Apartments for Rent and Short Lets in Luqa Malta

Privacy Policy

The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap 586) regulate the processing of personal data whether held electronically or in manual form. 65 New Street Holiday Apartments is set to fully comply with the Data Protection Principles as set out in such data protection legislation. This Privacy Policy lays down how we collect, store, process or share your Personal Data, whether this is provided to us in our Booking Form, through this website, via email or through any other medium of communication including any other form, whether virtual or otherwise, which you may fill in relating to our services.

By providing your Personal Data to us, whether through our Booking Form, through the use of this website, through a request for us to send you our newsletters, brochures or other marketing material, through any email correspondence or through any other medium of communication, whether in writing or by electronic means, you are providing us with your Explicit Consent to collect, store, process and share your Personal Data for the specific purposes mentioned in this Privacy Policy. It is therefore in your interest to read the following information carefully.

65 New Street Holiday Apartments may change this policy from time to time by updating this page. We encourage you to re-read this page from time to time so that you are aware of any changes to our Privacy Policy.

Overview of the Privacy Policy

This Privacy Policy provides information about the Personal Data we collect, store, process and share with Third Parties and why. It also informs you about the security measures we have in place to protect your data and the rights which you have as the subject of such data in accordance with the applicable law.

How do we collect, store, process or share your Personal Data?

Whether you are an individual, a company, or a beneficial owner of a company, we only collect, store, process and share your Personal Data with Third Parties on the basis of the Explicit Consent you have granted to us and for the specific purposes mentioned in this Privacy Policy;

We will only share your Personal Data with Third Parties other than for the specific purposes mentioned in this Privacy Policy if we are required to do so by the Laws of Malta, European Union Law or by an order of a competent authority or body pursuant to such laws.

We collect your Personal Data either directly from you, whether you provide this to us in writing or by electronic means, or, indirectly, through Cookies, when you choose to browse our website.

What information will we collect?

When you make a reservation you may be asked for all or some of the following information relating to you or other members of your party:

  1. Name & Surname
  2. Telephone & Mobile phone number 
  3. Email address
  4. Residential Address
  5. Check-In Time
  6. Company Name (if Applicable)
  7. Credit/ debit card or other payment details (including card number, cardholder name & expiry date).
  8. Special requirements such as those relating to any disability or medical condition which may affect the chosen arrangements.

You are responsible for ensuring that other members of your party are aware of the content of this Policy and consent to your acting on their behalf in all your dealings with us. Personal data in bookings is automatically deleted after 12 months from checkout date. Bookings are automatically deleted after 5 years. We do not collect computer information such as the IP address and browser type when an online reservation is made.

Our Website uses cookies. Cookies are a small text files that are downloaded onto your computer or mobile device when you access a website using that device to gather certain information. Please note that by blocking or deleting cookies, certain parts of this website may not function properly. For more information about what cookies we use and how we use them, please refer to our Cookie Policy.

What we do with the information we gather and why we need it

We will use your name, address and the other contact details to complete your booking, to manage your arrangements, to send you notifications and to communicate with you regarding your reservations. We transfer all our bookings to the property data processor system ‘Beds24’. Responsibility for the processing of personal data within Beds24 lies with Beds24 GmbH, Davoser Str. 1g, D-14199 Berlin,, Managing Director: Mark Kinchin All guests who book through the online system of Beds24 can login to their booking and see their data. Beds24 is fully compliant with GDPR. You can see their privacy policy here:  

Credit/debit card payments are processed via the Stripe Payment Gateway on their secure payment processing platform and they include card type, date and time, amount, card expiry date, billing postcode, your address and other related information. This information is required and necessary for the performance of our contract with you. We do not have sight of the complete card number or CVV code at any time. These details will be securely processed by the Stripe Payment Processing Platform. Responsibility for the processing of personal data within Stripe lies with Stripe Payments Europe Limited 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland,, Stripe is fully compliant with GDPR and their privacy Policy can be viewed by visiting the following website: Should you choose to not pay directly via the Stripe Secure Site and instead choose to provide credit card details to us over the telephone for us to manually do the payment then all card details are destroyed following the successful transaction.

For the purpose of completing your booking, we may have to disclose some of your information to the providers of the services making up your arrangements. 

We may need to disclose your information where required by law, where such a request is made by a legal authority.

We may need to disclose our customer list including any personal information relating to you to a third party who acquires or attempts to acquire all or substantially all of the asset/ stock in our company or our website.

We may also disclose information to organisations who act as “data processors” on our behalf, or to other organisations that perform business functions on our behalf. These functions include administration, customer care, business management and operation, re-organisation/structuring/sale of our business, risk assessment, security and crime prevention/detection, research and analysis, marketing, monitoring, measuring and assessing customer purchasing preferences and trends, dispute resolution, credit checking and debt collection.

We may from time to time contact you with information about special offers, brochures, new products, forthcoming events or competitions. If you do not wish to receive such information, you may ask us in writing not to receive it. We would also like to store and use your personal details for future marketing purposes (for example, emailing you our newsletter). All details you give us in connection with your booking will be kept but we will use only names and contact details for marketing purposes unless you have indicated that you do not wish us to do so.

We have taken all reasonable steps to have appropriate security measures in place to protect your information. Outside the European Economic Area, controls on data protection may not be as wide as the legal requirements in this country. The transmission of information via the internet is never completely secure. We exclude our liability for personal data lost in transmission to the website.


In accordance with European data protection laws, we observe reasonable procedures to prevent unauthorised access and the misuse of personal information. We use appropriate business systems and procedures to protect and safeguard the personal information you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal information on our information systems. Only authorised personnel are permitted to access personal information in the course of their work. We use safe protocols for online communication and transferring of data (such as HTTPS). We also use anonymising and pseudonymising where suitable and we monitor our systems for possible vulnerabilities and attacks. 

We will do everything we reasonably can to prevent security breaches but even if you put in place the most robust security solutions available data breaches could still occur. In that eventuality we promise to notify and assist suitable authorities for investigation and we will also notify you if there is a threat to your rights or interests. 

External Links

Our website might contains hyperlinks to websites owned by third parties. This privacy statement covers websites owned and controlled by us only. Links to other websites and any information collected by these sites are not covered by this privacy statement.

Your rights

You are entitled to know, free of charge, what type of information is being held and processed about you and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what is being done to comply with Data Protection Legislation.

The GDPR establishes a formal procedure for dealing with data subject access requests. All data subjects have the right to access any personal information kept about them, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing and sent to Your identification details such as ID number, name and surname have to be submitted with the request for access. In case we encounter identification difficulties, you may be required to present an identification document.

65 New Street Holiday Apartments aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data subject will be informed accordingly.

All data subjects have the right to request that their information is not used or is amended if it results to be incorrect. Data subjects may also request that their data is erased.

These rights may be restricted, if applicable, as per Data Protection Legislation. In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Malta Information and Data Protection Commissioner, whose contact details are provided below.

The Information and Data Protection Commissioner

The Information and Data Protection Commissioner may be contacted at:

Level 2, Airways House,
High Street,
Sliema SLM 1549
Telephone: 2328 7100

© 65 New Street Holiday Apartments | Home | Privacy Policy | Cookie Policy