We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. Read More

SUBSCRIBE TO OUR MAILING LIST


Log in

cpE AND SPONSORSHIP PRIVACY POLICY

Date last updated:  17 December 2020
The Malta Institute of Accountants (“MIA”) believes the privacy and confidentiality of an individual’s personal information is important. We provide the following updated privacy policy (the “Privacy Policy”) in order to demonstrate our firm commitment to privacy.
You accept this Privacy Policy and expressly consent to MIA’s collection, use and disclosure of your personal information as described in this Privacy Policy.
References to “data controller”, “data subject”, “personal data”, “process”, “processed”, “processing” and “Data Protection Officer” in this Privacy Policy have the meanings set out in, and will be interpreted in accordance with applicable laws, including but not limited to the Data Protection Regulation (EU) 2016/679 and the Data Protection Act, Chapter 586 of the Laws of Malta and subsidiary legislation thereto, as may be amended from time to time.

1. Controller Details

The Malta Institute of Accountants (hereinafter referred to as the “MIA” “we”, “us” or “our” in this Privacy Policy) is an organisation for accountants having a legal personality according to the provisions of the Second Schedule to the Civil Code, having its address at Level 1, Tower Business Centre, Tower Street, Swatar, BKR4013, Malta.
If you have any questions about this Privacy Policy, including concerns about your personal data or our data collection practices, please feel free to contact us by post on the abovementioned address or by email at info@miamalta.org. You may also wish to contact us by telephone on 22581900.
MIA’s Data Protection Officer is Maria Mifsud Farrugia who may be contacted by email at mmfarrugia@miamalta.org and by telephone at 22581900.

2. Personal Data

The term “personal data” refers to all personally identifiable information about the participant which includes all the information provided to us in the Continuing Professional Education (CPE) registration form and all information which may arise that can be identified with an individual personally, including information of third party’s provided to us by a company or other corporate entity registering on behalf of a participant(s).
The personal data that the MIA collects about the participant are the data voluntarily provided to us for CPE registration purposes and Sponsorship.
The MIA collects personal information to fulfil its role as a professional representative body. As we perform various different functions and activities to service the needs of its members, registered students and other non-member users, the personal information requested and collected will vary depending on your group.
We typically collect the following categories of data:
(a) Identification Data and other Contact Data: such as name(s), surname(s), identity card number, date and place of birth, nationality, residential address, and e-mail address, telephone numbers or any similar contact information available;
(b) Student/Professional/Other User Data: such as student or employment details, educational qualifications, work history, current employment and position;
(c) Registration Data on courses and other events: such as information connected to training, CPE records, attendance records for CPE courses and events and subscription information with respect to journals, reports and newsletters issued by the MIA;
(d) Regulatory Data: such as certificates, or information requests received from legal bodies, such as the Accountancy Board, government authorities or regulators; or
(e) Transaction Data and Transaction Information: bank account and credit card details or details of payments, statements, incoming and outgoing payments.
We only collect information, including personal data that we believe to be relevant and required for the MIA to carry out its functions and activities and to conduct its business as required by law and regulatory obligations.

3. Third Party Data

Where you provide us with personally identifiable information relating to other people, such as your directors, officers, employees, advisors or other related persons, you shall be solely responsible for making sure that the provision of such data by you to the MIA fully complies with applicable data protection law and the relevant person in regard to whom the data relates has been provided with the necessary information at law regarding the MIA’s processing of his personal data and where necessary you will obtain their consent to our use of their information.
Any information notices, consents or other applicable requirements that may be required to be fulfilled for the provision of third party data to us shall be borne solely by you and you hereby fully indemnify the MIA and shall render the MIA completely harmless against all costs, damages or liability of whatsoever nature resulting from any claims or litigation (instituted or threatened) by any third party against the MIA as a result of the provision of any third party personal data by you to the MIA.

4. Purposes of Processing

Typically, the MIA will process your personal data for the following purposes:
(a) Enrolling you as a member of the MIA;
(b) Registering you as a student member of the MIA;
(c) Registering you as a user of the Institute’s services;
(d) Creating and providing access to an online account via our website;
(e) Registering you to attend a CPE training course or other event organised by us and maintaining records of CPE declarations;
(f) Registering you as a speaker;
(g) Registering you as a sponsor;
(h) Communicating with you about your MIA account, including process payments, membership dues, or registration fees;
(i) Providing you with, products, services, or information you have requested from us or which are offered by MIA and/or its business partners;
(j) Keeping you updated and providing notices or advertisements, circulars, agendas that are consistent with MIA’s organisational purpose;
(k) To request your participation in MIA or third party surveys or other initiatives;
(l) Monitoring your performance on CPE courses and assist you in the tracking of your progress; or
(m) Providing marketing information about the MIA’s services as well as news, events, and other information connected thereto.

5. How do we collect your personal data

The use for which your personal information is requested and collected will vary depending on your group. Typically the MIA will collect personal data in the manners outlined below:
(a) By email, by written correspondence, on hard copy forms (such event registration forms, sponsorship or membership acceptance forms employed by the MIA);
(b) When you post a query, submission, complaint, request subscription or registration, effect a payment transaction or otherwise make contact with us through our website ;
(c) When you contact us voluntarily in other circumstances such as when seeking to attend an MIA organised or sponsored event or function; or
(d) electronic systems such as, online registration forms.
Generally, you would have provided your personal data to the MIA directly. However, in some instances, we may collect personal data about you from third party sources, such as, educational providers, the Accountancy Board, online searches or from public registers including professional associations. Third parties such as regulators or service providers of the MIA may also have provided your personal data to us.

6. Marketing

From time to time MIA would also like to contact non-member users about its products and services, promotional offers, marketing as well as information in relation to the products and services provided by third parties (“Marketing”).
Marketing will be carried out primarily through the circulation of e-mails or by phone. Other means of communication may also be used, however the MIA shall always seek your prior consent.
You may withdraw consent to the processing of personal data for Marketing purposes at any time by sending us an e-mail on: info@miamalta.org. Alternatively, you may unsubscribe to such communications by clicking the “Unsubscribe” link contained in the footer of any Marketing email you will receive from us.
However, please note withdrawal of consent for Marketing communication does not affect the lawfulness of the processing of personal data based on such consent prior to its withdrawal.

7. Legal Basis

The Institute’s legal basis for processing personal data provided will vary from activity to activity. In some instances, processing may have more than one lawful basis. The following information below summarises the basis on which we process personal information.
1. For the purpose of effecting the registration form concluded with the MIA (including the taking of the steps necessary to complete the registration form or any amendments) with regard to the processing for the purposes of participating in a CPE course or event;
2. For the purposes of performing our contract with you, such as our sponsorship or joint collaboration agreements, or in anticipation of you becoming a member, student or general user of the Institute;
3. Where we have a legitimate interest in using it, such as, day to day operational and business purposes, including, maintaining our membership database or for the purposes of managing our contracts and relationships with our members, students, non-member users, suppliers, or service providers;
4. For compliance with our legal or regulatory obligations, including, enabling members to attain their CPE requirements to maintain their professional competence by providing information about courses and events, ongoing monitoring and certification or regulatory reporting obligations; and
5. If we need and you have given your consent to use of your personal data for a particular purpose, including Marketing consent.

8. Recipients

The recipients of the personal data are:
a. selected individuals within the Institute;
b. MIA’s affiliates/partners/subsidiaries;
c. Governmental bodies such as the Accountancy board ;
d. Third parties/Subcontractors to whom disclosure is required for the performance of the registration including IT service providers, Member Relationship Management system provider, Payments system provider, website hosting and management and cloud storage services;
e. Professional advisors including auditors, legal advisors if necessary, to establish, exercise or defend MIA legal rights and obtain advice in connection with the running of the operation. Personal data may be shared with these advisors as necessary in connection with the services they have been engaged to provide;
f. Payment gateways (such as Paypal);
g. Online conferencing platforms (such as Zoom);
h. third parties to whom disclosure may be required as a result of legal obligations imposed on the MIA.
The MIA’s recipients of personal data are mainly located within the EU. However, please note that we do transfer some personal data to entities located outside of the EEA, including to entities located in the United States. Prior to transferring personal data outside the EAA, we ensure that appropriate transfer safeguards, as set out in Chapter V of the GDPR, are implemented. The safeguards that we typically implement are the Standard Contractual Clauses. These are pre-determined sets of contracts approved by the European Commission which require the parties signing the contracts to adhere to an adequate level of data protection. You may request more information on the way in which we transfer personal data outside of the EEA by contacting our Data Protection Officer via email at mmfarrugia@miamalta.org and by telephone at 22581900. The entities located outside the EEA that we transfer personal data to include:
- Wild Apricot Inc (US) – they run our membership management platform;
- Microsoft Inc (US) – cloud storage service provider;
- Zoom Video Communications, Inc. (US) – online video conferencing platform;

9. Processing Requirement

The processing of personal data is not a statutory requirement: it is a requirement in order to complete the registration form. Failure to provide personal data impedes us from being in a position to conclude registration for the participant.

10. Automated Decision-Making and Profiling

Your personal data will not be used for any automated decision-making or profiling.

11. Data Retention

Information will be retained for no longer than is necessary for the purpose for which it was obtained by us, or as required or permitted for legal and regulatory purposes, and for legitimate business purposes. In certain circumstances, where required by law or applicable regulations or where the Institute deems it necessary for our legitimate business, regulatory and / or legal purposes, we may hold the data for a longer or shorter period.

12. Rights

For as long as we hold personal data about an individual, that individual may (where applicable):
a. request access to and rectification of personal data where incomplete or inaccurate;
b. request erasure of his personal data;
c. request restriction of processing of his personal data;
d. object to the processing of his personal data;
e. request provision of his personal data in a structured, commonly used and machine-readable format; and
f. request transmission to himself or another controller indicated by the individual.
Please note that your rights are not absolute.

13. Complaints

MIA and its Data Protection Officer may be contacted on complaints regarding the processing of personal data at the details indicated above. A right to lodge a complaint with the Office of the Information and Data Protection Commissioner in Malta (www.idpc.gov.mt) is also in place.
               
SUBSCRIBE TO OUR MAILING LIST

Suite 4, Level 1, Tower Business Centre, Tower Street, Swatar, BKR 4013, Malta 

E-mail: info@miamalta.org

Tel. +356 2258 1900

© MALTA INSTITUTE OF ACCOUNTANTS, 2021  Privacy policy