Financial Planning Services Limited (hereinafter referred to as “FPS”) respects the right to privacy of users of this website and of its clients. FPS will always seek to protect your Personal Data. This Policy describes how we gather and use such information, the amount of information FPS holds on you and how it uses it.
The following definitions shall have the same meaning as those contained in the General Data Protection Regulation (EU) 2016/679 (“GDPR”): “Data Subject”, “Data Controller, “Data Processor”, “Personal Data”, “Process” or “Processing”
- What Information is Collected
- How we use your Personal Data
- Providing Personal Data to Third Parties
- Retention of Personal Data and the Right to be Forgotten
- Privacy Compliance
- Third Party Websites
- How we Communicate with you
- Security and Staff Awareness Measures
- Right of Access/Questions
- Who we are and how to contact us
What Information is Collected?
FPS may collect Personal Data from you as the Data Subject, when you provide your Personal Data through our website, when you enter into services agreements with us or sign letters of engagement, through your professional/legal relationship with us, while you are in contact with our staff or at any other stage in the course of business.
Through Our Website
You may visit our website without revealing any information about yourself. You may however choose to provide us with Personal Data when you send an e-mail to us via the “Contact Us” link on our site. In such instances, we will store the information that you provide us with and process it further as may be necessary for us to respond to and administer any request that you may make.
From time to time we may process your Personal Data to provide you with information and updates that might be of interest to you in relating to our professional services and developments in legislation. You are requested to inform us by sending an e-mail to firstname.lastname@example.org if you do not wish to receive any such information from us or opt out via the “Unsubscribe” link in any marketing email.
Through Our Professional Services
Before providing our professional services, we view and subsequently retain Personal Data such as your name, address, email address, date of birth, gender, identification documents, information on your family and dependants, information in relation to your occupation, income, assets, liabilities and investment experience and trends, together with source of wealth. We may also process data received through your e-mails to us, accounting, payment data etc. This is important data required for ‘Know-your-Customer’ processes, as imposed by anti-money laundering regulations, applicable in Malta.
In view of the strict legal obligations imposed upon us, we would not be able to provide you with our professional services if you do not supply us with the Personal Data required under the applicable laws.
How we use your Personal Data
We use the Personal Data we collect to deliver the professional services requested from us and honour the services agreements or letters of engagement which regulate our relationship. Other processing activities include professional communication with you, marketing communication such as newsletters and updates (if you have provided your consent), as well as for the purpose of fulfilling our legal obligations.
The legal basis for the processing of your Personal Data may vary, normally depending on the nature of the personal data, but this would include the following:
- Your explicit consent, which you may withdraw at any time by sending us an email or unsubscribing from marketing communications;
- When the processing is necessary for the performance of a contract such as a services agreement or letter of engagement;
- When the processing is necessary for our legitimate business interests, in the provision of the services you have engaged us to carry out;
- When the processing is necessary to promote safety and security as described in the ‘Security’ section below;
- When the processing is necessary to comply with any applicable legal obligation.
Providing Personal Data to Third Parties
Please be aware that data sent through the internet may potentially, for reasons beyond our control that are solely of a technical nature, be transmitted across international borders even where the sender and the receiver of information are located in the same country. Consequently, Personal Data relating to you may in such cases be transmitted via a country having a lower level of data protection than that existing in your country of residence.
Personal Data, once obtained from you, may be transmitted to third parties in those situations where any one of the exceptional instances indicated below arises.
- for the purpose of preventing, detecting or suppressing fraud or any other criminal offence;
- where it is necessary as a matter of national or public security;
- in the interest of national budgetary, monetary or taxation matters that can arise of the collection of national statistics;
- to protect and defend our rights and property or that of users of our website;
- to protect against abuse, misuse or unauthorised use of our website;
- to protect the personal safety or property of users of our website (e.g. if you provide false or deceptive information about yourself or attempt to pose as someone else, we shall disclose any information we may have about you in our possession so as to assist any type of investigation into your actions);
- for any purpose that may be necessary for the performance of any agreement you may have entered into with us; or
- as may be allowed or required by or under any law.
It is also important to highlight the fact that there may be instances where we may transfer your Personal Data to other service providers, acting as Data Processors, who process data for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. Data Processors who are engaged to assist us in attaining the purposes of processing listed in the ‘How we use your Personal Data’ section may include service providers which supply us with services globally, including for customer support, information technology (including backup and email services), payments, sales, data analysis, research, and surveys.
We do not transfer your Personal Data to any third parties for marketing purposes.
Retention of Personal Data and the Right to be Forgotten
We keep your Personal Data for as long as necessary for our legitimate business interests, for legal reasons and to prevent harm, including as described in the ‘How we use your Personal Data’ and ‘Providing Personal Data to Third Parties’ sections of this policy.
FPS acknowledges that you have a right to be forgotten. Therefore, no Personal Data that is processed while providing you with our services, or through our website will be kept longer than necessary for the purposes for which it is processed. Personal Data will only be kept for a period corresponding with our obligations of retention under relevant laws.
Should you wish all or any category of your Personal Data to be deleted, you may request this in writing at email@example.com
FPS engages all reasonable efforts for the purpose of safeguarding the confidentiality of all Personal Data that it processes and regularly reviews and enhances its technical, physical and managerial procedures so as to ensure that your personal data is protected from:
- unauthorised access,
- improper use or disclosure,
- unauthorised modification,
- unlawful destruction or accidental loss.
To this end we have implemented security policies, rules and technical measures dedicated to the protection of the Personal Data processed by us and that data that we have under our control. All our employees and third-party data processors who have access to and are associated with the processing of Personal Data, are further obliged to respect the confidentiality of our visitors’ and clients’ personal data.
By its very nature however the internet is not a secure medium and data sent via this medium can potentially be subject to unauthorised acts by third parties that are outside our control. There can be no absolute guarantee in relation to the privacy or confidentiality of any information passing through our website. We shall accept no responsibility or liability whatsoever for the security of your data while in transit through the internet.
Third Party Websites
No third party is permitted to link any other website to our website without obtaining our prior written consent.
How we Communicate with you
We use your contact information when necessary, to provide you with our professional services. We may also use your contact information to keep you updated through our newsletters and other updates. You can limit or restrict the receipt of these communications via the “Unsubscribe” link in any marketing email or by requesting the same in writing at firstname.lastname@example.org when such communication or marketing is sent via traditional mail.
E-Mail Communications Policy
FPS may intercept some mail and e-mail addressed to individuals within FPS. The reasons it may do this are related to security of FPS, its staff and others, for detection and prevention of crime and to identify correct recipients or to make sure mail is dealt with during staff absence. In the case of e-mails, we may reject, delay or remove content from e-mails whose nature, content or attachments which may disrupt our systems or because they may pose security issues, possibly through viruses. We may also filter out e-mails which contain certain content on the basis that content is offensive or the e-mail is unwanted or constitutes spam. In certain circumstances this may unfortunately result in harmless and legitimate e-mails being affected but we do try and reduce such occurrences.
All e-mail messages sent from FPS are routinely scanned for viruses and as such should be free from any virus, malicious code, script or other executable attachment. The accuracy of scanning products is not guaranteed. The recipient(s) should therefore carry out any checks that they deem to be appropriate in this respect. FPS cannot be held responsible for loss of or damage to data or other damage resulting from such actions that are out of its control, howsoever incurred.
All e-mail messages from FPS are sent in good faith. We cannot be held responsible for any modification that happens through any virus, or the intervention of a third party after they have been sent. All messages are intended for the recipient only. If you are not the intended recipient specifically identified as the addressee on it then you should delete the message and all its attachments and are prohibited from using, reading, disclosing to any person or otherwise acting on the information contained in it and/or its contents in any way and should also notify us as soon as possible of this fact.
Security and Staff Awareness Measures
FPS has developed strict policies governing information technology. These cover areas such as access control, authentication, audit, monitoring, data storage and back up and transmission standards. FPS’s staff is subject to a code of conduct which requires them to adhere to privacy principles.
Right to Access/ Questions
You have a right to request access to and/or correction of your personal data processed by FPS. Any such request must be made in writing to FPS at the address indicated on the homepage of the website and must be signed by yourself as the Data Subject to whom the particular data relates. The processing of such requests sometimes attracts the imposition of a nominal fee.
Data Subject Rights
The full list of Data Subject Rights:
- Right to access
- Right to be forgotten
- Right to rectification
- Right to restriction of processing
- Right to data portability
- Right to object
- Right to withdraw your consent
- Right to lodge a complaint with a supervisory authority
Who we are and how to contact us
If you have any questions about FPS’s privacy / data protection policy or the use of data in a particular service, you should contact us on the following email address: email@example.com
Last Updated: 3rd October 2018