How do we collect, store, process or share your Personal Data?
We collect your Personal Data either directly from you, whether you provide this to us in writing or by electronic means, or, indirectly, through Cookies, when you choose to browse our website.
What information will we collect?
When you make a reservation you may be asked for all or some of the following information relating to you or other members of your party:
- Name & Surname
- Telephone & Mobile phone number
- Email address
- Residential Address
- Check-In Time
- Company Name (if Applicable)
- Credit/ debit card or other payment details (including card number, cardholder name & expiry date).
- Special requirements such as those relating to any disability or medical condition which may affect the chosen arrangements.
You are responsible for ensuring that other members of your party are aware of the content of this Policy and consent to your acting on their behalf in all your dealings with us. Personal data in bookings is automatically deleted after 12 months from checkout date. Bookings are automatically deleted after 5 years. We do not collect computer information such as the IP address and browser type when an online reservation is made.
What we do with the information we gather and why we need it
For the purpose of completing your booking, we may have to disclose some of your information to the providers of the services making up your arrangements.
We may need to disclose your information where required by law, where such a request is made by a legal authority.
We may need to disclose our customer list including any personal information relating to you to a third party who acquires or attempts to acquire all or substantially all of the asset/ stock in our company or our website.
We may also disclose information to organisations who act as “data processors” on our behalf, or to other organisations that perform business functions on our behalf. These functions include administration, customer care, business management and operation, re-organisation/structuring/sale of our business, risk assessment, security and crime prevention/detection, research and analysis, marketing, monitoring, measuring and assessing customer purchasing preferences and trends, dispute resolution, credit checking and debt collection.
We may from time to time contact you with information about special offers, brochures, new products, forthcoming events or competitions. If you do not wish to receive such information, you may ask us in writing not to receive it. We would also like to store and use your personal details for future marketing purposes (for example, emailing you our newsletter). All details you give us in connection with your booking will be kept but we will use only names and contact details for marketing purposes unless you have indicated that you do not wish us to do so.
We have taken all reasonable steps to have appropriate security measures in place to protect your information. Outside the European Economic Area, controls on data protection may not be as wide as the legal requirements in this country. The transmission of information via the internet is never completely secure. We exclude our liability for personal data lost in transmission to the website.
In accordance with European data protection laws, we observe reasonable procedures to prevent unauthorised access and the misuse of personal information. We use appropriate business systems and procedures to protect and safeguard the personal information you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal information on our information systems. Only authorised personnel are permitted to access personal information in the course of their work. We use safe protocols for online communication and transferring of data (such as HTTPS). We also use anonymising and pseudonymising where suitable and we monitor our systems for possible vulnerabilities and attacks.
We will do everything we reasonably can to prevent security breaches but even if you put in place the most robust security solutions available data breaches could still occur. In that eventuality we promise to notify and assist suitable authorities for investigation and we will also notify you if there is a threat to your rights or interests.
Our website might contains hyperlinks to websites owned by third parties. This privacy statement covers websites owned and controlled by us only. Links to other websites and any information collected by these sites are not covered by this privacy statement.
You are entitled to know, free of charge, what type of information is being held and processed about you and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what is being done to comply with Data Protection Legislation.
The GDPR establishes a formal procedure for dealing with data subject access requests. All data subjects have the right to access any personal information kept about them, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing and sent to email@example.com. Your identification details such as ID number, name and surname have to be submitted with the request for access. In case we encounter identification difficulties, you may be required to present an identification document.
65 New Street Holiday Apartments aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data subject will be informed accordingly.
All data subjects have the right to request that their information is not used or is amended if it results to be incorrect. Data subjects may also request that their data is erased.
These rights may be restricted, if applicable, as per Data Protection Legislation. In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Malta Information and Data Protection Commissioner, whose contact details are provided below.
The Information and Data Protection Commissioner
The Information and Data Protection Commissioner may be contacted at:
Level 2, Airways House,
Sliema SLM 1549
Telephone: 2328 7100