• Home
  • About Us
  • Services
      Audit & Assurance
      Accountancy
      Payroll Outsourcing
      Corporate
      Advisory
      Tax
      VAT
      Governance, Risk & Compliance
      Funding & Grants
      Work Permits & Residency
  • Industries
      Hospitality & Leisure
      Real Estate & Construction
      Medical & Recreational Marijuana
      Gaming
      Professional bodies & NGOs
      Manufacturing
      Consumer Goods - Trading
      Transportation
  • Insights
  • Careers
  • Contact
  • Home
  • About Us
  • Services
      Audit & Assurance
      Accountancy
      Payroll Outsourcing
      Corporate
      Advisory
      Tax
      VAT
      Governance, Risk & Compliance
      Funding & Grants
      Work Permits & Residency
  • Industries
      Hospitality & Leisure
      Real Estate & Construction
      Medical & Recreational Marijuana
      Gaming
      Professional bodies & NGOs
      Manufacturing
      Consumer Goods - Trading
      Transportation
  • Insights
  • Careers
  • Contact

Privacy Policy

SG Malta Limited is committed to protecting your privacy and personal data.

1. Introduction

SG Malta Limited is committed to protecting the privacy and personal data of individuals who visit and use sgmalta.eu, including individuals who submit information through the forms available on the website.

This Privacy Policy explains how we collect, use, store, disclose and protect personal data when you use our website or otherwise communicate with us through the website. It also explains the rights available to you under applicable data protection law, including Regulation (EU) 2016/679, known as the General Data Protection Regulation, and applicable Maltese data protection law.

Our website is intended to provide general information about our firm, our services, our insights, career opportunities and how to contact us. However, the website allows you to provide personal data voluntarily through certain forms, including forms used to access insights, apply for jobs, contact us, and request a quote.

Please read this Privacy Policy carefully. By using our website or submitting personal data to us through the website, you acknowledge that your personal data will be processed as described in this Privacy Policy.

2. Who we are

For the purposes of data protection law, the controller of your personal data is:

Company name: SG Malta Limited

Registration number: C 36772

Registered address: 23, ‘South House’, Triq Hompesch, Fgura, FGR 2010, Malta

Website: sgmalta.eu

General contact email: info@sgmalta.eu

Privacy contact: info@sgmalta.eu

Data Protection Officer / Privacy Representative: Sandro Grech

In this Privacy Policy, references to “we”, “us” and “our” refer to SG Malta Limited. References to “you” and “your” refer to website visitors, prospective clients, clients, job applicants, subscribers and any other individual whose personal data is processed through or in connection with our website.

3. Scope of this Privacy Policy

This Privacy Policy applies to personal data collected through our website and related communications, including when you:

  • visit or browse our website;
  • request access to insights, publications, updates or similar materials;
  • subscribe to receive emails or updates from us;
  • submit a job application or career enquiry;
  • contact us through a website form, email address or other contact method made available on the website;
  • request a quote or ask us to contact you about our services; or
  • otherwise provide personal data to us through the website.

This Privacy Policy does not replace any separate engagement letter, client onboarding notice, employee privacy notice, recruitment notice, cookie policy or other privacy notice that may apply in a specific context. Where we provide a more specific notice, that notice should be read together with this Privacy Policy.

4. Personal data we collect

The personal data we collect depends on how you use the website and what information you choose to provide to us, therefore it may include the following:

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • pages visited;
  • date and time of visit;
  • referring website or search engine;
  • approximate location derived from technical data;
  • information collected through cookies or similar technologies, where applicable;
  • name and surname;
  • email address;
  • company or organisation name;
  • job title or role;
  • professional area of interest;
  • communication preferences;
  • date and time of subscription or request;
  • records of consent, where applicable;
  • information about whether you opened or interacted with our emails, where our email system provides this information;
  • telephone number;
  • postal address, if provided;
  • curriculum vitae or résumé;
  • cover letter or application message;
  • qualifications, education history and training information;
  • employment history and professional experience;
  • skills and professional memberships;
  • references, where provided by you or requested at a later stage;
  • information about your right to work in Malta, where relevant;
  • interview notes and recruitment assessment information;
  • any other information that you choose to include in your application;
  • service or enquiry type;
  • information included in your message;
  • preferred contact method; and
  • information required to respond to your enquiry or prepare an initial quote.

5. Purposes and lawful bases for processing

We process personal data only where we have a lawful basis to do so. Depending on the circumstances, we may rely on one or more of the following lawful bases: your consent, the performance of a contract or steps prior to entering into a contract, compliance with a legal obligation, our legitimate interests, or the establishment, exercise or defence of legal claims.

  • providing you with services;
  • complying with our legal obligations;
  • complying with or enforcing a contract to which we are a party;
  • for litigation and defence of legal claims;
  • financial management, account management, customer service, implementation of controls, management reporting, analysis;
  • registering you for events and courses that we may organise from time to time;
  • for accepting payments from you;
  • internal audits and investigations
  • complying with law or regulation or direction from any enforcement agency, court of law or regulatory body;
  • promotion of the security and protection of staff, the public, our offices, systems and assets;
  • monitoring of compliance with contractual agreements, internal policies and procedures;
  • in pursuit of our legitimate interest in seeking to detect fraud, harassment or the commission of a criminal offence (such as theft, the destruction of private or public property, etc);
  • in the administration of our relationship with you;
  • investigating or responding to incidents and complaints;
  • to provide information requested by you;
  • to promote our services, including sending updates, publications and details of courses or events.

6. Direct marketing and insights communications

We may send you insights, updates, publications, invitations or similar professional communications where you have subscribed, requested access to such materials, or where we are otherwise permitted to do so under applicable law.

We do not sell your personal data to third parties for marketing purposes.

You can opt out of marketing or insights communications at any time by:

  • contacting us at info@sgmalta.eu; or
  • writing to us at 23, ‘South House’, Triq Hompesch, FGURA, FGR 2010, Malta.

Opting out of marketing communications will not prevent us from sending non-marketing communications, such as responses to enquiries, information about an active job application, or service-related communications.

7. Sharing personal data

We may disclose your personal data to third parties where this is necessary, lawful and proportionate. This may occur in the following circumstances:

Within our firm

We may share your personal data intra firm, where this is necessary for administrative, operational, professional or service-related purposes.

With service providers and professional advisers

We may share personal data with trusted third-party service providers and advisers who support our business operations or help us comply with our legal and professional obligations. These may include IT and hosting providers, software providers, consultants, lawyers, accountants, auditors, insurers, recruitment support providers, website service providers and other administrative or operational suppliers. Such third parties will only be given access to the personal data necessary for them to perform their functions and will be required to protect the confidentiality and security of that data.

With public authorities, regulators and law enforcement bodies

We may disclose personal data to public authorities, regulators, courts, tribunals, law enforcement agencies or other competent bodies where we are legally required or permitted to do so, or where disclosure is necessary to comply with professional, regulatory or legal obligations.

In connection with a business transaction or restructuring

We may disclose personal data to prospective buyers, sellers, advisers or other relevant parties where this is necessary in connection with a proposed merger, acquisition, restructuring, transfer of business or similar transaction.

We do not sell, rent or otherwise make your personal data commercially available to third parties.

8. International transfers

We primarily aim to process and store personal data within Malta, the European Union or the European Economic Area. However, some of our service providers or systems may involve the transfer of personal data outside the European Economic Area.

Where personal data is transferred outside the European Economic Area, we will take steps to ensure that such transfer takes place in accordance with applicable data protection law. This may include reliance on an adequacy decision, standard contractual clauses approved by the European Commission, or another lawful transfer mechanism.

You may contact us at info@sgmalta.eu if you would like further information about the safeguards used for international transfers.

9. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for the purposes of satisfying legal, regulatory, accounting, reporting, professional or record-keeping requirements.

We typically erase the personal data we have on record within 10 years from the last interaction we have with the Data Subject in question.

10. Security of personal data

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

These measures may include, as appropriate:

  • access controls;
  • password protection and authentication controls;
  • secure hosting arrangements;
  • encryption or secure transmission methods where appropriate;
  • staff confidentiality obligations;
  • internal policies and procedures;
  • data minimisation practices;
  • system monitoring and maintenance; and
  • procedures for responding to suspected personal data breaches.

No website, email system or internet transmission can be guaranteed to be completely secure. You should avoid sending unnecessary sensitive information through website forms or unencrypted email.

11. Your rights

Subject to the conditions and limitations set out in applicable data protection law, you may have the following rights in relation to your personal data:

  • the right to be informed about how your personal data is used;
  • the right to access personal data we hold about you;
  • the right to request correction of inaccurate or incomplete personal data;
  • the right to request deletion of personal data in certain circumstances;
  • the right to request restriction of processing in certain circumstances;
  • the right to object to processing based on legitimate interests;
  • the right to object to direct marketing at any time;
  • the right to withdraw consent, where processing is based on consent;
  • the right to data portability, where applicable; and
  • the right not to be subject to a decision based solely on automated processing, including profiling, where such decision produces legal or similarly significant effects.

To exercise your rights, please contact us at info@sgmalta.eu. We may ask you to provide information to verify your identity before responding to your request.

We will respond to your request within the timeframe required by law. In some cases, we may not be able to comply fully with your request, for example where we need to retain information to comply with a legal obligation, perform a contract, establish or defend legal claims, or meet professional obligations.

12. Withdrawal of consent

Where we rely on your consent to process personal data, you may withdraw that consent at any time by contacting us at info@sgmalta.eu or, in the case of marketing or insights communications, by using the unsubscribe link provided in our emails.

Withdrawal of consent will not affect the lawfulness of processing carried out before consent was withdrawn.

13. Links to third-party websites

Our website may contain links to third-party websites, platforms or resources. This Privacy Policy applies only to our website and to personal data processed by us.

We are not responsible for the privacy practices, content or security of third-party websites. You should read the privacy policy of any third-party website before providing personal data to it.

14. Complaints

If you have any questions, concerns or complaints about how we process your personal data, we encourage you to contact us first so that we can try to resolve the matter.

You may contact us at:

Email: info@sgmalta.eu

Postal address: 23, ‘South House’, Triq Hompesch, Fgura, FGR 2010, Malta

You also have the right to lodge a complaint with the supervisory authority in Malta