Effective date: May 2018
Our commitment to your privacy – Your information will be held by Belair Operations Ltd, a company registered in Malta with company registration number C73243 and having its registered office situated at 245, Msida Road, Gżira GZR1400 Malta (hereinafter referred to as the ‘Company’).
1. Your Personal Data:
1.1 We collect and process various categories of personal information at the start of and for the duration of your relationship with us as per Section 2 below. We will limit the collection and processing of information to information necessary to provide the services required. Depending on the services we are providing you, we may require and collect the following information:
1.1.2 basic personal information, including but not limited to, name and address;
1.1.3 other specific personal data, including but not limited to, the date of birth, nationality, country of birth and contact details;
1.1.4 the name and surname of your representative;
1.1.5 your identity card number;
1.1.6 your occupation;
1.1.7 financial information, including account and transactional information and history;
1.1.8 information about your family (such as dependents, marital status, next of kin and contact details);
1.2 We may also process certain special categories of information for specific and limited purposes. We will only process special categories of information where we have obtained your explicit consent or we are otherwise permitted by law to do so.
1.3 If the data provided by you refers to third-parties, you agree and confirm to having obtained and received their prior consent to providing information on them, and to have informed them, before including them in our documentation.
2. When and how we collect information about you:
2.1 As you use our services, make enquiries, and engage with us, information is gathered about you. We gather and generate information about you when you provide it to us or interact with us directly. We may also receive information about you from other sources, including publicly available sources. We may combine information that we have about you from various sources, including the information that you have provided to us.
2.2 Furthermore, we may receive personal or sensitive data relating to you and/or your dependents, spouse, partner, family from third-parties such as Court Judgments database, the Registry of Companies, World Check, Credit Info, Malta Association of Credit Management (MACM), fraud-detection and credit-reference agencies and other sources which are available to the public, which entities are all legally entitled to communicate such data and that such data is processed for the stated purposes.
3. Use of your personal data:
3.1 We may use your personal data to:
3.1.2 obtain quotations, coordinate evaluation processed related to any immovable property being acquired, purchased, sold, leased, rented or assigned, as requested and instructed by you, from third-party service providers, which include but not limited to architects, civil engineers and others, and for such purpose we shall disclose your personal information to such third-party services providers;
3.1.3 communicate with you and provide you with information about our services, including direct marketing communications (provided we have obtained your explicit and informed consent);
3.1.4 answer your questions and request for services, and solicit your feedback;
3.1.5 process payment as agreed with you;
3.1.6 send statements, invoices and other documents;
3.1.7 send important notices, such as changes to our terms, conditions and policies;
3.1.8 send you technical notices, updates, security alerts and support and administrative messages;
3.1.9 for internal purposes such as auditing, data analysis and research to help us deliver and improve our services;
3.1.10 to ensure we have up-to-date contact information for you.
3.2 We may also be required to processes your personal data for the purpose of:
3.2.2 compliance with applicable laws, rules, regulations, guidance and codes;
3.2.3 compliance with demands or requests made by local and foreign regulators, governments, courts and law enforcement authorities, and complying with a court process, or in connection with any litigation;
4. The basis on which we process your personal data:
4.1 We have described the legal grounds for which your information may be used in detail below:
4.1.1 Contractual necessity: its use is necessary in relation to a service you have requested from us or in relation to an agreement that you have entered into or because you have asked for something to be done so you can enter into an agreement with us. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to provide products and services to you.
4.1.2 Our legitimate interests: we may process your personal data where it is in our legitimate interests to do so, without prejudicing your interests or fundamental rights and freedoms.
4.1.3 Legal obligations: when you engage us to provide you with our services, and throughout your relationship with us, we are required by law to collect and process certain personal data about you. Its use is necessary because of a legal obligation that applies to us (except an obligation imposed by a contract); and
4.1.4 You have consented or explicitly consented to the using of your data (including sensitive data) in a specific manner.
5. Recipients and Sharing of your personal information:
5.1 Your personal data will be received by the Company representatives, agents and employees.
5.2 Whilst you are our customer we undertake the responsibility not to transfer or exchange any information that we hold about you unnecessarily to or with any third-parties without first obtaining your written consent. Nevertheless, and in line with our regulatory and legal obligations, there may be instances during the course of providing you with our services where we may be required to disclose, share or exchange some or all of your personal information, whether sensitive or otherwise, to the following persons:
5.2.1 Brokers, agents, subsidiaries or companies’ forming part of the Belair group being in Malta or overseas to seek information on your behalf from the international market.
5.2.2 Our professional advisors and auditors strictly as required for consultation purposes or for compliance with our legal obligations or legal action;
5.2.3 regulators, governments and law enforcement authorities as and when this is required under applicable laws and regulations;
5.2.4 courts, tribunals, arbitrators or other competent bodies who may have authority to request such personal information; and
5.2.5 other third-parties in connection with our selling, merging, buying, or reorganising all or any part of our business, or carrying out any similar change of our business (including any potential or actual purchaser of that business or that purchaser’s advisors).
6. How long we keep your personal data:
6.1 We will retain your personal data for only as long as appropriate to fulfil the purposes for which we collected your personal data, unless the law permits or requires that the Company retains it for longer.
6.2 We may also retain your information where we need to withhold destruction or disposal based on an order from the courts or an investigation by law enforcement agencies or our regulators. This is intended to make sure that we will be able to produce records as evidence, if they’re needed.
6.3 We may also retain your information where we are of the opinion that it is so necessary to do so in the interest of the Company.
7. Security of Data:
7.1 We use and maintain appropriate administrative, technical and organizational measures designed to help safeguard the confidentiality and integrity of your personal data and to protect it against accidental or unlawful destruction, accidental loss, unauthorized alteration, disclosure or access, misuse, and any other unlawful processing of the personal data in our possession.
7.2 We try not to keep physical files however in the event such files are so required the information therein will be limited to the data which is so required to process the information. All physical files are under lock and key and shall not be left stored unsecured. Such physical files will only be accessed by limited selected individuals.
7.3 Any database will be held under lock and key and shall not be left stored on an unsecure device, however we may store third-party storage platforms, such as a cloud system.
7.4 Any information transferred or shared with third parties or supplies will only be limited to any obligation legally imposed on the Company, nevertheless any third-parties or supplies shall be fully compliant with the General Data Protection Regulation and the Data Protection Act Chapter 586 of the Laws of Malta.
8. Your rights:
8.1 You have various rights in relation to your personal data. In particular, you have a right to:
8.1.1 obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you;
8.1.2 ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete;
8.1.3 in certain circumstances as allowed by law, ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data;
8.1.4 withdraw consent to our processing of your personal data (to the extent such processing is based on consent);
8.1.5 receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to another party (to the extent the processing is based on consent or a contract);
8.1.6 object to our processing of your personal data; and
8.1.7 to be duly informed that if at any stage a breach of personal data occurs, the Company is bound to notify you and the regulator, within 72 hours from such occurrence. The Company is bound to provide you with a report explaining what action was taken and how such matter is to be resolved.
9. How to contact us:
9.1 If you have any questions about how your personal data is collected, stored, shared, or used, or if you wish to exercise any of your data rights, please contact our Data Protection Officer: Trevor Galea on firstname.lastname@example.org
10.1 In the event that this Policy is revised, you will be notified without delay, and where appropriate, the Company will do so by SMS, email or snail mail.