We at Ponte Holidays Ltd. (C C99078) of No1., Tomatoes Street, Xewkija Industrial Estate, Xewkija, Gozo, Malta (‘We’/’Our’/’Us’/’Ponte Holidays’), take your privacy very seriously. We shall endeavour to always act in accordance with applicable law and in particular, the EU General Data Protection Regulation (GDPR) as well as the Maltese Data Protection Act (Chapter 586 of the Laws of Malta) and related subsidiary legislation. Please take the time to read through the below.
WHY DO WE NEED YOUR PERSONAL DATA? – We need your personal data (the information you provide to us during the course of our business together that identifies you as an individual) to provide you with the requested ferry-related services. Therefore, in this case, our legal basis for processing the said personal data is necessity for the performance of a contract with you. With respect to direct marketing, we rely on your consent to send you such communications. As stated below, you may opt-out/withdraw your consent at any time.
WHO DO WE SHARE YOUR PERSONAL DATA WITH? – Your personal data will be made available to those people in our organisation who need it to carry out their duties and provide you with the services you expect from us. We will not disclose your personal data to any other persons besides those mentioned here unless we are required to do so by law. Unless we tell you otherwise, your data will at all times remain within the EU/EEA.
FOR HOW LONG WILL WE KEEP YOUR PERSONAL DATA? – We will keep your personal data only for as long as necessary. Necessity depends on legal obligations we may have. For example, if any personal data can be deemed as ‘accounting records’, we are legally obliged to keep those data for ten  years. We are also entitled to retain personal data in some cases (as opposed to being obliged to do so). For example, when we believe that the personal data are necessary for us to defend ourselves against civil claims that may be brought against us, we are allowed to keep the data for as long as that risk subsists (this is usually five  years from the end of our contractual relationship with you or two  years from the date of a relevant incident if no such contractual relationship exists).
SECURITY – We use reasonable efforts to safeguard the confidentiality of any and/or all Personal Data that We may process relating to You and regularly review and enhance Our technical, physical and managerial procedures so as to ensure that Your Personal Data is protected from:
- unauthorised access
- improper use or disclosure
- unauthorised modification
- unlawful destruction or accidental loss.
WHAT ARE YOUR DATA PROTECTION RIGHTS? – You, as a ‘data subject’ as understood under applicable data protection laws, have a number of rights that are applicable under certain conditions and in certain circumstances, including Your:
- Right of access to your personal data processed by us;
- Right to ask us to rectify inaccurate personal data concerning you;
- Right to have us erase your personal data (‘right to be forgotten’);
- Right to ask us to restrict (that is, store but not further process) Your personal data;
- Right to ask us to provide Your personal data to You in a structured, commonly used, machine-readable format, or (where technically feasible) to have it ‘ported’ directly to another data controller (‘right to data portability’)
- RIGHT TO WITHDRAW ANY CONSENT YOU MAY HAVE GIVEN US AT ANY TIME (for example consent for direct marketing which you may have given us);
- Right to object to our processing your personal data (where applicable);
- Right to lodge a complaint with the relevant supervisory authority.
You may also contact us by writing to us at Ponte Holidays Ltd, Tomatoes Street, Xewkija or calling us on (+356) 27998989 or visiting our offices.