Previously Updated on 23 August 2019 Version 1.2
As a registered association established in Malta, EU, the main privacy laws that are applicable to Us in so far as You are concerned, are as follows:
- The Maltese Data Protection Act (Chapter 586 of the Laws of Malta) as well as the various subsidiary legislation issued under the same – the ‘DPA’;
- The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – the ‘GDPR’.
All the above, as may be amended from time to time, referred to together as the “Data Protection Laws”
WHAT ARE PERSONAL DATA?
“PERSONAL DATA” means any information that identifies You as an individual or that relates to an identifiable individual.
Whenever it is not possible or feasible for Us to make use of anonymous and/or anonymised data (in a manner that does not identify any Users of the Site or clients/recipients of Our services), We are nevertheless committed to protecting Your privacy and the security of Your Personal Data at all times.
We collect Personal Data in various ways both digitally via the Site (either when You choose to provide Us with certain data or in some cases, automatically or from third parties) as well as non-digitally (for example when You fill in a physical form to benefit from one or more of Our services).
PERSONAL DATA WE COLLECT ABOUT YOU
There are various categories of Personal Data that We collect about You, namely:
- Mailing address
- Telephone or mobile number
- Email address
In some cases, (for example, if You are a client [or prospective client] of Our services, via the Site, any App or otherwise – even if the service in question is merely information You request from Us and/or Us acting as intermediary between You and one or more of Our members), We may request additional Personal Data as a means of securely identifying You or for another similar lawful purpose (which will be explained in the table below and/or in a condensed policy/notice that may have directed You here). The additional information We may request from You to be able to provide You with Our services includes:
- More secure identification methods
- Details of Your next of kin
- Certain special categories of data (sensitive Personal Data) such as health conditions/status/details of any personal injuries following a traffic accident etc. (only where necessary and with the necessary safeguards in place).
Many of the categories of Personal Data above are collected directly from You (for example, Your Contact Details and Your Registration Data). However, WE MAY ALSO COLLECT PERSONAL DATA FROM OTHER SOURCES, including data companies, credit management companies, publicly accessible databases, joint marketing partners, social media platforms, insurance companies (whether members of The Insurance Association or otherwise), agencies, assessors, claims managers, associations and other insurance related entities, and other third parties. We may also receive Personal Data about You from third parties when We need to confirm Your Contact Details. Should this be the case, We will take all measures as required by law to further inform You about the source of such Personal Data as well as the categories of Personal Data We collect and process (unless We are satisfied that You already have that information). There are certain instances at law where We are specifically forbidden from disclosing to You such activity (for example, when carrying out due diligence for anti-money laundering purposes).
For a detailed description of the reasons why We process the categories of Personal Data above (and any other specific Personal Data We process) as well as the corresponding legal ground(s) for doing so please see the ‘What We Use Your Personal Data For (Purpose of Processing)’ below.
For information/Personal Data that We may collect automatically via the Site, please see the Cookies section below.
HOW AND WHY WE COLLECT PERSONAL DATA
As a general rule, We do not collect any Personal Data, that is, information that identifies You as an individual other than that which You choose to provide to Us such as the data (including Contact Details and Registration Data) You provide when registering with Our Site (where this is available), when enlisting as a member of the Association (if this applies to You as an identifiable natural person), when contacting Us with enquiries relating to Our services, when subscribing to any service offered by Us or via Our Site, such as any newsletters as may be issued by Us from time to time or even when subscribing to any offers We (and/or Our affiliates and/or corporate partners) may offer from time to time (see Personal Data We Collect About You above).
Unless otherwise specified and subject to various controls, as a general rule, We only collect Personal Data (from You or elsewhere) that We: