Palazzo de Piro Website Privacy Notice
Mdina Metropolitan Chapter, represented by Mons. Louis Camilleri, holder of Maltese ID Card No. 676044M (“We”/”Us”/”Our”) is a legal entity having its registered address at The Metropolitan Chapter, No 4 St Paul’s Square, Mdina, Malta. We are considered as the data controller (“Controller”) for the purposes of this Privacy Notice and any relationship which You may have with Us, insofar as You provide Us with any Personal Data (“Personal Data”).
We are committed to respecting your privacy. Should you wish to contact Us for further information about Our privacy practices, or for further details about this Privacy Notice, please feel free to do so either by post through the abovementioned address or by email at firstname.lastname@example.org. Alternatively, you may wish to contact Us by telephone at (+356) 2145 6620.
Our Data Protection Officer (“DPO”) is Mariella Cutajar who may be contacted by email at email@example.com or by telephone on (+356) 2145 6620.
We kindly ask you to read through this Privacy Notice carefully, in order to understand Our practices with regards to Your Personal Data.
Any references to “Controller”, “Data Subject”, “Personal Data”, “Process”, “Processing”, “Processed” and “DPO” within this Privacy Notice shall have the same meanings as set-out, and will be interpreted in according with applicable laws, including but not limited to the Data Protection Regulation (E) 2016/679 and the Data Protection Act (Chapter 586, Laws of Malta) and any subsidiary legislation thereto, as may be amended from time to time.
What is Personal Data?
The term “Personal Data” refers to any and all personally identifiable information about You, such as Your name, surname and address, and includes all information which may arise that can be identified (directly or indirectly) with You personally.
How do we Collect Your Personal Data?
We will only collect that Personal Data which You provide to Us in furtherance of Your contact request.
We typically collect Personal Data:
- When You post a query, complaint or observation through our website www.palazzodepiro.mt.
- When You contact Us voluntarily in other circumstances such as general advice or information regarding our Services.
What Personal Data do we Process?
The Personal Data We typically collect and Process are:
|Categories of personal data used by the Organisation for the processing purpose||Actual Personal Data collected|
|Contact Details||Name and surname, email, and telephone number|
How do we Use Your Personal Data?
Regardless of the way We have collected Your Personal Data, We will only Process such Personal Data for the purposes of answering your queries, providing our services or purposes which are inherently related thereto, including in fulfilment of any legal or regulatory obligation imposed on us.
Typically, your Personal Data will be Processed for:
- Processing queries, and getting back to You when you willingly contact us.
Legal Bases for Processing Personal Data
In furtherance of the abovementioned Intended Purpose, We will Process Your Personal Data upon the following legal bases:
- Entering into and performing a contract – in particular, to provide You with our Services, managing Our relationship. Providing Your Personal Data is not a statutory obligation, but is necessary for Our performance of such contract (include any Serviced inherently linked thereto). The consequence for not providing Us with Your Personal Data would be that We would not be able to provide You with Our Services and enter into a contract.
- Your explicit consent – in which case, Our Processing shall be strictly limited to the Intended Purpose specifically indicated to You when Your consent was requested. Processing on the basis of Your consent is not envisaged, except with respect to when You request marketing information of future potential updates. You may withdraw Your consent at any time by contacting our DPO at firstname.lastname@example.org or by telephone on (+356) 2145 6620.
- Compliance with any legal obligations which may be imposed on Us.
- We may also Process Your Personal Data for the purposes of establishing, exercising or defending legal proceedings on the basis of Our legitimate interests or compliance with legal obligations, as applicable.
- Special categories of Personal Data include data revealing Your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric or health data, sexual orientation and data related to Your conviction and offences. Typically, We do not envisage any processing of special categories of Personal Data and generally, We would only require to Process such Personal Data if We are involved in the establishment, exercise or defence of legal claims.
- When we envisage the necessity to Process special categories of Personal Data on another basis, We will ensure that We have additional grounds for processing Your Personal Data and will communicate to You any relevant information which may be required under applicable laws, using the e-mail address You initially provided Us with.
We may share Your Personal data with third-party recipients who are:
- Cyberspace Solutions Limited
- Hetzner GmbH
Unless specifically instructed and consented by You, We will not share or transfer any of Your Personal Data with any entity located outside the EU or EEA.
Automated Decision-Making and Profiling
We will not use Your Personal Data for any decision solely taken on the basis of automated decision making processes, including profiling, without human intervention.
We retain Your Personal Data for the period which is lawfully permissible to retain such Personal Data. Thereafter, your Personal Data shall be immediately and irrevocably destroyed. We will only retain Your Personal Data throughout the duration of Our Services with You, and for 1 month thereafter, to ensure that You are content with the Service provided and retain contact information should We need to contact You.
Any Personal Data which We may have on the basis of Your explicit consent shall be retained solely until when You withdraw Your consent. Processing based on Your consent is only envisaged with regards to any communications You may have opted-in to receive concerning any updates, newsletters or events.
For as long as We retain Your Personal Data, you have certain rights as a Data Subject in relation to Your Personal Data, including:
- Your right of access – You have the right to ask us for copies of Your Personal Data.
- Your right to rectification – You have the right to ask us to rectify information You think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your Personal Data in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the Processing of Your Personal Data in certain circumstances.
- Your right to object to processing – You have the right to object to the Processing of Your Personal Data in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the Personal Data You gave us to another organisation, or to You, in certain circumstances.
Please contact us at email@example.com or by telephone on (+356) 2145 6620 if you wish to make a request.
Keeping Your Data Secure
We shall keep Your Personal Data secure and are committed to take the appropriate technical and organisational measures to protect Your Personal Data against unauthorised or unlawful Processing, including against accidental loss, destruction, storage or access. Your Personal Data may be stored in secure, encrypted servers.
If You have any complaints regarding Our Processing of Your Personal Data, please note that You may contact Us or Our Data Protection Officer at the details indicated above. You also have a right to lodge a complaint with the Office of the Information and Data Protection Commissioner in Malta (www.idpc.gov.mt).
We may update this Privacy Notice at Our sole discretion, including as a result of change in applicable laws of Processing activities. Any such changes will be communicated to You prior to the commencement of the relevant Processing activity.
Provision of Personal Data Related to Third-Party Data Subjects
- If You supply Us with Personal Data of third-party data subjects, you shall be solely responsible to ensure that:
- You immediately bring this Privacy Notice to the attention of such data subjects and direct them to it;
- The collection, transfer, provision and any Processing of such Personal Data by You, is fully compliant with any applicable laws;
- As a Controller, You remain fully liable towards said data subjects and shall adhere to any applicable laws;
- You collect any information notices, consent or other requirements from data subjects prior to providing Us with their Personal Data;
- You remain responsible for making sure the information You give Us is accurate and up to date;
- and you undertake to tell Us immediately if the Personal Data changes as soon as reasonably practicable.
You hereby fully indemnify Us and shall render Us completely harmless on first written demand against all costs, damages or liability of whatsoever nature (be in contractual, tort, or otherwise) resulting from any claims or litigation (instituted or threatened) against Us as a result of Your provision of said Personal Data to Us.
This policy is effective as of the 10th March 2022.