Privacy Policy – GDPR Updated

This privacy policy (Policy) explains how the Acumum Group of Firms collects, uses and shares the information you provide to us and the information we collect in the course of operating our business (Personal Data).

Acumum Services Ltd (Acumum)
Acumum Services Ltd is responsible for your Personal Data on behalf of the Acumum Group of Firms. In this Policy, references to Acumum or “we”, “us”, or “our” means Acumum Services Ltd. Our registered office is at 260 St Alberts Street, Gzira, GZR 1150, Malta.

What types of data do we process?
As described above, “Personal Data” is any information that can be used to identify you or that we can link to you and which we have in our possession or control.

We process Personal Data about lots of different categories of people, including our clients, people involved in matters we act on for our clients, people we or our staff have relationships with, and other third parties who interact with us (either directly).

Because of the nature of the services we provide, the types of data we process can be quite varied, but will usually include full names, contact details, and associated client information. Depending on the nature of our relationship with you, we may also process information about your business and company affiliations; identification (including copies of your passport); financial affairs; family, lifestyle and social circumstances; education and employment background; the services we provide you or your company; and the goods or service you or your company provide us; and your use of our website.

In some circumstances we may process special categories of Personal Data about you, in which case we take particular care to only process such data in accordance with the strict legal parameters. This type of data can include information about your health; racial or ethnic origin; religious or political beliefs; trade union membership; sex life or sexual orientation; genetic or biometric data; or philosophical beliefs.

We may obtain such Personal Data from you directly, from our clients, from third parties involved in matters we act on for our clients, and from other third parties (including publicly available information).

Where you are our client, it will sometimes be necessary for you to provide us with information directly, and in those cases, it is your responsibility to ensure that all such information is complete in all material respects and not misleading. The accuracy and appropriateness of our advice may be affected as a consequence of your failure to do so. If any information changes, please let us know so that we can keep it updated on our systems.

How we use the information we collect
We may do the following with your Personal Data, use it to:

• provide legal services to the relevant client;
• engage in marketing and business development activity in relation to our legal services. This may include sending you legal updates, invitations to events and other information that may be of interest to you;
  to discharge legal and regulatory obligations;
• establish, exercise or defend our legal rights or for the purpose of legal proceedings;
  record and monitor your use of our websites or our other online services for our business purposes which may include analysis of usage, measurement of site performance and generation of marketing reports;
• for our legitimate business interests, such as undertaking business research and analysis, managing the operation of our websites and our business. This may include sending you legal updates, invitations to events and other information that may be of interest to you;
• look into any complaints or queries you may have; and
• prevent and respond to actual or potential fraud or illegal activities.

Also, we may collate, process and share any statistics based on an aggregation of information held by us provided that any individual is not identified from the resulting analysis and the collation, processing and dissemination of such information is permitted by law.

What basis do we have for processing your data?
We will only process your Personal Data where we have a lawful basis for doing so. In general, our lawful basis will be one of more of the following:

• Consent – if we need and have obtained your consent to use your Personal Data. You can withdraw your consent by contacting us.
• Performance of a contract – we may need to collect and use your Personal Data for the performance of a contract to which you are party or in order to take steps at your request prior to entering a contract.
• Legitimate interest – we may use your Personal Data is as necessary for the purposes of pursuing our legitimate interests (this includes carrying out the business of providing legal services and pursuing our general business interests).
• Compliance with law or regulation – we may use your Personal Data as necessary to comply with applicable law/regulation.

How we share information with third parties
In providing services to our clients and in complying with our legal obligations, we may share the Personal Data that we obtain about you, insofar as we are permitted by law to do so, with the following:

• third party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your Personal Data for the purposes described in this Policy. This may include, but is not limited to, IT service providers such as cloud providers of software as a service, data room providers and providers of our IT servers and communications service providers;
• third parties relevant to the legal services that we provide. This may include, but is not limited to, counterparties to transactions or litigation, other professional service providers, regulators, authorities, governmental institutions and stock exchanges; and/or
• to the extent required by law, regulation or court order, for example, if we are under a duty to disclose your Personal Data in order to comply with any legal obligation.

Where we transfer your Personal Data outside Europe, we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the information.

Keeping your information and information security
How long we hold your Personal Data for will vary and will depend principally on:

• the purpose for which we are using your Personal Data – we will need to keep the information for as long as is necessary for the relevant purpose, and
• legal obligations – laws or regulation may set a minimum period for which we have to keep your Personal Data.

We will ensure that the Personal Data that we hold is subject to appropriate security measures.

What are your rights?
You have the right to lodge a complaint with the Office of the Data and Information Commissioner in respect of our processing of your Personal Data. Information can be found at www.https://idpc.org.mt.  If you would like to raise your complaint with us in the first instance, please contact us.

You have rights under data protection laws to request from us access to, rectification of, or erasure of your Personal Data. You also have the right to request the restriction of any processing or to object to our processing of your Personal Data. Finally, you have the right to data portability. Please use the contact details below to exercise your rights. You can find more information about your rights at  www.https://idpc.org.mt.  

How to contact us
If you would like further information on the collection, use, disclosure, transfer or processing of your Personal Data or the exercise of any of your rights listed above, please contact us by emailing [email protected]

Thank you.

24th May 2018

Contact us
260 San Albert Street
GZR 1150, Malta (EU)
Website: www.acumum.com
Email: [email protected]
Call: +356 2778 1700
Skype: acumumm