The Company, being conscious of the obligations imposed on it in terms of law, in particular Directive 95/46/EC, Directive 97/46/EC and Directive 2002/58/EC and the Data Protection Act (Cap. 440 of the Laws of Malta), shall abide by the hereunder stated:
Collection of Personal Data shall be resorted to only to the extent that it may be necessary for the technical and commercial operation of its activities; Users shall be informed of any such collection and shall also be informed of the specific purpose for which it is being collected not later than the moment of collection;
The Personal Data collected shall be used fairly and lawfully for the specified purposes and only for these purposes; Users shall be given access to their Personal Data;
The Company shall ensure that Users’ Personal Data shall be kept secure using both technical and organisational measures;
The Company shall not pass on Users’ Personal Data to anybody unless a User specifically consents that it can so communicate his or her information; and
The Company shall only store Users’ Personal Data for the length of time required for the purpose for which it is collected.
Collection of Data and Information
Users that wish to avail themselves of that part of the Services which requires registration and who submit an online application shall be required to provide the Company with particular information in the form of completing certain fields which the Company may deem necessary for the provision of the Services. The Company may track Users’ visits to the Website to better understand what appeals most to Users and improve the Services. To this end Cookies may be installed on Users’ computers or such other device as is used to access the Website.
Access and Control to Personal Data
The Company shall ensure that Users’ shall be able to: view the Personal Data held by the Company on the particular User; request that any Personal Data that is inaccurate, irrelevant or out of date be amended or deleted; and choose to stop using the Services and have his or her Personal Data deleted, if such deletion is permissible by law and/or will not prejudice the Company’s position at law.
Company employees who have access either to the databases that store User information or to the servers that host the Services shall comply with strict security rules. Sensitive Personal Data shall be stored in encrypted mode. The Company is not hereby undertaking that no loss, misuse or alteration of data shall occur.
Disclosure of Personal Data
The Company shall only disclose Personal Data if it is bound to do so by law or if it has been expressly authorised to do so by the User concerned. The Company shall not sell Personal Data to third parties unless it has obtained the User’s consent thereto. The Company shall store Personal Data for such duration as may be necessary to comply with legal requirements.