Privacy Policy
PRIVACY POLICY
We, Essence of Malta as a trading style of Digital Emporium Ltd (Maltese Registration Number C 99530), with our registered office address at 15, Level 1, Suite 4, Naxxar Road, Birkirkara BKR 9049, Malta are the Controller and responsible for your personal data. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website or you engage us to provide services to you and tell you about your privacy rights and how the law protects you.
This privacy policy aims to give you information on how we collect and process your personal data through your use of our website and our services, including any data you may provide through the website.
Our website and our services are not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.
What Information is collected from you?
We may collect the following data, which includes personal data as follows:
- Name;
- Date of birth;
- Gender;
- Contact information such as e-mail addresses and telephone numbers;
- Financial data, such as bank account and payment details;
- Transaction data;
- Demographic information such as postcode, preferences and interests;
- Technical data such as IP address (automatically collected), URLs starting with a referring site, your activity on our website and the site you exit to (automatically collected), plugin data, login data, locations, operating systems and other similar data; and
- Marketing and communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
We do not collect any Special Categories of Personal Data about you.
How we collect Data
- Data is provided to us by you;
- Data is automatically collected where appropriate; and
- Third parties or publically available data (from analytics providers, advertising networks, search information providers, providers of technical, payment and delivery services and
data brokers or aggregators).
Data that is given to us by you
- When you contact us via our website, by telephone, post, e-mail or through any other means;
- When you enter a competition or promotion through a social media channel;
- When you elect to receive marketing communications from us; and
- When you use our services.
Data that is collected Automatically
- We automatically collect some information about any visit to our website. This information helps us to make improvements to the website content and navigation, and includes IP address, date, times and frequency with which the site is accessed and the way a visitor interacts with our content; and
- We will collect data automatically via cookies, in line with the cookie settings on your browser. For more information please see our Privacy Policy under “Cookies”.
How Information is Used
We will only use your personal data when the law allows us to. Data collected or processed (as the case may be) is used to provide our products and services as per our Terms & Conditions of business based on requirements and where we have legitimate business interests. Most commonly we will use the data for the following purposes:
- To continue providing you with our services as per our agreement with you;
- To allow us to process payments agreed for our services;
- Allow us to store and process your data;
- For management information reporting purposes to help us continually improve our offering to you;
- Allow us to share your data for company and client sales and marketing purposes;
- To process any orders or after sales services;
- To keep you informed of available opportunities in our business as they arise;
- For internal record keeping; and
- Fulfil legal obligations where applicable.
Data Retention
We will only hold your data on our systems for the period necessary to fulfil the purposes outlined in our privacy policy, unless a longer retention period is required or permitted by law.
What Are Your Data Protection Rights?
You have the following rights in relation to your Data:
Right to access – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
Right to correct – the right to have your Data rectified if it is inaccurate or incomplete.
Right to erase – the right to request that we delete or remove your Data from our systems.
Right to restrict our use of your Data – the right to “block” us from using your Data or limit the way in which we can use it.
Right to data portability – the right to request that we move, copy or transfer your Data.
Right to object – the right to object to our use of your Data including where we use it for our legitimate interests.
Withdraw Consent – you have the right to withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent,
Marketing – We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes. You can ask us or third parties to stop sending you marketing messages at any time by emailing us via the email address provided below. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: lee@digital-emporium.net.
If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website at https://ico.org.uk/.
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
Links to other websites
Our Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This Privacy Policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
Cookies
Our Website may place and access certain Cookies on your computer. We use Cookies to improve your experience of using our Website. We have carefully chosen these Cookies and have taken steps to ensure that your privacy is protected and respected at all times.
All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.
Before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling us to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.
You can choose to delete Cookies at anytime, however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
SECURITY
We have in place appropriate technical and organisational measures, to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to personal data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it).
Storage
Data access is limited to data controllers and data users. We have the following security procedures:
- Access to your account is controlled by a password and username that is unique to you.
- Data is stored on secure servers;
- Methods of disposal, shredding of paper documentation and disposal of hardware where necessary is carried out by an authorised third party;
- Data users ensure monitors are not overlooked by visitors to the office and turned off when unattended;
- Mobile devices and computers/laptops are password protected; and
- Where desks and cupboards are used to hold confidential information of any kind, these are kept locked.
Main Data Protection Principles
We will rely on your consent provided to hold and process this information whilst following the legislation governing GDPR. For purposes of paying your invoices, if required, we are legally allowed to share your information with HMRC. In addition, we will ensure that all data processors and data users will ensure the data will be:
- Processed fairly and lawfully;
- Processed for limited purpose and in an appropriate way;
- Obtained for specified and lawful purposes;
- Adequate, relevant and not excessive for the purpose;
- Accurate and up-to-date;
- Not kept for longer than necessary for the purpose;
- Processed in accordance with the data subject’s individual rights; and
- Securely kept.
Personal Data Breach
Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: lee@digital-emporium.net.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
It is the duty of all organisations to report any personal data breach to the relevant supervisory authority. This must be done within 72 hours of becoming aware of the breach, where possible. If the breach is likely to result in a high risk of unfavourably affecting individual rights and freedoms, the Data Controller much also inform those individuals without undue delay. A record of any kind of personal data breaches must be kept, regardless of whether you are required to notify or not.
Who We Share Data With/Third Parties
We may share your personal data from time to time with external third parties, service providers and trusted partners that we engage to assist us in providing services to you pursuant to out Terms and Conditions.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may share your data with the following groups of people for the following reasons:
- Any of our group companies or affiliates – to ensure the correct data analysis for your business;
- Our employees, directors, agents, sub-contractors or advisors on a strict ‘need-to-know’ basis and only under the same (or more extensive) conditions as set out; and
- Third party service providers who provide services to us which require the processing of personal data – in each case, in accordance with this privacy policy, for example but not limited to hosting and domain name providers, data analytics platforms, social scheduling, work flow management, accounting software, website heatmapping, content management systems, customer surveys, client and competitor analysis, e-mail marketing, e-mail and mobile marketing and uses of all social media platforms.
We may also disclose your personal data to third parties where it is in our legitimate interests to do so to run, grow and develop our business, such as if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to prevent illegal activity.
Changes of business ownership and control
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of Digital Emporium Ltd. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the Data for the purposes for which it was originally supplied to us.
We may also disclose Data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.
General:
You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.
If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.
We reserve the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the Privacy Policy on your first use of the Website or being provided with this Policy in the first instance.
Complaints:
If you would like to make a complaint, please contact our Privacy Officer at:
lee@digital-emporium.net