Version: 22 February 2020

1. Purpose of the Policy

This Privacy Policy (hereinafter referred to as the „Policy”) explains how TAXEA Limited  (hereinafter referred to as the „Company”) collects, uses and shares the information you provide to us and the information we collect in the course of operating our business and our website.

 

2. Regulatory Framework

This Policy was made on the basis of:

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), (hereinafter also referred to as „GDPR “).
  2. The Maltese Data Protection Act (Chapter 440 of the Laws of Malta) as well as the various subsidiary legislation issued under the same (hereinafter also refers as the „DPA”)

 

3. Persons subject to data collection

  1. Visitors to our website
  2. Persons who request to receive updates and/or information from us
  3. Persons who use our services
  4. Prospective Employees
  5. Employees
  6. Business Partners and Suppliers

 

4. Information that we collect

There are various categories of data that we collect:

  1. Personal details (any information that can be used to identify you or that we can link to you and which we have in our possession or control for instance name, nationality, date of birth etc).
  2. Contact details (email address, address of residence etc)
  3. Employment details (your profession, job title, name of employer etc)
  4. Financial information (bank statements, information about your source of wealth and funds etc)
  5. Due diligence data (name, surname, address, nationality, financial information, ID/passport, proof of good standing, other KYC documentation)
  6. Tracking data (online identifiers, IP address etc)

 

5. When and how do we process personal data

5.1 Information you provide to us

We will process personal information that you give to us including when you email us or contact us through various channels as follows:

  1. Signing up for services on our Site: when you sign up for newsletters, webinars, events or obtain legal, tax or corporate services from us or when you contact us with queries or respond to our communications the personal information you provide may include your full name, title, telephone number, email address and content, date and time of your email correspondence and information about your employer or your business.
  2. In connection with our provision of legal services: if you are a client of the Company you will provide us with personal information when you or the company you represent becomes a client. If you are not a client we may collect or receive your personal information because you are involved in one of our client’s matters.
  3. Recruitment application: when you apply for a role with us you may provide us with your full name, date of birth, nationality, education and qualification details, your gender, your CV, photograph, passport details, marital status, home address and home telephone number, mobile telephone number and other details set out in your application.


5.2 Information we otherwise collect about you

We will also collect information about you when you use our services or when we otherwise interact or correspond with you. We use various technologies to collect and store information when you visit our website. We may, for example, collect information about the type of device you use to access the websites, your IP address and your geographic location, the operating system and version, your browser type, the content you view and features you access on our websites.


5.3 Information we obtain from other sources

  1. If you apply for a position with us we may collect personal information relating to past employment, qualifications and education, opinions from third parties about you, past employment history and other details about you, which will be provided to us by a third party that provides background screening services to us.
  2. If we collect or receive your personal information in the context of our provision of legal services we might receive information from third parties such as your employer, other parties relevant to the services we are providing (e.g. counterparties in transactions) and others such as regulators and authorities. That information could include your name, contact details, employment details and other information relevant to the legal services that we are providing to our client.

 

6. How we use the information we collect

We may do the following with your personal information:

  1. use it to provide legal services to the relevant client
  2. use it to engage in marketing and business development activity in relation to our legal services. This may include sending you newsletters, legal updates, marketing communications and other information that may be of interest to you
  3. where you have applied for a position with us, to review and process your job application
  4. to comply with legal and regulatory obligations that we have to discharge
  5. use it to establish, exercise or defend our legal rights or for the purpose of legal proceeding
  6. record and monitor your use of our websites or our other online services for our business purposes which may include analysis of usage, measurement of site performance and generation of marketing reports
  7. use it for our legitimate business interests, such as undertaking business research and analysis, managing the operation of our websites and our business
  8. use it to look into any complaints or queries you may have, and
  9. use it to prevent and respond to actual or potential fraud or illegal activities.
  10. we may collect, process and share any statistics based on an aggregation of information held by us provided that any individual is not identified from the resulting analysis and the collation, processing and dissemination of such information is permitted by law.

 

7. Your rights

You have a number of legal rights in relation to the personal information that we hold about you and you can exercise your rights by contacting us using the details set out below.

These rights include:

  1. Obtaining information regarding the processing of your personal information and access to the personal information which we hold about you.
  2. Please note that there may be circumstances in which we are entitled to refuse requests for access to copies of personal information. In particular, information that is subject to legal professional privilege will not be disclosed other than to our client and as authorised by our client.
  3. Requesting that we correct your personal information if it is inaccurate or incomplete.
  4. Requesting that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information but we are legally entitled to retain it.
  5. Objecting to, and requesting that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request.
  6. In some circumstances, receiving some personal information in a structured, commonly used and machine-readable format and/or requesting that we transmit those information to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided to us.
  7. Withdrawing your consent, although in certain circumstances it may be lawful for us to continue processing without your consent if we have another legitimate reason (other than consent) for doing so.
  8. Lodging a complaint with the relevant data protection authority, if you think that any of your rights have been infringed by us.
  9. We can, on request, tell you which data protection authority is relevant to the processing of your personal information.

 

8. How do we keep your personal data

8.1       How long we hold your personal information for will vary and will depend principally on:

  1. the purpose for which we are using your personal information – we will need to keep the information for as long as is necessary for the relevant purpose, and
  2. legal obligations – laws or regulation may set a minimum period for which we have to keep your personal information.

8.2       We will ensure that the personal information that we hold is subject to appropriate security measures.

 

9. How do we share information with third parties

9.1 We may share your personal information outside the Company. This may include:

  1. Third party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your personal information for the purposes described in this Policy. This may include, but is not limited to, IT and communications service providers.
  2. Third parties relevant to the legal services that we provide. This may include, but is not limited to, counterparties to transactions or litigation, other professional service providers, regulators, authorities, governmental institutions and stock exchanges.
  3. To the extent required by law, regulation or court order, for example, if we are under a duty to disclose your personal information in order to comply with any legal obligation.

 

9.2 Where we transfer your personal information outside Europe, we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the information. This can be done in a number of different ways, for instance:

  1. the country to which we send the personal information may be approved by the European Commission
  2. the recipient may have signed a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal information, or
  3. where the recipient is located in the US, it may be a certified member of the EU-US Privacy Shield scheme.

 

9.3 In other circumstances, the law may permit us to otherwise transfer your personal information outside Europe. In all cases, however, any transfer of your personal information will be compliant with applicable data protection law.

 

9.4 You can obtain more details of the protection given to your personal information when it is transferred outside Europe (including a sample copy of the model contractual clauses) by contacting us.

 

10. Update of the Policy

We may revise this Policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are binding on you.

 

Approved on 24th February 2020 by the Board of Directors:
Ms Elinor Borg Barbara and Ms Angele Muscat