The Malta Institute of Accountants (“MIA”) respects your privacy and is committed to protecting your personal data. This Privacy Notice will inform you as to how we safeguard your personal data when you visit our website and tell you about your privacy rights and how the law protects you.
For more information on the way in which the MIA processes its members’ and students’ personal data, as well the personal data of CPE participants and Sponsors, kindly visit:
Where appropriate, the terms of this notice also apply to any other entity in which MIA holds a controlling interest.
2. Purpose of this Privacy Notice
This Privacy Notice aims to inform you on how the MIA collects and processes your personal data through your use of this website, including any data you may provide when you navigate through the website or utilise any of the services provided therein.
It is important that you read this Privacy Notice together with other notices we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements other notices and noticesmentioned in section 1 and is not intended to override them.
The Malta Institute of Accountants (hereinafter referred to as the “MIA”, ‘’Institute’’, “we”, “us” or “our” in this Privacy Notice) is an approved accountancy body in accordance with the requirements of the Accountancy Profession Act and of the relevant Legal Notices, having its address at Suite 4, Level 1, Tower Business Centre, Tower Street, Swatar, BKR 4013, Malta. For the purposes of this Privacy Notice, MIA shall be the Data Controller.
4. Contact Details
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. If you have an account on our website, any changes to your personal data should be updated online through the website. If you do not have an account, changes should be communicated to the relevant department, contact details can be found at this link.
6. What Data do we Collect?
Such data could include your:
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in terms of law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
We do not collect any Special Categories of personal data about you through the website (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences via the website.
7. How we use your personal data?
8. Where your Provide us with personal data Related to Third Party data subjects
If you are a company, intermediary or other corporate entity (including a bank or broker), and you provide us with personal data of third-party data subjects such as your employees, affiliates, service providers, underlying clients/customers, directors or any other individuals connected to your business, you shall be solely responsible to ensure that:
You hereby fully indemnify us and shall render us completely harmless on first written demand against all costs, damages or liability of whatsoever nature resulting from any claims or litigation (instituted or threatened) against us as a result of your provision of said personal data to us.
9. Data which we make publicly available
The personal data that we make public in relation to MIA members directory includes name, surname, membership level and date of admission. Such option is based on the members opt in. Members can access their online account and amend their preference at any time.
In cases where a member or student has been sanctioned in terms of the Disciplinary Proceedings Bye-Law, the name and sanction/s imposed will be published in the Institute website and in any other publications of the Institute.
10. Mailing List subscription
When you subscribe to one of our mail shots, you provide us with personal information such as your name and email address. We use the personal information submitted in the form only to send you the mail shots you subscribed to. We use a third-party service provider called Mailchimp and the system providers to send specific mail shots to users who subscribe to receive them. The systems provides us with support statistics to help us improve our services to you. For more information on how Mailchimp manages your data please visit their Privacy Notice. Mailchimp is a data processor for us and only processes personal information in line with our instructions.
You will need to provide us with your consent as a legal basis for us to process your personal data to receive third party marketing material and marketing material in relation to services provided by MIA. The latter is applicable only to persons/individuals who are neither members of the Institute nor registered students with the Institute. Personal data is deleted upon withdrawal of such consent by you, or, at the point where the purpose for holding that data is no longer valid.
11. Disclosure of personal data?
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
12. International Transfers
Your personal data may be transferred to and stored in locations outside the European Economic Area (“EEA”), including to countries that may not have the same level of protection for personal data as provided for within the EEA. When such transfers are carried out, we will ensure that the target country has an adequate level of protection and that the transfer is lawful by putting in place the appropriate safeguards in accordance with the applicable laws, and/or any other applicable legislation. These appropriate safeguards include the EU Model Clauses entered into by us and our processors/controllers.
We may need to transfer your personal data in this way to carry out our contract with you, to fulfil a legal obligation, on the basis of legitimate interests and/or on the basis of consent.
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA by contacting us using the details provided above.
13. Links to other Web Sites
Our site has a number of links to other local and international organisations and agencies. In some cases, for the benefit of the visitor, it may be required that we link to other web sites of other organisations after permission is obtained from them respectively. It is important for you to note that upon linking to another site, you are no longer on our site and you become subject to the Privacy Notice of the new site.
Most browsers are initially set to accept cookies. However, if you prefer, you can set your browser to block all, or certain, cookies. Please be aware that without cookies you may not be able to use the full functionality of our site. Users can also set their browser to prompt them each time a cookie is offered.
15. Data Retention
We will retain your personal data in accordance with our internal retention policies. Thereafter, your personal data shall be destroyed, unless we have a statutory obligation imposed on us, a business need to retain the personal data, and/or require the personal data to exercise or defend legal claims.
Any personal data which we may hold on to the basis of your consent shall be retained exclusively until the time at which you withdraw your consent.
16. Your Rights
For as long as we retain your personal data, you have certain rights in relation to your personal data including:
Please note that your rights in relation to your personal data are not absolute and we may not be able to entertain such a request if we are prevented from doing so in term of an applicable law.
Note that we may contact you about our legal updates, newsletters and events on the basis of our legitimate interests and to keep you informed of such legal matters.
You may exercise the rights indicated in this section by contacting us or our Data Protection Officer at the details indicated above.
17. Keeping your data secure
We shall implement and maintain appropriate and sufficient technical and organisational security measures, taking into account the nature, scope, context and purposes of the processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, to protect your personal data against any unauthorised accidental or unlawful destruction or loss, damage, alteration, disclosure or access to personal data transmitted, stored or otherwise processed and shall be solely responsible to implement such measures.
We shall ensure that our staff who process your data are aware of such technical and organisational security measures and we shall ensure that such staff are bound by a duty to keep your personal data confidential.
The technical and organisational security measures in this clause shall mean the particular security measures intended to protect your personal data in accordance with any privacy and data protection laws.
If you have any complaints regarding our processing of your personal data, please note that you may contact us on any of the details indicated above. You also have a right to lodge a complaint with the Office of the Information and data Protection Commissioner in Malta (www.idpc.gov.mt).