DATA PROCESSING POLICY
1. Data controller
LEI Register OU, Telliskivi 18-2
2. Contact person
3. Purpose of and legal basis for the processing of personal data
Collected personal data are used by LEI Register and, on a need-to-know basis, its contractual partners. We only process the personal data of legal persons or their representatives (hereinafter ‘company’ or ‘person’).
We process the personal data of persons: 1) who are existing customers of LEI Register; 2) who have submitted a query (potential customer) via LEI Register’s website www.leiregister.mt/ (hereinafter ‘the website’); 3) who browse LEI Register’s website (potential customer); or 4) whose LEI code contact address is available in a public database (potential customer).
LEI Register uses the collected personal data to contact customers or potential customers and to provide services to them. LEI Register may also use the personal data to support its economic activities and analyses, carry out business analyses, improve its products and services, and personalise content and advertisements.
The legal basis for the collection and processing of personal data is LEI Register’s legitimate interest in collecting and processing data to offer, improve, and develop its products and services, as well as to deliver better, targeted advertisements.
LEI Register will not disclose collected personal data to unauthorised third parties. However, LEI Register may transfer the personal data to third parties that provide a contractual service to LEI register. Such third parties are obliged under the contract to use the personal data disclosed to them only for the provision of the contractual service. LEI Register may also disclose collected personal data to authorities or other third parties where required by applicable laws.
4. Processed personal data
Regular data, for example:
· company name;
· the number of the LEI code of a company possessing an LEI code;
· e-mail address;
· country of location.
Personal data collected in connection with the use of our services or website or another similar situation, for example:
· service or website usage data;
· information about the device used;
· LEI Code;
· IP address;
· browser information.
5. Usual data sources and cookies
The customer transfers their personal data themselves whenever they purchase a product or service from LEI Register, as well as when they visit the website and submit a query. LEI Register collects necessary information about potential customers from public databases. Whenever we transmit information for direct marketing purposes, the customer will see an indication if their personal data have been obtained from public databases.
By using our services, the customer is giving their consent to store cookies on their device. If the customer decides to disable the storing of cookies on their device, they may not be able to access or use LEI Register’s services.
6. Usual recipients of personal data and the transfer of personal data in the European Union and to countries in the European Economic Area.
LEI Register processes personal data in the jurisdictions of European Union member states as well as countries participating in the European Economic Area.
7. Data security
Collected personal data are handled with care and kept confidential. The personal data can only be accessed by persons whose duties include the processing of the personal data.
To access a system containing collected personal data (iAdmin or Google Drive), the users must log in using their personal user ID and password.
All collected personal data are protected against accidental or unlawful access (Google Drive) and alteration, destruction, or other similar processing (backlog).
8. Customer’s rights
Customers have the right to:
• access, renew, remove, and rectify their personal data;
• withdraw their consent, if the processing of the personal data is based on consent given by the customer;
• order the restriction of the processing of their personal data from LEI Register;
• order the cessation of the processing of their personal data.
Customers may exercise all of the rights listed above by contacting us by e-mail or clicking on the ‘unsubscribe’ link in the footer of an e-mail received from us.
LEI Register may ask the customer to specify their request in writing.
If the customer is not satisfied with how LEI Register processes their personal data, the customer has the right to file a complaint with the competent supervisory authority which monitors compliance with data protection legislation.
Written requests and queries must be submitted to the following address:
LEI Register OU
9. Data retention policy
Collected personal data shall only be stored for as long as it is necessary and justified or required by applicable legislation.
The personal data of LEI Register’s customers and potential customers shall be retained throughout the duration of the relevant business relationship. If the business relationship ends and the personal data are no longer actively used, the data shall be made inactive. Inactive personal data shall be deleted in accordance with LEI Register’s data retention policy.