Privacy Policy

Home / Privacy Policy

At Universal Payment Integrators Limited, we recognize that privacy is an important issue, so we design and operate our services with the protection of your privacy in mind at all times. This Privacy Policy outlines the types of personal protection we assure when you use our website, as well as some of the steps we take to safeguard it.

General

Any references in this Policy to “Universal Payment Integrators Limited”, “Universal Payment Integrators”, “Us”, “We”, “Our”, “Ourselves” or “UPI” relate to the Data Controller, namely, Universal Payment Integrators Limited, a Maltese company with the registration number C 61948, having its registered address at The Core, Valley Road, MSIDA MSD9021, Malta.

All processing of Personal Data performed by UPI as envisaged in this Privacy Policy shall be carried out in line with:

  • The Maltese Data Protection Act (hereafter referred to as the “DPA” – Chapter 586 of the Laws of Malta) as well as any other subsidiary legislation issued under the DPA as may be amended from time to time; and
  • Regulation (EU) 2016/679 of The European Parliament And of The  Council of  27  April  2016 On The Protection of Natural Persons With Regard to The Processing of Personal Data And On The Free Movement of Such Data, And Repealing Directive 95/46/EC (General Data Protection Regulation – hereafter referred to as “the Regulation” or “GDPR”).

 

The DPA and the GDPR shall hereafter be collectively referred to as the “Data Protection Laws”.

UPI determines the means and purposes of the processing of Personal Data and therefore acts as the “Data Controller” in terms of the applicable Data Protection Laws.

Definitions

The Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

The Data Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Personal Data” means any information that identifies You individually or relates to an identified or identifiable natural person.

UPI stores Your Personal Data digitally on encrypted hard drives.

GDPR

The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world.

Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU.

The regulation was put into effect on May 25, 2018.

The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros.

Special categories of Personal Data

There are certain more sensitive kinds of Personal Data defined under law as Special Categories of Personal Data. They are:

  •  Racial or ethnic origin;
  •  Political opinions;
  •  Religious or philosophical beliefs;
  •  Trade union membership;
  •  Genetic data;
  •  Biometric data for the purpose of uniquely identifying a natural person;
  •  Data concerning health;
  •  Data concerning a natural person’s sex life or sexual orientation

 

We will not process such Personal Data unless authorized by law.

We will always specify the purpose where such Personal Data shall be used and on what legal basis. We will also only use such Personal Data for the purposes that such Personal Data would be collected and not for any other purposes.

Personal Data Which We Collect, Purpose & Legal Basis Of Processing

We collect the following categories of your personal data:

  • Contact data (name, surname, mailing address, telephone/mobile number, email address)
  • Identity data (name, surname, address, date of birth, identity card/passport number, gender)
  • Employment records and other work related data
  • Data required for marketing purposes(name, surname, mailing address, telephone/mobile number, email address, proof of opt-in consent (where required), proof of objections to marketing, website data and online identifiers (such as IP address, and other information generated by your browser))

 

The purposes of your personal data processing:

  • To register you as a new candidate in our system
  • To provide you with any information regarding your applications and opportunities.
  • To manage our ongoing relationship with you and provide you with customer care services.
  • To provide you with the services you have requested from us.
  • To subscribe to a newsletter, campaigns and/or to be added to a mailing list.
  • To provide you with marketing material that you have requested from us or that we are otherwise authorized to send you.
  • To personalise your customer experience.

 

Legal Basis For Your Personal Data Processing:

  • Contractual Necessity
  • Legitimate Interest
  • ensuring we maintain an accurate record on our system and providing you with information which you may have requested
  • keeping track and reminding candidates about their appointments with potential employers
  • for marketing purposes, where we do not require your consent & to improve our services)
  • Your consent

 

UPI may also collect personal data from publicly available sources such as web searches, company registers and broadcast media provided it is reasonable to do so and such conduct is not detrimental to your rights and freedoms.

Information Sharing

We do not rent or sell your personally identifying information to other companies or individuals, unless we have your consent. We may share such information in any of the following limited circumstances:

We have your consent.

We provide such information to trusted businesses or persons for the sole purpose of working out a merchant account solution for you. When this is done, it is subject to agreements that oblige those parties to process such information only on our instructions and in compliance with this Privacy Policy and appropriate confidentiality and security measures.

We conclude that we are required by law or have a good faith belief that access, preservation or disclosure of such information is reasonably necessary to protect the rights, property or safety of Universal Payment Integrators Limited, its customers, partners or the public.

We will not disclose any information related to your processing to other people or non-affiliated companies, except in the limited circumstances described in this Policy or with your consent.

In the event of a transfer of ownership of Universal Payment Integrators Limited, such as acquisition by or merger with another company, we will provide notice before any personally identifying information is transferred and becomes subject to a different privacy policy.

In those cases where we process on the basis of your consent which We will never presume but which we shall have obtained in a clear and manifest manner from you, you have the right to withdraw your consent at any time in the same manner as you shall have provided it to us.

Should you exercise your right to withdraw your consent at any time by writing to us at the physical address or email address below, we will determine whether at that stage an alternative legal basis exists for processing your Personal Data (for example, on the basis of a legal obligation to which we are subject) where we would be legally authorized (or even obliged) to process your Personal Data without needing your consent and if so, notify you accordingly.

Authorized Disclosures Of Personal Data To Third Parties

Without prejudice to anything else contained in this Privacy Policy, personal data relating to you may be shared with authorised third parties located in or outside of the EU/EEA where such disclosures are permitted or required pursuant to Data Protection Laws and/or any other applicable legislation.

These authorised third parties may include but are not limited to entities within UPI, other third parties and organizations such as law enforcement agencies, collaborating accounting and auditing firms, regulators, relevant authorities and digital marketing providers.

We may also share such personal data with organizations who have introduced you to us, third parties which you have asked us or permitted us to share your data with or any other third party which we must necessarily share your personal data with so as to be able to provide the products and/or services which you have requested. The personal data shared will depend on the product/s and or service/s you choose to use.

When any such personal data has to be transferred outside of the EEA – European Economic Area, we ensure that all the necessary and appropriate safeguards are in place. We may also disclose personal information to other companies within associated or subsidiary companies and to business partners, or successors in title to our business. The manner in which data transfer outside the EEA is handled is detailed below. Your Personal Data will never be shared with third parties for their marketing purposes (unless you give your consent thereto).

Transfer Of Data Outside Of The EEA

 Your personal data will only be transferred outside of the EEA or any other non-EEA country which has been deemed by the European Commission to offer an adequate level of protection (also referred to as “white-listed countries” – listed here https://ec.europa.eu/info/law/law-topic/data- protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en) in the following circumstances:

  • when you have expressly consented us to do so;
  • when it is necessary to constitute or execute a contract entered between you and UPI; or to be compliant and in line with any and all legal obligations or duties;
  • in the event that personal data is transferred outside of the EEA, within UPI or to any of UPI’s business partners, we ensure to implement all appropriate safeguards to ensure that the same protection is afforded and the same standards are applied as would be within the EEA. You are entitled to receive a copy of such safeguards by contacting us at the address in the Contacts section.

Contracts containing the EU Standard Contractual clauses (EU Model Clauses) will be used which require the entity receiving the personal data to use the same standards as they would be subject to within the EEA. Should any data be transferred to the USA and the entity receiving the data is registered with Privacy Shield (a framework that ensures personal data protection) it will be taken that the same level of protection as approved by the European Commission.

Accuracy Of Personal Data

All reasonable efforts are made to keep any Personal Data we may hold about you up-to-date and as accurate as possible.

You can check the information that we hold about you at any time by contacting us in the manner explained below.

If you find any inaccuracies, we will correct them and where required, delete them as necessary.

Please see below for a detailed list of your legal rights in terms of any applicable data protection law.

Information Security

We take appropriate security measures to protect all information against unauthorized access to or unauthorized alteration, disclosure or destruction of data.

If you have any questions regarding this Privacy Policy, please contact us at info@upigate.com