Privacy Policy

1.Introduction.
This Data Protection Policy reflects the agreement between you and Brainston Advisory (BA) with respect to the processing and security of data in relation to the General Data Protection Regulation (GDPR).

 

 

2.Scope of Data Protection Legislation.
The General Data Protection Regulation 2016 / 679 (GDPR) is in place to protect the data subjects from unlawful processing of their personal information. BA will take all the steps reasonably necessary to ensure that the personal data is treated securely and in accordance of this Data Protection Policy, and in accordance to the GDPR.

 

3.Personal Data
“Personal Data” is information that identifies an individual, including but not limited to:

Name;
Email address;
Postal address;
Contact number;
Date of birth;
Identification number.

 

4.The information we collect
This Data Protection Policy provides specific details of how we treat any personal data you provide us.

We collect and process your personal information mainly to provide you with access to our services and products, and to help us improve our offerings.

We may collect personal information about you from different sources. Types of personal information that we may process include the following:

  • Information given to us directly by yourself;
  • Information collected automatically when you use BA Website;
  • Information collected from other publicly available sources.

 

5.Scope of Processing.
When you provide information to BA in any manner, which constitutes personal data within the meaning of the Data Protection, BA will process data for the following purposes only, namely:

To be able to provide the service that is being applied for;

  • To provide its products and services;
  • For internal assessment and analysis;
  • For the detection and prevention of fraud and other criminal activity which BA is bound to report;
  • To develop and improve BA’s products and services;

For direct marketing, such as to inform you, by mail, telephone, e-mail or other electronic means, about other products and services supplied by BA, its subsidiaries, associates, agents and by other carefully selected third parties, and for research purposes.

Please note that your personal data may be disclosed to or exchanged with all employees of BA, its subsidiaries, associates and agents, including trusted third parties.

Your information may be transferred to and stored in locations outside the European Economic Area (EEA), including countries that may not have the same level of protection for personal information. When we do this, we will make sure that it has an appropriate level of protection and that the transfer is lawful. We may need to transfer your information in this way to carry out our contract with you, to fulfill a legal obligation, to protect the public interest and/or for our legitimate interests. We will only share your information with people who have the right to see it.

6.Other Products and Services
From time to time we would like to tell you about our other products and services and those arranged by us with other suppliers such as insurance companies.

 

Any personal information you provide in the process of enquiring/ arranging any of our other products and services is provided in the strictest confidence. We will only use this for the purposes specified in your enquiry and we will never pass your personal details to these third parties or any other companies for any other reason.

 

If you have already provided your consent, we will continue to rely on this permission until you request us to stop sending you information.

 

7.Information we share.
We do not share personal information with companies, organisations and individuals outside of BA unless one of the following circumstances applies:

With your consent – We will share personal information with companies, organisations or individuals outside of BA when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information.

For external processing – We provide personal information to our affiliates or other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Data Protection Policy and any other appropriate confidentiality and security measures.

For legal reasons – We will share personal information with companies, organisations or individuals outside of BA if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:

  • meet any applicable law, regulation, legal process or enforceable governmental request;
  • enforce applicable Terms of Service, including investigation of potential violations;
  • detect, prevent, or otherwise address fraud;
  • protect against harm to the rights, property or safety of BA, our users or the public as required or permitted by law.

We may share non-personally identifiable information publicly. For example, we may share information publicly to show trends about the general use of our services.

If BA is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different Data Protection Policy.

 

8.Data Retention
BA will not retain your personal information for longer than it is required for the maintenance of your account, or for any legal or regulatory requirements.

 

9.Data Security
We make sure to use reasonable measures to protect the personal data within BA. If you have reason to believe that your interaction with us is no longer secure, please immediately advise us.

 

10.Cookies.
When you visit BA’s Website, BA’s web server automatically records details about you, such as IP address, the website from which you where redirected to BA’s website, type of browser and BA’s website pages visited by you including date and duration.

BA will use your personal data:

  • for the purposes of technical administration and research & development of BA’s Website,
  • for user administration and marketing,
  • to inform you about our services and products.

 

11.Data Subject Rights
Your rights in connection with personal information under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

 

12.Access Requests and Marketing Options
If you wish to exercise your rights or change your marketing preferences, you may do so directly at BA, or by submitting a written request to BA, or by sending an email to info@brainstonadvisory.com. Should you not visit BA in person, BA may need to contact you in order to verify your identity.

 

13.Updates to this Data Protection Policy
We reserve the right to update this Data Protection Policy at any time. The updated Data Protection Policy will be published on our website info@brainstonadvisory.com.

 

14.Contact details of BA and the Supervisory Authority:

Contact Number: +356 2152 1025/6

Address: 264, Main Street, Mellieha, MLH 2317, Malta

Email: info@brainstonadvisory.mt

Supervisory Authority Contact Details:

Land Line: (00356) 2328 7100

Email: idpc.info@idpc.org.mt.