Privacy Policy

You are here:

Privacy Notice

This Privacy Notice (the “Notice”) Applies to the Processing of Personal Data to the use of the website www.macc.org.mt.

For the purposes of users’ use on the website, Malta Association of Crohn’s and Colitis (“We”/”Us”/”Our”) will be the Data Controller. We are committed to respecting your privacy and comply with Regulation (EU) 2016/679.

With this Notice, We aim to ensure that users understand what Personal Data is collected about them, how such Personal Data is used and how it is secured.

Access to this website implies the users’ full and unreserved acceptance of this Notice, and the Cookie Notice, available here. The user acknowledges that they have read and understood the terms within this Notice and agree to the Processing of their Personal Data.

This Notice is valid for all pages hosted on the website. It is not valid for the pages hosted by third parties to which We may refer and whose privacy notices may differ. We therefore, cannot be held responsible for any Personal Data Processed on these websites by other third parties. This Notice also applies to other websites that We may operate, including our organisation page on Facebook.

For the purposes of social media, We will be Joint-Controllers with the respective social media vendor only for the following activities: accessing and Processing statistical aggregate data provided by Facebook. For any other purposes on the platform Facebook shall be considered as the sole Data Controller.

 

1. Personal Data Processing

Below please find the relevant information regarding what Personal Data We collect about you, Our intended purpose of Processing and the respective legal basis and retention periods.

Category

Data

Purpose

Legal Basis

Retention

Contact Information

Name

To answer contact queries submitted through the website

Consent

Until your consent is withdrawn

Surname

E-mail

Mobile

Register of consent

e-Commerce Information

Name

To deliver products and services purchased, and to provide invoices and receipts, as well as for our accounting records

To fulfill our contract with you

Three years after the completion of the transaction, for accounting purposes.

Surname

E-mail

Mobile

Address

Marketing

Name

To receive marketing communications from Us

Consent

Until your consent is withdrawn

Surname

Email

Register of Consent

Membership

Name

To process your membership application and keep Our member database updated, and to keep you updated about news related to your membership.

To enter into a contract with you

Until the termination of the business relationship.

Surname

E-mail

Mobile

Telephone

Address

ID Card Number

Statistical Data

Non personally identifiable information

To generate business analytics based on user website usage, which shall be anonymised.

Our Legitimate Interest in business continuity and provision of better services

N/A

CCTV Footage

Pictures or Videos of you in front of or within the Premises

To secure our premises

Our Legitimate interest in the security of our premises and when necessary, evidence.

14 days.

Health Data

Information as to if you or a relative suffer from Crohn’s or Colitis

To provide more accurate services and information. This is a special category of data and is processed with the highest level of confidentiality and security

Explicit Consent

Until consent is withdrawn

Register of Consent

Promotional Photos and Videos

Pictures or Videos of you at Our events

For promotional purposes, to be posted on our website and social media pages

Consent

Until consent is withdrawn

Register of Consent

It is important to note that since Health Data is considered as a special category of data, it will be treated in a particular manner. This data is transferred to us via email, which email is then printed and deleted. The physical copy of the email is kept under lock and key. No other copies of this data shall be stored.

 

2. Personal Data Sharing

We do not sell or otherwise monetise your Personal Data to third parties.

We have contracted the following service providers to manage the website that may have access to your Personal Data:

  • Cyberspace Solutions Limited for the purpose of website hosting and maintenance.

Your Personal Data may be transferred to such third parties which may be located outside of the EU/EEA. We are therefore committed to comply with international transfer rules and ensure that:

  1. Your Personal Data will be transferred to a country where the data recipient is located in a jurisdiction that has been recognized as adequate by the European Commission; or
  2. Where a jurisdiction has not been recognised as adequate, to implement appropriate safeguards such as the EU Standard Contractual Clauses as of July 2021.
 
3. Security Measures

We treat your Personal Data in a confidential manner and ensure that Our staff and business partners have implemented the appropriate confidentiality arrangements.

Your Personal Data is also contained behind secure networks and is only accessible to select individuals who have been granted special access rights to such systems and are required to retain confidentiality.

We also implement other technical and organisational measures to safeguard your Personal Data such as:

  • Encryption of all data using industry standard encryption methods.
  • Logical and software measures such as firewalls, password protection, anti-virus etc.
  • Physical and material measures such as limited access to the Premises, and special categories of data are stored under lock and key.
  • Regular back-ups and logs.
 
4. Your Rights

You have certain rights over your Personal Data, subject to statutory limitations where applicable.

Access

You have the right to obtain confirmation as to whether or not Personal Data concerning you is being Processed, and if so, relevant information related to such Processing and to a copy of such Personal Data.

Rectification

You have the right to require rectification of inaccurate or incomplete Personal Data about you.

To be Forgotten

You have the right to obtain deletion of your Personal Data under specific circumstances.

Restrict Processing

You have the right to restrict Processing of Personal Data under specific circumstances.

Data Portability

You have the right to request for the receipt or the transfer of your Personal Data to another organisation in a machine-readable format.

Object

You have the right to object, on grounds relating to your particular situation, to the Processing of your Personal Data

Withdraw Consent

You have the right to withdraw your consent for the Processing of your Personal Data where applicable, at no cost and with no justification required.

 
5. Changes to this notice

This Notice is effective as of the date stated above. We may, at our sole discretion, amend this Notice as We deem necessary and will inform you when this is done.

 
6. Contacts

Malta Association of Crohn’s and Colitis (MACC) acting as Data Controller, available at info@macc.org.mt, +356 9930 3964, and c/o Kisba, 28, Triq il-Karwija, Kirkop, KKP 1231, Malta

You may also complain to the supervisory authority, the Information and Data Protection Commissioner (the “IDPC”) whose website is available here.