Galea General Services Ltd. having its registered office situated at Triq l-Imgarr, Gozo, Malta (the ‘Company’) is committed to respect your right to have your data protected, under the General Data Protection Regulation (the ‘GDPR’) and the Data Protection Act Chapter 586 of the Laws of Malta (the ‘Act’).
- Defining ‘Personal Data’
The term Personal Data refers to all information about you from which you may be personally identified, such as your name, surname, address, telephone number, etc.
- How Personal Data is collected
The Company collects Personal Data from:
- email and social media communication;
- information submitted in client forms;
- online request of information forms;
- How consent is obtained
When signing up to the Company`s, website or newsletters, or filling client forms, it is presumed that you are doing this voluntarily, and therefore freely giving your consent to the Company to collect and process the personal data.
It is furthermore presumed that information divulged is correct. The Companyreserves the right to erase the information or to even refuse to extend its services to the individual, should it find out that information given was incorrect, even more so if the Company finds out that a person declared that he was more than sixteen years old and it results that this was not the case.
Consent, once given, may be withdrawn at any time, by emailing the CompanyData Protection Officer as provided under clause 10 below.
- How Personal Data is used
Your Personal Data is only used for the purpose for which it was collected, that is, as part of our business and the services which the Company endeavours to offer you. However, the Company may find itself in a situation where your Personal Data will have to be processed to fulfil a legal or regulatory obligation.
Although the Company likes to keep in touch with our customers and potential customers, for example by sending them news or even a newsletter, the Company, will only do this if you specifically sign up to receive such news.
- How Personal Data is stored
As a general rule, the Company, does not keep physical files. However, in the event that such files are so required the information therein will be limited to the data which is so required to process the information.Any database will be held under lock and key and shall not be left stored on an unsecure device, however the Company or any employees, may store third-party storage platforms, such as a cloud system.Any information transferred or shared with third parties or supplies will only be limited to any obligation legally imposed on the Company, nevertheless any third-parties or supplies shall be fully compliant with the GDPR and the Act.
- Who Personal Data may be shared with
As a general rule, the Company, does not share your Personal Data with anybody. Having said that, the Company, does not exclude that employees, other officials and related service providers are given access to what Personal Data they will inevitably require in order to carry out their duties.
The Company’s website may even include links to other websites belonging to third parties. It is not excluded that by choosing to enter a third-party website, an amount of transferring of your Personal Data may occur.
- Retention of personal data
The Company aims to collect no more Personal Data than that which is required to carry out its duties and to provide customers with satisfactory services. The data is kept for no longer than necessary.
- Your rights
Your rights under the GDPR include:
- the right to inquire about what Personal Data about you is held, and the right to receive a reply to such an inquiry;
- the right to have any inaccuracies in the Personal Data which is held, corrected;
- the right to request that your Personal Data be deleted, whether partially or completely, on the basis that in your view it is no longer required by the Company;
- the right to complain primarily with the Company, as a first step, and if still dissatisfied after the Companyhas reacted to your complaint, to the Data Protection Commissioner;
- the right to request the Company, to stop processing any of your Personal Data, if you oppose such processing;
- the right to request that you longer receive news from the Companyif you had signed up to the newsletter;
- the right to have your testimonial removed from the Company`s, website, if you had given your consent to such a testimonial;
- the right to be informed, within seventy-two (72) hours, if a data breach should occur, and also to be informed about what remedial steps were taken further to that breach.
- Data security
The Company undertakes to keep your Personal Data secure and shall commit to take appropriate technical and organisational measures to protect your Personal Data against unauthorised or unlawful processing.
- Personal Data Officer
The Company Data Protection Officer is JosephXerri. He may be contacted by email at firstname.lastname@example.org. You may contact him at any time, with any queries, difficulties, or possibly even with a complaint.