This Cookie & Privacy Policy relates to the website http://www.koptaco.com and/or any sub-website and/or associated domains (and/or sub-domains) of http://www.koptaco.com/ (hereinafter referred to as the “Site” owned by Koptaco). In this Cookie Policy, “We”, “Us”, “Our”, “Ourselves” and/or “Koptaco” shall refer to KopTaCo Coaches Co-Op LTD. and “You” and “Your” and “User” refer to an identified or identifiable natural person being the user of this Site and/or client of any of Koptaco’s services. Our full details, including contact details, can be read below. You may be reading this Privacy Policy as a User or visitor of the Site or You may have been directed here by one (or more) of Our condensed privacy policies or Our other notices (digital or otherwise)

Although this Privacy Policy provides detailed, layered information on how and why We generally process Personal Data (via the Site or otherwise) as well as detailed information about Your various rights, the specific and tailor-made content of such condensed policies or other notices will, in most cases, provide You with more focused and detailed information on specific processing operations (for example, the specific legal basis for processing certain categories of Personal Data and the specific purpose for doing so depending on the matter at hand). Although Our goal is to always be as clear and transparent as possible, We appreciate that legal documents can sometimes be difficult to read. However, We strongly encourage you to read this Privacy Policy (which is layered for Your convenience) with care. Please do not hold back from contacting Us for any clarification You may need.

For example, if You need clarification on a specific legal basis we are relying on to process Your Personal Data for a specific processing operation, We would be happy to provide You with any such information You may need. “PERSONAL DATA” means any information that identifies You as an individual or that relates to an identifiable individual. Whenever it is not possible or feasible for Us to make use of anonymous and/or anonymised data (in a manner that does not identify any Users of the Site or customers of Our services), We are nevertheless committed to protecting Your privacy and the security of Your Personal Data at all times.


1. PERSONAL DATA

We collect Personal Data in various ways both digitally via the Site (either when You choose to provide Us with certain data or in some cases, automatically or from third parties) as well as non-digitally (for example when You fill in a physical form to benefit from one or more of Our services). When someone visits www.koptaco.com we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns.

We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.


2. PERSONAL DATA WE COLLECT ABOUT YOU

There are various categories of Personal Data that We collect about You, namely:

CONTACT DETAILS:

Name

Surname

Telephone or mobile number

Company name

Email address

& other information

 

Additional Information: In some cases, (for example, if You are a client [or prospective client] of Our services, via the Site, any App or otherwise) We may request additional Personal Data as a means of securely identifying You or for another similar lawful purpose. For a detailed description of the reasons why We process the categories of Personal Data above (and any other specific Personal Data We process) as well as the corresponding legal ground(s) for doing so please see the ‘What We Use Your Personal Data For (Purpose of Processing)’ below.

For information/Personal Data that We may collect automatically via the Site, please see the Cookies section below. When you make a quote request or send us email via the contact form through our website your personal details will be stored in our client database in a secure a protected place. Please be assured that we do not share your personal details with any other company.


3. HOW AND WHEN WE COLLECT PERSONAL DATA

Unless otherwise specified and subject to various controls, as a general rule, We only collect Personal Data from You that We:

  • Need to be able to provide You services You request from Us
  • Are legally required to collect/use and to keep for a predetermined period of time
  • Believe to be necessary for Our legitimate business interests

For a detailed description of the reasons why we process specific categories of personal data as well as the corresponding legal ground(s) for doing so, please see the ‘What We Use Your Personal Data For (Purpose of Processing)’ below. Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.  


4. SECURITY

 

The personal information which We may hold (and/or transfer to any affiliates/partners/subcontractors as the case may be) will be held securely in accordance with Our internal security policy and the law. We use reasonable efforts to safeguard the confidentiality of any and/or all Personal Data that We may process relating to You and regularly review and enhance Our technical, physical and managerial procedures so as to ensure that Your Personal Data is protected from:

– unauthorised access
– improper use or disclosure
– unauthorised modification
– unlawful destruction or accidental loss.

To this end We have implemented security policies, rules and technical and organisational measures to protect the Personal Data that We may have under Our control. All our members, staff and data processors (including specific subcontractors, including cloud service providers established within the European Union), who may have access to and are associated with the processing of Personal Data, are further obliged (under contract) to respect the confidentiality of Our Users’ or clients’ Personal Data as well as other obligations as imposed by the Data Protection Laws.

Despite all the above, We cannot guarantee that a data transmission or a storage system can ever be 100% secure. For more information about Our security measures please contact Us in the manner described below. Authorised third parties, and external/third party service providers, with permitted access to Your information (as explained in this Privacy Policy) are specifically required to apply appropriate technical and organisational security measures that may be necessary to safeguard the Personal Data being processed from unauthorised or accidental disclosure, loss or destruction and from any unlawful forms of processing. As stated above, the said service providers (Our data processors) are also bound by a number of other obligations in line with the Data Protection Laws (particularly, Article 28 of the GDPR).


5. RETENTION PERIODS

We will retain Your Personal Data only for as long as is necessary (taking into consideration the purpose for which it was originally obtained). The criteria We use to determine what is ‘necessary’ depends on the particular Personal Data in question and the specific relationship We have with You (including its duration). We would also have to determine whether there are any laws and/or contractual provisions that may be invoked against Us by You and/or third parties and if so, what the prescriptive periods for such actions are (this is usually five (5) years). In the latter case, We will keep any relevant Personal Data that We may need to defend Ourselves against any claim(s), challenge(s) or other such action(s) by You and/or third parties for such time as is necessary.

Where Your Personal Data is no longer required by Us, We will either securely delete your Personal Data in question.


6. COOKIES

Our Site uses a technology called “cookies”. A cookie is an element of data (usually a very small file) that a website can send to Your browser, which may then store it on Your computer or mobile device. These cookies allow Us to correctly operate the Site and/or to provide You with web pages or content that are tailored to You. For example, some cookies remember Your custom preferences. This information can, in some cases, be carried from one visit of our Site (or related site) to the next (for example, to help You avoid having to re-enter certain information when You visit the same page later. Some of these cookies require Your consent (as explained below).

WHY WE USE COOKIES

We absolutely respect Your right to privacy. We use cookies to ensure the functionality of our Site and to make Your website experience better.  You can remove any cookies already stored on Your computer or mobile device (as explained below) but this may prevent You from using parts of this Site or may cause You to see this message, or part thereof, again.  

 Apart from the cookies We make use of Ourselves, various third-party cookies may also be stored on Your computer or mobile device, including Google Analytics (GOOGLE ANALYTICS SITE). We strongly suggest that You read the cookie policies of any such third-party cookies. 

HOW TO DELETE COOKIES ON YOUR BROWSER

Even if We obtain Your consent to use non-essential cookies or if We use essential cookies (where we don’t need your consent), You can still control Your settings in Your browser to delete or disable cookies. 

If Your browser is NOT configured, by default, to block all or certain cookies, You may manually configure Your browser to either reject all cookies or control which cookies are set on Your computer or mobile device through the Site. Should You wish to reject all or certain cookies used by Our Site, You may modify Your web browser preferences to do so.   

 If You reject ALL cookies (including Essential Cookies) then You might be unable to use some of the features or services available on Our Site and You might also experience a lack of full functionality of the Site.   

Usually, the information on how to change Your options regarding cookies can be obtained by referring to Your operating system’s manual or to the ‘Help’ section of Your web browser, or by contacting Your Internet Service Provider.  

You may also find all the necessary information on how to make the necessary configuration settings by visiting the following helpful site: http://www.allaboutcookies.org/manage-cookies/    

Some cookies are created for each session when You visit Our Site, while others are persistent and may remain for a number of months or years to facilitate Your access to Our Site.


7. MINORS

The Site and Our services are not intended to be used by any persons under the age of eighteen (18) and therefore We will never intentionally collect any Personal Data from such persons. If You are under the age of consent, please consult and get Your parent’s or legal guardian’s permission to use the Site and to use Our services.

We shall consider that any Personal Data of persons under the age of eighteen (18) received by Us, shall be sent with the proper authority and that the sender can demonstrate such authority at any time, upon Our request.


8. YOUR RIGHT UNDER DATA PROTECTION LAWS

Before addressing any request You make with Us, We may first need to verify Your identity. In all cases We will try to act on Your requests as soon as reasonably possible. As explained in the Retention Periods section above, We may need to keep certain Personal Data for compliance with Our legal retention obligations but also to complete transactions that You requested prior to the change or deletion that You requested. Your various rights at law include:

 

Your Right of Access

You may, at any time request Us to confirm whether or not We are processing Personal Data that concerns You and, if We are, You shall have the right to access that Personal Data and to the following information:

  • What Personal Data We have,
  • Why We process them,
  • Who We disclose them to,
  • How long We intend on keeping them for (where possible),
  • Whether We transfer them abroad and the safeguards We take to protect them,
  • What Your rights are,
  • How You can make a complaint,
  • Where We got Your Personal Data from and
  • Whether We have carried out any automated decision-making (including profiling) as well as related information.

Upon request, We shall (without adversely affecting the rights and freedoms of others including Our own) provide You with a copy of the Personal Data undergoing processing within one month of receipt of the request, which period may be extended by two months where necessary, taking into account the complexity and number of the requests. We shall inform You of any such extension within one month of receipt of the request, together with the reasons for the delay. Your Right to Rectification You have the right to ask Us to rectify inaccurate Personal Data and to complete incomplete Personal Data concerning You. We may seek to verify the accuracy of the data before rectifying it. Your Right to Erasure (The Right to be Forgotten) You have the right to ask Us to delete Your Personal Data and We shall comply without undue delay but only where:

  • The Personal Data are no longer necessary for the purposes for which they were collected; or
  • You have withdrawn Your consent (in those instances where We process on the basis of Your consent) and We have no other legal ground to process Your Personal Data; or
  • You shall have successfully exercised Your right to object (as explained below); or
  • Your Personal Data shall have been processed unlawfully; or
  • There exists a legal obligation to which We are subject; or
  • Special circumstances exist in connection with certain children’s rights.

In any case, We shall not be legally bound to comply with Your erasure request if the processing of Your Personal Data is necessary:

  • for compliance with a legal obligation to which We are subject (including but not limited to Our data retention obligations); or
  • for the establishment, exercise or defence of legal claims.

There are other legal grounds entitling Us to refuse erasure requests although the two instances above are the most likely grounds that may be invoked by Us to deny such requests.

 

Your Right to Data Restriction You have the right to ask Us to restrict (that is, store but not further process) Your Personal Data but only where:

  • The accuracy of Your Personal Data is contested (see the right to data rectification above), for a period enabling Us to verify the accuracy of the Personal Data; or
  • The processing is unlawful and You oppose the erasure of Your Personal Data; or
  • We no longer need the Personal Data for the purposes for which they were collected but You need the Personal Data for the establishment, exercise or defence of legal claims; or
  • You exercised Your right to object and verification of Our legitimate grounds to override Your objection is pending.

Following Your request for restriction, except for storing Your Personal Data, We may only process Your Personal Data:

  • Where We have Your consent; or
  • For the establishment, exercise or defence of legal claims; or
  • For the protection of the rights of another natural or legal person; or
  • For reasons of important public interest.

 

Your Right to Data Portability

You have the right to ask Us to provide Your Personal Data (that You shall have provided to Us) to You in a structured, commonly used, machine-readable format, or (where technically feasible) to have it ‘ported’ directly to another data controller, provided this does not adversely affect the rights and freedoms of others. This right shall only apply where:

  • The processing is based on Your consent or on the performance of a contract with You; and
  • The processing is carried out by automated means.

 

Your Right to Withdraw Consent (when We rely on consent)

See Our Special Note on Consent for detailed information on this right (which You may exercise at any time).

 

Your Right to Object to Certain Processing

In those cases where We only process Your Personal Data when this is 1.) necessary for the performance of a task carried out in the public interest or 2.) when processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party, You shall have the right to object to processing of Your Personal Data by Us. Where an objection is entered, the processing of data shall cease, unless We as data controller provide compelling and legitimate grounds requiring the continuation of the data processing which outweigh the objections You may have raised. When Your data is processed for direct marketing purposes, You have the right to object at any time to the processing of Your Personal Data, which includes profiling to the extent that it is related to such direct marketing. For the avoidance of all doubt, when We process Your Personal Data when this is necessary for the performance of a contract, when necessary for compliance with a legal obligation to which We are subject or when processing is necessary to protect Your vital interests or those of another natural person, this general right to object shall not subsist.

 

Your Right to lodge a Complaint

You also have the right to lodge complaints with the appropriate Data Protection Supervisory Authority. The competent authority in Malta is the Office of the Information and Data Protection Commissioner (OIDPC).
We kindly ask that You please attempt to resolve any issues You may have with Us first (even though, as stated above, You have a right to contact the competent authority at any time).

WHAT WE MAY REQUIRE FROM YOU

As one of the security measures We implement, before being in the position to help You exercise Your rights as described above We may need to verify Your identity to ensure that We do not disclose to or share any Personal Data with any unauthorised individuals.

TIME LIMIT FOR A RESPONSE

We try to reply to all legitimate requests within one month from receiving them. In some particular cases (for example, if the matter is particularly complex or if You send Us multiple requests), it may take Us longer than a month. In such cases, we will notify You accordingly and keep You updated.

Please identify yourself via e-mail


9. COMPANY DETAILS

KopTaCo Coaches Co-Op LTD.. is a company registered in Malta with company registration number Nr 45 and whose registered office address is Koptaco Building, Sliema Road, Gzira. GZR 04, Malta is the data controller responsible for processing your Personal Data that takes place via the Site or in the manner explained above.

 

Data Protection Officer : 

Anton Muscat

Koptaco Building Sliema Road Gzira GZR 1635

Telephone :  +356 21338667

Mobile : +356 79338667

Email address : [email protected]

 

If You have any questions/ comments about privacy or should You wish to exercise any of Your individual rights, please contact Us at: [email protected]

 

Updated: 23-05-2019