Personal Data Protection

Malta Freeport Terminals Limited (the “Company”, or “Us”, or “Our”) recognises that the protection of Personal Data is fundamental to preserving the trust of those who work for its clients, suppliers, stakeholders and others in the wider community, including visitors. The Company is committed to protecting and respecting personal data that it handles in connection with the services it provides to its users, particularly in compliance with data protection law and is committed to the safeguarding of Personal Data in compliance with the General Data Protection Regulation (EU 2016/679) which entered into force on  25 May, 2018 and any other applicable laws and regulations that ensure the protection of Personal Data, as the same may be amended from time to time (“Data Protection Laws”).

This Notice sets out how and why the Company might collect, process, store or use your Personal Data. It also sets out your rights in relation to Personal Data.

A General Data Protection Officer (GDPO) was appointed to control the procedures and purpose of data usage and to supervise the processing of personal data by all the departments which are exposed with the handling of such data.

In the course of the Company’s dealings with its various customers, different types of personal data may be collected and processed, which may include the following:

a. Personal Identification data such as name, address, employer, job title, contact details (e.g. email and phone number), which you provide to us through our registration, enquiry or contact forms, direct interactions, or if you correspond with us via email and which the Company uses to fulfill any request you make (e.g. submitting a query on our website, subscribing to a communications service, fulfilling requests for information, survey etc.).

b. Feedback and opinions which are provided to the Company including through our enquiry or contact forms. Such data is processed to allow the Company to answer queries and complaints you may have and to help us evaluate the quality and consistency of our services.

c. Other Information that the Company collects about you including:

Time, systems and buildings access monitoring information such as CCTV footage, information about the date and location of visits, internet, email and telephone usage data, network or other communication logs, computer and facilities access and authentication information, vehicle registration information, and information necessary to maintain visitor logs and screening;

Information about your current working arrangements such as business title, work location, start and contact details for current employers, any licences, certifications or authorisation needed to perform a certain job;

Payment-related information including bank account details.

d. Website information: Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) click stream to, through and from the website (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouseovers), and methods used to browse away from the page and any phone number used to call the Company customer service number.

e. Cookie Usage: The Company’s website uses cookies to distinguish you from other users of the website. This helps the Company to provide you with a good experience when you browse the website and also allows the Company to improve its site.

The Company will only use your personal data when the law allows it to. In the day to day running of the business, the Company may use your personal data without asking for your consent because:

a. The Company is entering into and carrying out its obligations under a contract with you;

b. The Company needs to use your personal data for its legitimate interest purposes (such as the administration and management of its business and the improvement of its services) which shall comply with GDPR and your interests and fundamental rights do not override those interests;

c. The Company needs to comply with a legal or regulatory obligation.

The Company’s website contains links to and from the websites of its shareholders, clients, sub-contractors and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that the company does not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.

The Company is committed to disclose, share and transfer Personal Data to third parties that are GDPR compliant.

The Company may also need to transfer your Personal Data to other third parties like potential business partners, suppliers, customers, or government bodies, however, the Company will limit who has access to your Personal Data as much as is practicable. As necessary in connection with the monitoring of security and health and safety maintenance and performance, Personal Data may be transferred as part of CCTV footage to business partners, suppliers, customers, end-customers and other third parties. If your Personal Data is transferred out of Malta, the Company will take all necessary measures to ensure it is adequately protected.

All information you provide to the Company is stored on the Company’s servers or those of its sub-contractors. Where the Company has given you, or where you have chosen a password which enables you to access certain parts of the Company’s website, you are responsible for keeping this password confidential. Please do not share any password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although the Company will do its best to protect your Personal Data, the Company cannot guarantee the security of your data transmitted to its site and therefore any transmission is at your own risk. Once the Company has received your information, it will use strict procedures and security features to try to prevent unauthorised access.

Your rights in relation to your Personal Data under the Data Protection Laws include the following:

Right of access: You have the right to confirm with the Company whether your Personal Data is processed, and if it is, to request access to that Personal Data, to know the purpose of the processing and the recipients or categories of recipients. The Company does have to take into account the interests of others though, so this is not an absolute right.

Right to rectification: It is important that the information the Company holds about you is correct and up to date. You can correct or update your information at any time and you can also request a copy of the information the Company holds about you by contacting the GDPO;

Right to restriction of processing: You also have the right to ask the Company not to process your Personal Data for marketing purposes. The Company will usually inform you (before collecting your data) if it intends to use your data for such purposes or if it intends to disclose your information to any third party for such purposes. You can also exercise the right at any time by contacting the GDPO.

The Company will retain your Personal Data as long as is required by applicable Data Protection Laws or for as long as necessary for the purposes for which it was collected, or to satisfy a legitimate business need.

The Company takes every care to ensure that your personal data is kept secure and has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, the Company limits access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

The Company has put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where it is legally required to do so.

Unfortunately, sending information via the internet is not completely secure. Although the Company will do its best to protect your personal data, it cannot guarantee the security of personal data sent to Our Website; this personal data is sent at your own risk.

Once the Company receives your personal data, strict procedures and security features will be used to try to prevent unauthorised access.

The Company will review and update this information from time to time. This may be to reflect a change in the services offered, or in the internal procedures, or it may be to reflect changes in the law. Please check our website to see any updates or changes or you can kindly contact our GDPO on joanna.calleja@maltafreeport.com.mt