This document applies to all personal information held by us as the controllers of your personal data and goes into detail on how we processes your data, why do we process it, with whom this data may be shared, in what situations we may share this data and all the measures we are taking to ensure that your data is safe and secure. The terms of this policy will apply as long as you are a client of ours, but will also continue to apply after you cease to be a client. It also applies if you have sent us your data to be part of our marketing mailing list and also if you have applied for a position with us.
Details about the data controller
The data controller as defined under the Regulation (EU) 2016/679 which is generally referred to as the General Data Protection Regulation (hereinafter referred to as “GDPR”), is Fintech Solutions Ltd, a company registered under the laws of Malta, having company registration number C 88088 and registered address at Villa Gauci, Mdina Road, Balzan, BZN 9031, Malta
The GDPR, is a new EU Commission regulation seeking to strengthen the protection of your personal data. We seek to uphold the high standard imposed by GDPR by providing you with peace of mind that your personal data is stored securely and safely.
How Information is collected from you
Through this website or through the general provision of its services, may collect personal data from you. You would be giving us personal data in any of the following events;
- Engaging us as your service provider - We would need to request certain information as part of our client acceptance procedure, consisting partially of personal data;
- Submitting to our newsletters and mailing list - By submitting your contact details to receive newsletters, you are providing us with certain personal data;
- Submitting a query – By submitting a query through our website, you would be providing us with personal data.
- Applying for a position with us- You may send us a CV in relation to applying for a position with us and therefore, you will providing us with your personal data.
While providing you with services, we will generate other information about you which is also personal data. This would include KYC information which we would need to gather and verify.
Legal Basis of Data Processing
We shall always process your data legally in terms of the current laws and regulations and in terms of the GDPR.
As an applicant to work at us, we process your information due to the fact that:
i. You have consented to the Processing of the personal data. We have the right to retain your data after your application for 4 months, after which we shall delete your data. We shall retain your Personal Data for the above mentioned period to protect our legitimate interest.
As a client, we process your information due to the fact that:
i. Processing is necessary for the performance of our obligations;
ii. Processing is necessary due to other obligations imposed by law;
iii. Processing is necessary to be able to protect our legitimate interest.
In relation to marketing, we process your information due to the fact that:
i. If you are a client of ours, it is in your legitimate interest to receive marketing information about our services;
ii. If you are not a client of ours, we will only send you marketing information if you have consented to such data being sent.
What information we Collect
Personal data is personal information about an individual like you. Through the provision of our services, we may collect any of the following personal data:
- Your client forms and references,
- Your CV, ID card, Passport, utility Bill or other proof of address documents;
- Professional References and Bank References;
- Correspondence with or about you;
- Banking information;
- Financial Data on your assets;
- Source of wealth and source of funds information;
- Criminal History;
- Tax information;
- Information needed for payroll when relevant;
- Contact details;
- IP Address and email
Should you apply for a position with us, we may collect any of the follwing information:
- Name and Surname
- Your CV and any information contained within
- Contact Details
- Information about past experiance
For marketing purposes, we may collect any of the following:
- Name and Surname
- Contact details
Special Categories of Personal Data
Certain other information may be classified as special personal data which includes any information relating to the following;
- Racial or ethnic origin;
- Political opinions;
- Religious or philosophical beliefs;
- Trade union membership;
- Genetic data;
- Biometric data for the purpose of uniquely identifying a natural person;
- Data concerning health;
- Data concerning a natural person's sex life or sexual orientation
We will never store or process any data which is deemed to consist of special cathegories of data without obtaining your prior written consent.
We seeks to provide the best possible protection to your data given to us through our website.
How will your personal information be Processed
Your data is processed through our systems usually to be able to provide you with our services. Data is stored on our systems and servers and is analyzed by our relevant teams, either for compliance purposes or to be able to provide the relevant advice or service.
In some cases your data may also be processed by a third party processor, in terms of the current data protection laws, who will assist us in fulfilling our service standard. The law further obliges us to share your data with the competent authorities in certain situations as detailed under the relevant laws and regulations.
We might also be given information by third parties, either when providing services to you or through public authorities. Such personal data may also already be public.
We might obtain such information from;
- Tax Authorities;
- Governmental Authorities;
- Regulatory Authorities;
- Publicly available information.
1) You have the right to access your data. You have the right to ask for a copy of your personal data.
2) You have the right of recitifcation of incorrect data. If any data we have is incorrect, you have a right to ask for correction of such data.
3) You have the right to be forgotten and that your data is earesed after the passage of time. You may request so that any data that we have on you is deleted. As stated above, due to legal requirements, your data will be held by us for the periods stated in the data retention section and then deleted.
4) You have the right to restriction of procession. This can be done in the following cases:
i. Where you are contesting the accuracy of the data, while such a claim is being checked;
ii. If we proecess your data unlawfully
iii. If we no longer need your data but are keeping the data because we need it for a legal
Kindly note however the if you exercise this right, it will hinder our ability to provide you with the required services, since we may need your personal data to be able to provide you with our services.
5) You have the right to data protability. Your data may be requested in a machine-readable format and you may also request that your data is transfered directly to another person or service provider directly.
6) You may object to the processing of your data. You may at any time inform us that you are objecting to the use of your data for direct marketing and after which we shall stop using your data for such purposes.
7) If you have provided consent for the processing of your data you have the right to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
In making your request in relation to the above, please not that:
- We will analyse your request and provide you with a reply within 30 days, except in extreme situations as allowed under law. In such a case we will provide information as to why your request was not acceded to within the 30 day period.
- We have the right to refuse your request, if your request is not justified. In this case we shall inform you as to the reasons of why your request was refused.
- We have the right to charge a fee or refuse your request in extreme situations where your requests are manifestly repetitive or excessive.
- When you are making a request, we may request documentation to identify the person making the request.
You have the right to lodge a complaint to the data protection authority of your habitual residence if you believe that we have not complied with the requirements of the law. You may also file an action aganst us in a court of competent jurisdiction if you feel your rights have been infringed.
In terms of the local laws and regulations and the GDPR, we strive to provide the best possible protection for your personal data.
This is to ensure that:
- Your data is processed according to law;
- Your data is not processed in violation of your rights;
- Your data is obtained and stored for a specific lawful purpose;
- You are properly informed about your rights and about your data;
- The data processed is required and not excessive;
- Your information is accurate and updated;
- Your information is stored safely and securely;
- Our IT systems are properly protected from attack in order to safeguard your data;
- Your data is kept accordingly to our established time frames and not for a longer period than required;
- Your data is not transferred to jurisdictions which do not adhere to equivalent standards without the appropriate safeguards as stated under law.
From time to time we may send marketing material to individuals subscribed to our mailing list. We send marketing material to our current clients to keep them up to date with any other services that we may offer, however feel free to subscribe to our mailing list below, if you would like to receive such information.
You can click here to subscribe or here to unsubscribe.
Providing your information to Third Parties
To be able to provide you with our services he have appointed third parties to assist us. In some cases your data is transferred to such third parties, or such third parties have access to your data. These third parties can be classified in the following categories:
Service providers who help us in ensuring that your data remains secure
Service providers who assist us in relation to backups for business continuity purposes so that your data is not lost
Banking establishment and other financial institutions
Processing of data would relate to offering services in relation to assistance with banking matters.
Third Party Advisors
Experts and consultants who assist us in providing you with the best advise and services
Service providers who assist us in relation to marketing and website
Service providers who assist us in storing and archiving data
Such information shall only be shared or accessed by such third parties, if:
- We have obtained your consent before;
- Such transfer of data is necessary for the performance of our services;
- Such a transfer of personal data is required under law or other a lawful request by a competent judicial authority.
Transfers to third countries
We shall strive to send your data only to other EU countries or other countries which ensure proper protection for your data. When transferring your data to countries which are not deemed as such, proper measures in terms of the law shall be applied to ensure the protection of your personal data. In cases where such measures cannot be achieved, personal data shall only be sent to these countries if necessary to perform our services and also subject to your prior consent.
We shall retain any personal information provided to us in terms of the law and shall delete any personal data when such a retention period lapses. In this regard, we shall store our information as follows:
i. Any personal information on prospective employees shall be deleted after 4 months after we decide that such individual will not be engaged with us, unless consent is provided. In such a case we shall keep such information for a year.
ii. Any information in relation to clients or prospective clients, shall be kept for at least 10 years. This is due to the fact that by law we are required to keep such information for such a period.
iii. You can also at any time object to the sending of any marketing material or simply unsubscribe from our mailing list. In such a case, we shall not send you any more marketing information and if you are not our client, we shall also delete all your personal information.
Security of Data
We utilise proper security systems to ensure that your data is kept in a secure and safe manner and has also invested considerable resources in this regard. Such measures may include encryption, firewalls, special software and also engaging of specialized individuals to provide your data with a proper level of security.
This website does not utilise any tracking cookies.
Kindly note that our website contains hyperlinks to other websites. Please note that we are not responsible for the content of these other websites or their respective adherence to data protection laws and rules. We do not provide any quality controls to such websites and shall accept no responsibility for their performance, security, accuracy, content or privacy in relation to your personal data.
Changes to our Policy
Requests for Information
If you wish to make any inquiry regarding your personal data, wish to have any of your data corrected or request access to your personal data, you may us on the below. Please note that we may charge a fee or refuse requests which are manifestly repetitive or excessive.
Any request must be in writing and must also include your name, address and a description of the information or correction required. We may also ask for other identification documentation. Such information is essential so that we can identify you properly.
Telephone number: 21 226 176
Address of Fintech Solutions Ltd: Villa Gauci
Balzan, BZN 9031,
This Policy has been updated on the 27th March, 2019