Privacy Policy

This Privacy Policy was last modified on the 18th June 2020

 

Welcome to astral.com.mt (the ‘Website’)

1. Who We Are

1.1 The Data Controller of Your Personal Data is Astral Enterprises Ltd, a Maltese Company having its registered address at “ASTRAL”, Marina Court, Abate Rigord Street, Ta’ Xbiex, Malta (the ‘Company’ ‘We’ ‘Us’ ‘Our’). The purpose of this Privacy Policy is to inform You of how the Company collects, processes, uses, stores and protects Your Personal Data as well as the rights You have with respect to the processing of Your Personal Data.

1.2 By visiting Our Website and using Our Services, You acknowledge reading and fully considering this Privacy Policy.

1.3 The Company acknowledges that in collecting Your Personal Data We are bound by the Laws of Malta and will process Your Personal Data in accordance with the GDPR. For any further request or query about how We use Your Personal Data, You may address Us/Our Data Protection Officer Mr. Matthew Gauci on admin@astral.com.mt.

1.4 Any notice, demand, request or other communication which You address to the Company shall either be sent by certified mail, return receipt requested, or by e-mail. All communication done by e-mail shall be deemed received on the business day following the day of transmission.

 

2. Definitions

Capitalised terms in this Policy shall have the meaning assigned to them under the GDPR, and shall be construed accordingly. Furthermore, the following definitions shall apply:

2.1 Account – an account provided to You by the Company upon Your registration and acceptance of the Terms and Conditions for use of the Services.

2.2 GDPR – the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced or superseded and in force from time to time.

2.3 Services – the Services provided by the Company through the Website.

2.4 User – any person who registers an Account or accesses and browses the Website (‘You’, ‘Your’).

 

3. Subject Matter

3.1. This Privacy Policy sets out the terms and conditions which the Company follows in order to protect the privacy of Our Users. It describes the conditions under which We make any collection and processing of Your Personal Data and ensure their security and confidentiality.

3.2 The Company reserves the right to amend and update this Privacy Policy, whenever it deems appropriate, and any changes thereof shall come in force and effect from the instance they appear online on the Website. Any substantial modifications to this Privacy Policy will communicated to You.

 

4. Principles of Data Processing

4.1 We fully respect Your fundamental rights and consider protection of Your Personal Data to be a priority. Accordingly, when processing Your Personal Data, We follow the following basic principles:

4.1.1 We submit Your Personal Data only to lawful and fair processing, and We maintain full transparency vis-à-vis the way We handle Your Personal Data.

4.1.2 We collect and process Your Personal Data only for specified, explicit, and legitimate purposes as outlined in this Privacy Policy, and We do not process it further in any manner incompatible with these purposes.

4.1.3 We process Your Personal Data only to the extent that it is necessary and appropriate to purposes for which it is collected.

4.1.4 We make reasonable efforts to ensure that Your Personal Data is accurate and, where necessary, updated with regard to the purposes of the processing, taking all reasonable steps to immediately delete or correct it in case of inaccuracy.

4.1.5 We process Your Personal Data in a manner that guarantees its security by using appropriate technical and organizational measures.

4.2 In general, We comply with all applicable laws statutory obligations, as Data Controller of Your Personal Data.

 

5. Types of Personal Data Collected

The Company collects and processes the following Personal Data:

5.1 At the point of Your Account registration:

 

Name and Surname

E-mail Address

Contact number

Delivery Address

Billing Address

 

5.2 At the point of Your access and use of the Website:

IP Address.

End user device data

General communication data.

Browsing data.

Information on user preferences regarding the Website

 

5.3. All other Personal Data directly provided by You during Your interaction with Us.

 

6. Purposes and Legal Basis for Data Processing

6.1 The Company may process Your Personal Data to fulfil its obligations under the Terms and Conditions and based on Your explicit consent, for the following purposes:

Administration and development of the Website and the Services;

Supplying Audio Video Solutions tailored to your requirements

Verifying compliance with the Terms and Conditions.

6.2 You have the right to withdraw Your consent at any time through the ‘withdraw consent declaration’ on our astral.com.mt web site or in writing to Our contact details mentioned in this Policy. Withdrawal of Your consent does not affect the lawfulness of the treatment of Your data prior to its revocation.

 

7. Data Recipients

7.1 For the execution of the purposes mentioned in this Privacy Policy, We may provide access or transmit Your Personal Data to the following recipients:

Our software platform provider for hosting purposes.

Third party contractors for delivery of products purchased from our web site.

7.2 The processing of Your Personal Data by Our Data Processors is done under a contract compelling Data Processors to the same level of data protection provided under this Privacy Policy.

7.3 Our software platform provider which is located in the United States of America forms part of the EU-US Privacy Shield Framework, thereby ensuring that Your data is treated as securely as it is within the European Union and in accordance with this Privacy Policy. for more information on the protection afforded by the EU-US Privacy Shield Framework, please visit: https://www.privacyshield.gov/welcome

7.4 In the event that We are required by a court or other authority, or in any other case where We are legally bound to do so, the Company may transfer Your Personal Data to public authorities to the extent specified by law.

 

8. Data Security and Confidentiality

8.1 In order to ensure the proper use and integrity of Your Personal Data and to prevent unauthorised or accidental access, processing, deletion, alteration or other use, the Company applies appropriate internal policies and takes all appropriate organizational, technical and procedural security measures, as well as technical standards, in accordance with applicable laws and regulations.

8.2 The processing of Your Personal Data by the Company is conducted in a manner that ensures confidentiality and security, taking into account the latest developments, implementation costs and the nature, scope, context and purposes of the processing, as well as the risks for Your rights and freedoms, which are applicable in each circumstance.

8.3 Your Personal Data is processed solely by authorised personnel of the Company, bound by strict obligations of confidentiality.

 

9. Retention of Personal Data

9.1 We retain Your Personal Data for as long as is necessary to fulfill the relevant purposes of processing explained in this Policy, in accordance with the Data Minimisation and Storage Limitation principles. After the period of retention, Your Personal Data is erased from Our databases and systems.

 

10. Your Rights

10.1 You have the right:

To request access to Your Personal Data and information related to their processing and obtain a copy thereof.

To request for the rectification of any inaccuracies or any missing Personal Data of yours.

To request for the erasure of Your Personal Data.

To request for the restriction of the processing of Your Personal Data in cases explicitly provided for by law.

To request for the portability of Your Personal Data to another Data Controller in a structured, commonly used and machine-readable format.

To object to the processing of Your Personal Data in cases explicitly provided for by law.

To object to a decision taken solely on the basis of automated processing, including profiling, which has impact on You or significantly affects You.

10.2 Any requests relevant to the above Section 10.1 must be addressed in writing to admin@astral.com.mt

10.3 If Your rights are infringed, You have the right to file a complaint with the Office of the Information and Data Protection Commissioner at the following website https://idpc.org.mt/en/Pages/contact/complaints.aspx.

 

11. Your Obligations

11.1 By using Our Website and by providing Your Personal Data, You acknowledge that You are required to provide Your actual, accurate and complete data as requested by the Company.

11.2 If You are found to be in breach of Your obligations or if We have reasonable suspicion that the information You provide is false or incomplete or in any way contrary to applicable law or this Privacy Policy, We retain the right to reject Your registration or to suspend or terminate Your Account immediately without notice. In this case, You have no right to any compensation.

 

12. Cookies

12.1 Our Website uses cookies. For more information please review Our Cookie Policy