1. Data Controller

The data controller of this website is Malta Enterprise Corporation, whose head office is situated at Gwardamangia Hill, Pietà, MEC 0001, Malta.

2. Collection of Information and purpose

When you visit our website the following information will automatically be processed and this solely for the use of Malta Enterprise in the administration of this website and to improve the website’s usability:

• The requested web page or download;
• Whether the request was successful or not;
• The date and time when you accessed the site;
• The Internet address of the web site or the domain name of the computer from which you accessed the site;
• The operating system of the machine running your web browser and the type and version of your web browser.

Cookies

Cookies are small pieces of data that the site transfers to the user’s computer hard drive when the user visits the website. This website makes use of cookies to improve this website’s usability, to recognise your computer when you visit our website for the purpose of personalising our website to you. If your browser is NOT configured, by default, to block all or certain cookies, you may manually configure your browser to either reject all cookies or control which cookies are set on your device through this website. You may find all the necessary information on how to make the necessary configuration settings by visiting the following site: http://www.allaboutcookies.org/manage-cookies. Disabling the cookies of this website will not affect your browsing experience.

Personal data provided by the data subject

When using this website’s online ‘Get in touch’ facility, data subjects are required to provide their name, surname, e-mail address and company name for contact purposes. All information provided in the ‘Get in touch’ form will be solely used by Malta Enterprise and its staff as may be necessary to provide you with the feedback to your message. Malta Enterprise shall ensure that any disclosure of such data shall be carried out in full compliance with the General Data Protection Regulation.

3. Personal Data Protection Information and Consent to Process Data

Legal basis and purpose of processing

The personal data collected by Malta Enterprise (hereinafter ‘the Corporation) via this written application for aid inclusive of related annexes as submitted to the Corporation  via its Client Portal (hereinafter ‘the Application’) and its subsequent processing by the Corporation to evaluate data subject’s request for aid under the Scheme, is in line with:

1. The Scheme Incentive Guidelines;
2. Article 28 of the Malta Enterprise Act;
3. The applicable Commission Regulation: Commission Regulation (EU) No 651/2014 of 17th June 2014 declaring certain categories of aid compatible with the internal market in application of Articles 107 and 108 of the Treaty as amended by Commission Regulation (EU) No 2017/1084 of 14 June 2017 amending Regulation (EU) No 651/2014 as regards aid for port and airport infrastructure, notification thresholds for aid for culture and heritage conservation and for aid for sport and multifunctional recreational infrastructures, and regional operating aid schemes for outermost regions and amending Regulation (EU) No 702/2014 as regards the calculation of eligible costs(hereinafter referred to as the ‘General Block Exemption Regulations’ (for Schemes notified under the General Block Exemption Regulations 2014); or Commission Regulation (EC) No 800/2008 of 6 August 2008 declaring certain categories of aid compatible with the common market in application of Articles 87 and 88 of the Treaty (General block exemption Regulation 2008), or Commission Regulation (EU) No 1407/2013 of 18 December 2013 on the application of Articles 107 and 108 of the Treaty on the Functioning of the European Union to de minimis aid (de minimis Regulation);
4. Data Protection Act, Chapter 586 of the Laws of Malta and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

The legitimate basis to process personal data submitted by the data subject by virtue of his/her Application is Regulation 6 (1)(b) of the General Data Protection Regulation (“GDPR”), as ‘processing is necessary in order to take steps at the request of the data subject prior to entering into a contract’.

Data retention period

The data collected by the Corporation as submitted by the data subject via the Application will be retained for a period of 10 years from the last aid granted to the Undertaking represented by the data subject in relation to this written application for aid, in line with the Scheme Incentive Guidelines and Article 12 of the General Block Exemption Regulations 2014 or Article 10 of General Block Exemption Regulations 2008 or Article 6 of the de minimis Regulation.

Pursuant to the Regulation, you have the right to access the personal data, rectify inaccurate personal data, request to erase personal data and request the Corporation to restrict the processing of personal data

To exercise such rights, you are to submit a written request to the Data Protection Officer via the contact e-mail address, dpo@maltaenterprise.com.

Any erasing and/or rectification of personal data and/or restriction of processing as referred to above may:

1. Render one or more cost items or the Undertaking ineligible for assistance under the Scheme or render void an Incentive Entitlement Certificate issued in favour of the Undertaking for assistance under the Scheme in relation to the Application; 
2. Lead the Corporation to enforce a recovery of aid granted to the Undertaking as part of the Application, in line with Article 32 of the Malta Enterprise Act.

Sharing of data where strictly necessary and required by law

For the purpose of processing the Application in line with the Scheme Incentive Guidelines, the General Block Exemption Regulations or the Commission Regulation (EU) No 1407/2013 of 18 December 2013 on the application of Articles 107 and 108 of the Treaty on the Functioning of the European Union to de minimis aid (hereinafter referred to as the ‘de minimis Regulations’), the Corporation shall share the data provided via this application with other Government Entities, subject that such processing satisfies at least one of the grounds listed under Regulation of the GDPR.

For the purpose of monitoring of aid in line with Article 6 of the de minimis Regulations and Articles 11 and 12 of the General Block Exemption Regulations 2014 or Articles 10 and 11 of the General Block Exemption Regulations 2008or where legally required, any data provided as part of the Application may be shared with the European Commission. 

For any individual aid awarded in excess of €500,000 as part of the Application, the details of the Beneficiary, the awarded aid and the project details shall be published as provided for in Article 9 of the General Block Exemption Regulations.

If you feel that your data protection rights have been infringed, you have the right to lodge a complaint with the Information and Data Protection Commissioner.

4. Your rights as data subject

As an individual you may exercise your right to access the data held about you by Malta Enterprise by submitting your request in writing to our Data Protection Officer by email on the following address: connect@startinmalta.phil.themerex.net (hereinafter referred to as ‘Contact e-mail address’). Although all reasonable efforts will be made to keep your information updated, you are kindly requested to inform us of any change referring to the personal data held by Malta Enterprise. In any case if you consider that certain information about you is inaccurate, you may request rectification of such data. You also have the right to request the blocking or erasure of data which has been processed unlawfully. For this purpose, you are requested to submit your request in writing to our Data Protection Officer using the Contact e-mail address.

5. Links to other Web Sites

To give you a better service our site can connect you with a number of links to other local and international organisations and agencies. When connecting to such other websites you will no longer be subject to this policy but to the privacy policy of the new site.

6. Transaction Security Policy

This site uses Secure Sockets Layer (SSL) to ensure secure transmission of your personal data. You should be able to see the padlock symbol on the right-hand side of the status bar situated at the top left hand corner of the browser window. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server. Any data transmitted during the session will be encrypted or scrambled and then decrypted or unscrambled at the receiving end. This will ascertain that data cannot be read during transmission.

7. Changes to this Privacy Policy

If there are any changes to this privacy policy, we will replace this page with an updated version. It is therefore in your own interest to check the “Privacy Policy” page any time you access our web site so as to be aware of any changes which may occur from time to time.

8. Feedback

Any comments or suggestions that you may have and which may contribute to a better quality of service will be welcome and greatly appreciated. You can contact us by using the ‘Contact Us’ form available on our website.