We, the team at APCO Ltd, strongly value our own privacy – and we are therefore committed to protect your personal data (i.e. information that identifies you) as though it is our own.
If you have any questions about how we protect your privacy, please get in touch here: [email protected]
One of your rights under EU law – the GDPR – General Data Protection Regulations – is that you must be informed when your personal data, also known as personal information – is processed (collected, used, stored) by any organisation. You also have the right to know the details and purpose of that processing.
and those users who make use of our online facilities. For all our services, the data controller — the company that’s responsible for your privacy — is APCO Ltd with its address at Hili Building, Nineteen Twenty Three, Valletta Road, Marsa, MRS3000 Malta.
We assure you that we will only use and disclose any personal data collected from you in accordance with the manner set out in this policy.
Most of the personal data which we may collect about you through this website, is given to us only if you choose to give it to us.
Such personal information may be requested from you when you fill in a form (e.g. to submit a vacancy, sign up for our newsletter or fill in any other form with your questions and comments, or any other form or application downloaded through or from APCO Ltd’s website. If you send us emails, then the personal data we process will depend on what you send us in the email.
The information we collect from you normally includes the following:
Check out the next sections to understand how and why we use this information. Some other information is given to us because you accessed this website (e.g. in logs, or recorded through cookies). This is explained in the Cookies section below.
We use your information in a number of different ways — what we do with it then depends on the information and the purpose for which it was collected.
The tables below set this out in detail, showing what we do, and why we do it.
1. Your name and contact details
|How we use your name, surname & contact details (email address)||Why?|
|To send you service messages by text, e-mail or through our app, such as order updates.||We’ve got to do this to perform our contract with you (e.g. to confirm payment) if you have a contract with us – or to respond to your queries.|
|To deliver your purchases to you (if you make an order with us).||We’ve got to do this to reply to your requests for a quotation, or to perform our contract with you.|
|To send you information by email, SMS, or post, about our new products and services.||To keep you up to date. We only send this with your permission – and you can ask us to stop. (You can read more about how we use your information for marketing below).|
|Fraud prevention and detection.||To prevent and detect fraud against either you or us – unfortunate, but absolutely essential.|
|Showing you adverts as you browse the web.||So you can see our latest products and deals.|
|Knowing what you, and other customers, like.||To ensure we are giving you what you want, and enhance your user experience.|
2. Your payment information
|How we use your payment information||Why?|
|Take payment, and give refunds.||This is required to perform our contract obligations with you.|
|Fraud prevention and detection.||To prevent and detect fraud against either you or us.|
3. Your contact history with us
What you’ve said to us — for example, over email or contact forms.
|How we use your contact history||Why?|
|Provide customer service and support||We’ve got to do this to perform our contract with you to your best satisfaction|
|Train our staff||For our team to remain up to scratch so that you get the best possible customer service.|
4. Purchase history and saved items
|How we use your purchase history and saved items||Why?|
|Honour our sales obligations.||We’ve got to do this to perform our contract with you.|
|Provide customer service and support, and handle returns.||We’ve got to do this to perform our contract with you|
|Finding out what you, and other customers like.||To make sure that we understand your needs and be relevant in our communications with you.|
5. Information about your device (phone or laptop) with which you used our website.
Information you give us when you browse our site, including your IP address and device type and, if you choose to share it with us, your location data, as well as how you use our website.
|How we use information about your phone or laptop, and how you use our website and app||Why?|
|Improve our website and set default options for you (such as language and currency)||To give you the best possible experience|
|Protect our website||To prevent and detect fraud against either you or us — and to meet our legal obligations about looking after your data|
6. Your responses to surveys, competitions and promotions
|How we use your responses to surveys, competitions and promotions||Why?|
|Run the survey, competition or promotion||We’ve got to do this to perform our contract with you once you participate.|
This includes, for example, where it is necessary for us to use the information to perform a contract with you or take steps at your request prior to entering into a contract with you, such as to process your order, provide customer-care and support services to you.
It also includes circumstances (such as we have described below) where we have a legitimate interest to use your data, provided that proper care is taken in relation to your rights and interests:
If you are less than 18 years old, please get your parent/guardian’s permission before you provide any personal information to us.
In that case, we will need to process personal data relating to parents or guardians – and we may also need to request verification documentation to ensure that consent is given or authorised by the holder of parental responsibility.
We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. It is not our business to do so – and we want to earn your trust and confidence.
We would normally communicate to you about products or services in which you have shown interest – we understand that you would be interested in receiving this information as it is of relevance to the product or service. But rest assured, if you wish, you can ask us to stop.
Also, if you have said we can (i.e. you gave us your clear confirmation), we will send you marketing messages by email or SMS, to keep you aware of what we’re up to and to help you see and find our products.
How to stop marketing messages from us
You can stop receiving marketing messages from us at any time through any of the following methods:
Once you do this, we will update your profile to ensure that you don’t receive further marketing messages. Please note that, it might take a few days for all our systems to be updated, so you might still get messages from us while we process your request.
If you ask us to stop marketing messages this will not stop service communications (such as order updates). This may be necessary for us to communicate with you as part of our services to fulfil our contract with you.
A cookie is a small text file (typically numbers and letters) that is downloaded onto ‘terminal equipment’ (e.g. your computer or smartphone) when you (or someone else) accesses a website using that device. Cookies are then sent back to originating website on each subsequent visit – and they are useful because they allow a website to recognize a user’s device and store some information about your preferences or past actions.
Some cookies are needed for the sole purpose of carrying out the transmission of a communication over an electronic communications network – others may be necessary for the provision of a service over the internet, in which case they have to be used.
Other cookies may be desirable to improve your experience, in which case we will ask you for your consent to use them.
What cookies do we use?
We use are the following cookies:
|TYPE||PURPOSE||GROUND / NECESSARY|
Google Analytics cookies: _ga, _gat, _gid
|Necessary cookies||These are used as an extra layer of security.|
Cloudflare cookies: _cfduid
Cloudflare is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis.
|GDPR Cookie Consent (plugin we use for user to either accept or decline cookies) – Third Party Cookie||Check whether or not the user has given their consent to the usage of cookies.|
GDPR Cookie Consent cookies: cli_user_preference, viewed_cookie_policy
|WordPress Cookie||Check if the cookies are enabled on the browser to provide appropriate user experience to the users.|
WordPress cookie: wordpress_test_cookie
|WordPress Cookie||Used to customize the view of your admin interface and the front-end of the website. The value represented by [UID] is the individual user ID of the user as given to them in the users database table.|
WordPress cookie: wp-settings-[UID]
How do you change your cookie settings?
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
Other Passive Information which we collect
Apart from the information you provide us with when using our Website, other information is passively collected from you (without you actively furnishing such information) when you navigate through the website. We use various technologies and navigational data collection methods to gather such passive information for various reasons, for example to track how many visitors access our website, the date and time of their visit, the length of their stay and which pages they view. The passive information also aids us to determine which web browsers our visitors use and the address from which they accessed our website – for instance if they connect to our Website through clicking on one of our banner ads. This technology does not identify you personally.
Such passively collected information may be used and combined to improve our services to website visitors, customise the website based on user preferences, compile and analyse statistics and trends of our visitors and their use of the sites operated by us and our related entities or subsidiaries. Together with our related entities and subsidiaries we will use this information and share it with third parties to improve the content, functionality and administration of our websites, to better understand our customers and markets, and to improve our products and services.
We assure you that, unless you have consented, such passive information shall not be combined with personally identifiable information collected elsewhere by our website or respective sites operated by our related entities or subsidiaries.
Our website includes a section with which candidates may submit their information for vacancies we have.
We are the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information, please contact us at [email protected].
What will we do with the information you provide to us?
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements where necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us, to contact you to progress your application.
We will use the other information you provide to assess your suitability for the role you have applied for.
What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. The information we ask for is used to assess your suitability for employment.
You don’t have to provide all the information that we ask for, but it might affect your application if you don’t.
Application stage & Shortlisting
If you use our online application system, the information you give us will be collected by our recruitment section. This may mean that it will be processed by us, or by the Human Resources department of the affiliated companies within the Harvest Division.
We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
Once we receive your application, the applications will be assessed for suitability for the post and the application passed to the relevant manager or department head for assessment and shortlisting for interview.
We might ask you to participate in further recruitment tests or occupational personality profile questionnaires; and/or to attend an interview – or a combination of these. Information will be generated by you and by us and if so, this information is held by us for the recruitment exercise and perhaps afterwards if you are selected.
If we make a conditional offer of employment we may ask you for information so that we can carry out pre-employment checks – which may be required to seek assurance as to trustworthiness, integrity and reliability and the possibility to work with us. Further processing of your information would be required if we are to apply for a work permit.
Depending on the job requirements, you may be required to provide: Proof of your identity; Proof of your qualifications; References from past Employers; Police Conduct; and declaration of any unspent convictions.
If we make a final offer, we will also ask you for the following:
Final recruitment decisions are made by hiring managers and members of our recruitment team. All of the information gathered during the application process is taken into account.
If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained in our talent pool for a period of up to twelve (12) months. If you say yes, we may proactively contact you should any further suitable vacancies arise within that period. You may ask us to cancel this at any time – however we normally keep information about your application for at least 6 months in case you raise any questions about the process.
If you are employed with us, we will keep your personal data throughout the employment and for a period after that in accordance with our HR Policies and Procedures and our HR Document Retention Policy.
You enjoy several rights relating to your personal information:
The right to be informed about how your personal information is being used;
The right to access the personal information we hold about you;
You can access the personal data we hold on you by contacting us by email at [email protected] or on telephone number +356 21445566.
To process your request, we will ask you to send us proof of identity so that we can be sure we are releasing your personal data to the right person.
We will carry out our best efforts to process your request within one month or, if the request is particularly complex, two months. We can provide you with a copy of your personal data in electronic format or hard copy.
If we consider the frequency of your requests as being unreasonable, we may refuse to comply with your request. In those circumstances, if you disagree, you can complain to the data protection authority – in Malta, the Information and Data Protection Commissioner.
The right to request the correction of inaccurate personal information we hold about you;
We appreciate feedback from you to ensure our records are accurate and up-to-date.
If you think that the information we hold about you is inaccurate or incomplete please ask us to correct it by contacting us by email at [email protected].
The right to request that we delete your data, or stop processing it or collecting it;;
You can ask us to delete your personal data; however, this is not an absolute right.
In spite of a request for erasure, we may be justified to retain personal data which we need to keep, e.g. (i) to comply with a legal obligation (for instance, we are required by personal data for VAT reporting purposes); and (ii) in relation to the exercise or defence of any legal claims.
When you ask us to delete your personal data, we assume that you do not want to hear from us again. To ensure that we do not send you any special offers in the future (for example, if we purchased your details from a third party list), we will retain just enough of your personal data solely for suppression purposes.
Other than as described above, we will always comply with your request and do so promptly. We would carry out our best efforts to notify any third parties with whom we have shared your personal data about your request so that they could also comply.
The right to stop direct marketing messages;
You can choose to stop receiving direct marketing messages by selecting the unsubscribe option at the end of the email message.
The right to object to certain processing based on legitimate interest;
You have a right to object to our use of your personal information including where we use it for our legitimate interests or where we use your personal information to carry out profiling using automated means.
The right to request human intervention if automated processing without human intervention is used to make decisions having legal or similar effects on you;
The right to withdraw consent for other consent-based processing at any time;
The right to request that we transfer or port elements of your data either to you or another service provider;
You have the right to move, copy or transfer your personal data from one organisation to another. If you wish to transfer your personal data we would be happy to help.
If you ask for a data transfer, we will give you a copy of your personal data in a structured, commonly used and machine-readable form (e.g. a CSV file format). We can provide the personal data to you directly or, if you request, to another organisation.
Please note that we are not required to adopt processing systems that are compatible with another organisation, so it may be that the recipient organisation cannot automatically use the personal data we provide.
When making a transfer request, it would be helpful if you can identify exactly what personal data you wish us to transfer.
The right to complain to your data protection regulator — in Malta – the Information and Data Protection Commissioner (IDPC)
If you want to exercise your rights, have a complaint, or just have questions, please contact us here [email protected].
Please appreciate that your rights must be exercised within some limitations – for example, if you ask us for information we can only give you what relates to you and not what relates to other persons. When we receive requests, we may also request that you identify yourself and provide documentation or information for verification (we would not want to disclose information to the wrong person). Unreasonable requests may be subjected to a reasonable fee or refusal to respond.
Security of your personal data is very important to us.
You may need to complete a registration process when you sign up to use parts of the websites. This may include the creation of a username, password and/or other identification information. Any such details should be kept confidential by you and should not be disclosed to or shared with anyone.
Where you do disclose any of these details, you are solely responsible for all activities undertaken where they are used.
Whenever you create a password, then to protect your account you should choose a strong password, meaning it should lengthy and include a mixture of letters and numbers with mix of upper-case and lower-case characters.
We do our best to keep the information you disclose to us secure. However, we can’t guarantee or warrant the security of any information which you send to us.
Security measures which we have implemented to secure information transmitted over our website, or stored on our systems include the following :-
Please understand, however, that no system is perfect or can guarantee that unauthorised access or theft will not occur.
This privacy notice does not cover the links within this site linking to other websites which are not controlled by us. We are not responsible for the collection or use of your personal information from these third-party websites.
Therefore, we encourage you to read the privacy statements on the other websites you visit.
We are always happy to hear from you, whether to make a suggestion but especially if you feel we can do better.
Nineteen Twenty Three,
Marsa, Malta MRS 3000
We have appointed a Data Protection Officer who may be contacted here: [email protected]
Have any questions? Feel free to drop us a line.