Privacy Policy
General Information
This website is administered by SG Solutions Limited. SG Solutions Limited is committed to respecting your privacy and protecting your Personal Data. SG Solutions Limited takes the security of your Personal Data very seriously, and endeavors to be transparent, by providing information on the categories of Personal Data collected, and the purpose for collecting such Personal Data.
This Privacy Policy covers how SG Solutions Limited collects and treats any information that you may give us, as well as how we store, use, transfer and disclose the information we have collected. Please read through our privacy practices and let us know if you have any queries. This Privacy Policy applies to Personal Data collected through the use of this website only.
For this purpose, this privacy policy provides you with information on the following:
- Who is the data controller?
- What is Personal Data and what are special categories of Personal Data?
- What categories of Personal Data do we collect and how?
- What do we use your Personal Data for and for what lawful reason?
- Who do we share your Personal Data with?
- Links to third party websites;
- Security, storage, and transfer of your Personal Data;
- For how long will we retain your data?
- Do we use cookies?
- What are your rights as a data subject?
- Data Protection Officer;
- Complaints;
- Changes to this Policy.
Who is the data controller?
In this Privacy Policy (this “Policy”), “SG Solutions”, “SG” “we”, “us” or “our” means SG Solutions Limited, (a company incorporated in Malta, with registration number C-5521, and with principal offices at Dun Karm Street, B’Kara By Pass, B’Kara, Malta).
All Personal Data obtained by us is held and used in compliance with this Policy, with Act No. XX of 2018 (which repealed and replaced the Data Protection Act, Cap.440 of the Laws of Malta), and the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (hereafter referred to as the “GDPR”). SG Solutions Limited is deemed a “data controller” for the purposes of the GDPR. The Controller is also the owner and registrant of this Website.
The Controller is reachable at: [email protected] or +356 21442123
What is Personal Data and what are special categories of Personal Data?
In this Policy “you” or “your” means you, the person who provides us with Personal Data; and, “Personal Data” shall have the meaning assigned to it by Article 4 of the GDPR. Under the GDPR, Personal Data consists of any information relating to an identified or identifiable natural person (‘data subject’).
The GDPR provides that special categories of data relates to the “processing of Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”.
No special categories of Personal Data are collected through the use of our website.
All information you provide to us when using this website is collected and managed by us. We will process your Personal Data in a manner consistent with this Privacy Policy and applicable laws.
What categories of Personal Data do we collect and how?
Personal data is collected through the following channels:
Personal information collected directly from you
While visiting our website you may be asked to provide certain categories of Personal Data, more specifically in the following instances:
When creating an account to buy from our online shop
- Your name and surname;
- The name of your company and VAT number (if applicable);
- Your date of birth
- Your contact number;
- Your email address;
- Your home address; and
- Your shipping address.
When sending us a message through the ‘Contact Us’ form
- Your name and surname;
- Your email address; and
- Any other categories of Personal Data that you may voluntarily provide in the free-text box.
When contacting us through Chat Box
- Your name and surname;
- Your email address;
- Your phone number; and
- Any other categories of Personal Data that you may voluntarily provide in the free-text box.
When subscribing to our newsletter
- Your name and surname; and
- Your email address.
When you apply for the iCentre Loyalty Card
- Your name and surname;
- The name of your company and VAT number (if applicable);
- Your date of birth;
- Your ID card / Passport number;
- Your contact number;
- Your email address; and
- Your home address.
When pre-ordering or registering an interest for new products
- Your name and surname;
- Your email address; and
- Your contact number.
Information we may obtain
Through cookies and similar technologies we may collect information to recognise you, remember your preferences and tailor the content we provide to you, such as:
- Browser information (including language settings) and device used;
- Your location (as per your IP address);
- Your screen resolution;
- Average time you spend on each web page part of the Website.
Website visitor data is anonymised. For more information on what Cookies are, and what they do, please refer to our Cookies Policy. Moreover we may also collect information about your age and gender (if you visit the Website while logged into you Google account). Save for such circumstances described, you may still visit our site anonymously.
What do we use your Personal Data for and for what lawful reason?
We collect, store and process your Personal Data to provide you with the best service, and in particular for the following reasons:
-
To deliver our products and services
We will collect your Personal Data for the purpose of creating and maintaining your user account, which will enable us to process your orders and deliver products ordered. Your shopping history also helps us to improve our website content, products and services. Moreover, we may also process your Personal Data when you pre-order or register your interest in our products and services for the purpose of notifying you about the availability of stock for new products.
For the above-mentioned purposes, we will process your Personal Data for the lawful basis of performing our obligations arising from orders you submit and as this is in our legitimate business interest.
-
Marketing
We may use your Personal Data to provide you with information on our products and services, promotional material, newsletters and also to send and keep you informed of any events and promotions that we may organise from time to time. We will send you such marketing communication following your specific consent. Your marketing preferences can be changed at any time by sending an email to [email protected], or by sending your request via post using the following postal address: Marketing Department, SG Solutions Limited, iCentre, Dun Karm Street, B’Kara By Pass, B’Kara, Malta.
-
General account administration
We may also process your Personal Data, including your purchase history, for administrative purposes, which may include for example, managing the collection and redemption of loyalty points (for loyalty card holders), accounting and billing, systems testing, maintenance and development, auditing and to comply with any requests received from Regulatory Authorities. Your Personal Data is processed as this in our legitimate interest and also to comply with our legal obligations.
-
Enhance customer service
We may process your Personal Data to deal with general enquiries you may raise from time to time on our products or services, through our “Contact us” page or through the Chat Facility provided in our website. We may also process your Personal Data to contact you for feedback on our products and services, through customer satisfaction surveys, conducted from time to time, so as to assist us in improving our products and services. The lawful basis for processing your Personal Data for these purposes is our legitimate business interest.
-
Data analytics, statistics and visitor data
We may use your Personal Data for statistical and marketing analysis, to help us improve our products and services. Website visitor data is used to improve the content and functionality of our website, to better understand the categories of visitors and improve our products and services. Personal Data is processed in this manner, as this is in our legitimate interest.
-
To defend and protect our legal rights and interests
We may also process your Personal Data for our legitimate interest to defend or protect our legal rights and interests, as and if required.
Who do we share your Personal Data with?
We may also share some of your Personal Data with the following categories of third parties:
- Your Personal Data may be shared between the undertakings forming part of the same group of companies as SG Solutions Ltd.
- In addition, we may share relevant information with third parties who provide services such as leasing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies will be obliged to protect this information.
- Third party IT companies – which administer, maintain and support our website and which transmit any Personal Data submitted in the website to us.
- Payment Service Providers – when ordering products and services directly from our website we make use of payment service providers to collect and process payment information. We ensure that payment service providers used have suitable organisational and technical measures in place to secure your payment details. We do not store any payment details, you provide to our payment service providers.
- We may share your Personal Data with our service providers including but not limited to our accountants and auditors.
- We may share your personal data with our Principal (supplier) and distributors appointed by our supplier as may be required for their own record and/or warranty purposes. Moreover personal data may also be shared with our Principal (supplier) when they subsidise marketing campaigns or promotional offers issued by us from time to time.
- You should be aware that we may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all Personal Data we collect to the relevant third party.
- Legal and other professional advisers and law courts in order to enforce our legal rights in relation to our contract with you.
- Save as provided in this Privacy Policy for the purposes set out herein, disclosure will only be made to third parties, if this is imposed on us by law, legal process, litigation, and/or requests from public and governmental authorities empowered by Maltese law.
- Save as provided for in this Privacy Policy, we do not sell, trade or otherwise transfer any Personal Data to third parties (whether for any direct or indirect marketing, statistics, analytics or otherwise). Where your Personal Data is processed by any third party, we will confirm with such third party that your Personal Data will be retained in conformity with the law.
Links to third party websites
Our website, products, applications and services may contain links to third-party websites, products and services. Our products and services may also use or offer products or services from third parties − for example, a third party iPhone app. SG Solutions is not responsible for such third parties and bears no responsibility for any personal data such third parties may collect on you. Information collected by third parties, which may include such things as location data or contact details, is governed by the third party’s privacy practices and not those of SG Solutions. We encourage you to learn about the privacy practices of those third parties and to be aware that such third parties may retain or transfer any personal data they have collected on you outside of the European Economic Area (EEA).
Security, storage, and transfer of your Personal Data
We are committed to ensuring that your Personal Data is secure at all times. We have in place suitable technical and organisational measures to safeguard and secure the Personal Data we collect, in particular, to protect data against any accidental or unlawful destruction, accidental loss, corruption, unauthorised circulation or access, as well as against any other form of unlawful processing or disclosure to unauthorised persons.
Your Personal Data is never transferred by us outside of the European Economic Area (EEA) or to international organizations and SG Solutions will seek to procure same from any third parties with whom we share Personal Data in terms of this Privacy Policy.
All of our employees and third parties (with whom we may share your Personal Data as provided in this Policy), and who have access to your Personal Data and/or who are associated with the processing of that data are contractually obliged to respect the confidentiality of your Personal Data. We also ensure that sufficient security measures are in place when transmitting your Personal Data to third parties for the above-mentioned purposes.
For how long will we retain your data?
We will retain your personal information for as long as required for the purposes for which your data was collected and processed or required by laws and regulations. This means that we will keep your data in line with our retention policies which take into account our business, administrative, legal and other regulatory retention requirements.
Do we use cookies?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser, that enables the sites or service providers systems to recognize your browser and capture and remember certain information.
In order to improve our services, to provide you with more relevant content and to ensure analyse how visitors use our website, we may use cookies that in most cases we will not be able to identify you from the information we collect using these technologies.
For further, more detailed information on how we use cookies, please refer to our Cookies Policy.
What are your rights as a data subject?
At any point while we are in possession of, or processing your Personal Data, you have the following rights:
- Right of access– You have the right to request confirmation from us as to whether or not your Personal Data is being processed and a copy of the information that we hold about you.
- Right of rectification– In case your Personal Data is inaccurate, incomplete or out-of-date, you have the right to rectify it.
- Right to be forgotten– In certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing– Where certain conditions apply you have the right to restrict the processing of your Personal Data.
- Right of portability– You have the right to have the data we hold about you transferred to another organisation.
- Right to object– You have the right to object to certain types of processing such as direct marketing.
Data Protection Officer
We have appointed a Data Protection Officer (hereafter referred to as “DPO”), for the purpose of ensuring compliance with this Policy. If you wish to exercise any one of your rights or have any questions or concerns about this Policy, you are invited to contact our Data Protection Officer, via email: [email protected] or by post using the following mailing address: Data Protection Officer, SG Solutions Limited, Dun Karm Street, B’Kara By Pass, B’Kara, Malta.
We endeavor to process your requests within thirty (30) days from receipt and requests will be processed free of charge, unless requests are deemed excessive or unfounded, in which case we may charge a reasonable fee. Should we have reasonable doubts concerning your identity when making the request above, we may require additional information, necessary to confirm your identity.
Complaints
In addition to your rights previously listed, and without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the local Supervisory Authority i.e. the Information and Data Protection Commission (IDPC). In the event that you wish to make a complaint about how your Personal Data is being processed by SG Solutions, or how your complaint has been handled, you have the right to lodge a complaint directly with SG Solutions. Alternatively you may raise a complaint directly with the Supervisory Authority.
The contact details of the local Supervisory Authority are as follows:
The Commissioner,
Information and Data Protection Commissioner (IDPC)
Level 2, Airways House, High Street, Sliema
Email: [email protected]
Website link: https://idpc.org.mt/en/Pages/contact/complaints.aspx
Telephone: +356 2328 7100
Changes to this Policy
This Policy is effective as of the “Effective Date” listed below. We reserve the right, at our sole and absolute discretion, to change or modify this Policy at any time. If we decide to change our Privacy Policy, we will update the Privacy Policy modification date below and prompt you to read and accept the changes.
By agreeing to our Privacy Policy you hereby confirm you have read and accept our Privacy Policy.
This policy was last modified on 16 October 2018.