and may be Processed by us and recipients outside the EEA. In relation to any transfer of your Personal Data to countries outside the EEA, ADPD will put in place appropriate measures to ensure an adequate level of protection for your Personal Data. These measures may, for example, consist of agreeing binding contractual clauses with recipients that guarantee an adequate level of protection.
We will always clearly inform you when your Personal Data is transferred outside the EEA. This information will be provided to you via a separate information obligation clause, which will, for example, be included in certain services (including communication services), electronic newsletters, Facebook Messenger Messages, reminders, surveys, offers, invitations to events, etc.
ELECTIONS AND THE RULE OF LAW
We want to make our operations as transparent as possible to you so that you can make reasonable choices about how we are to use your Personal Information.
- Your Personal Data
You can always contact us via the Data Protection Point of Contact (see section 3 “Who can you contact with questions or requests?” for details) to find out what Personal Data we have about you and its origin. In certain circumstances, you have the right to receive a copy of the Personal Data you have provided to us in a commonly used, structured machine-readable format or to request a transfer of your Personal Data to any third party of your choice.
- Your amendments
If you find an error in your Personal Data or if you consider it to be incomplete, outdated or incorrect, you may request us to correct or complete it.
- Your request to restrict
You have the right to request the restriction of the Processing of your Personal Data (e.g. if the accuracy of your Personal Data is contested, if your Personal Data is not needed for the purposes of the Processing).
- Your objections
You may object to the use of your Personal Data on the basis of a legitimate interest of the Controller (we will cease processing for this purpose unless there are legitimate grounds for processing set out in law, or where processing is necessary for the establishment, investigation or defence of claims).You may also object to the use of your Personal Data for direct marketing purposes or to the sharing of your Personal Data with third parties for the same purpose.
- Your right to withdraw your consent
At any time you have the possibility to withdraw your consent to further Processing of Personal Data that you have given us. You can withdraw your consent by contacting the Data Protection Point of Contact (see section 3 “Who can you contact with questions or requests?” for details).
- Your right to be forgotten
In addition, you may request us to delete Personal Data relating to you (except in certain cases, for example, to prove a transaction, to assert or defend a claim or when required by law).
- Your right to complain
Please also note that you also have the right to lodge a complaint against the ADPD as Data Controller with the relevant data protection authority (“President of the Data Protection Authority”).
The requirements of this Policy are in addition to and do not replace any other requirements existing under data protection law. In the event of a conflict between the content of this Policy and the requirements of data protection law, data protection law shall prevail.
ADPD may amend this Policy at any time, e.g. to comply with current data protection legislation, due to decisions or other acts of state authorities or in connection with the need to improve the provision of our services.
In this Policy, the following terms have the following meanings:
- Data Controller means the organisation that determines the purposes of the processing and the means by which your Personal Data is processed. Unless we inform you otherwise, the Data Controller is: ADPD with its registered office in 51, Triq Isouard, Marsa MRS2019, Malta. Further information may be provided to you via a separate information obligation clause, which will, for example, be included in certain services (including communication services), electronic newsletters, reminders, surveys, offers, invitations to events, etc.
- Data Processor means the person or organisation processing your Personal Data on behalf of the Data Controller.
- Data Protection Contact Point means the person designated by ADPD, as Data Controller, where you have the opportunity to address your questions or requests regarding this Policy and/or the Processing of your Personal Data and who will deal with such questions and requests. If you are not informed otherwise, you may contact the Data Protection Contact Point as described in Section 3 “Who can you contact with questions or requests?”.
- EEA stands for European Economic Area (= Member States of the European Union + Iceland, Norway and Liechtenstein).
- Personal Data is any information about an identified or identifiable natural person, e.g. you, or which indirectly identifies you, such as, for example, your name, telephone number, e-mail address, etc.
- Processing means an operation or set of operations which is performed upon your Personal Data or sets of such Data by automated or non-automated means, such as collecting, recording, organising, structuring, storing, adapting or modifying, retrieving, accessing and any form of use of Personal Data.
INFORMATION ABOUT COOKIES
This website uses its own cookies to optimise the use of the website and for statistical purposes. Cookies are IT data, in particular text files, which are stored on the website user’s terminal device (computer, phone, etc.). Cookies usually contain the name of the website they come from, the time they are stored on the end device and a unique number.
Please be informed that this website also uses so-called external cookies for the following purposes:
- the collection of general and anonymous statistical data via the analytical tools Google Analytics, Google Ads;
- publicise our website via social media: twitter.com, facebook.com, youtube.com, instagram
For more information on the cookies of these entities, please refer to their privacy policies
The user has the possibility to manage cookies in the settings of their web browser. In particular, the user can prevent cookies from being stored on their terminal device.