email-icon +356 22 785 785Mission Control

Privacy Policy

1. Who are we?

This policy explains the way that Institute of Health & Safety Ltd, a Malta registered company bearing company registration number C9989 and registered address situated at 99, Mill Street, Qormi, Malta, processes your personal data in respect to marketing communication (hereinafter “we”).

Where appropriate, the terms of this policy also apply to any other company in the group or entities in which we hold a controlling interest.

In terms of the provisions of the General Data Protection Regulation, we are considered to be a data controller.


2. The purpose of processing and the legal basis

We will only send you marketing and commercial communication by electronic mail if:

  • you are either a customer of any group company or
  • you provide your prior consent to receive such communication.

In every commercial communication that we will send you, we will provide you with the opportunity to opt out from receiving any further communication.  You may also inform us at any time that you no longer wish to receive any communication from us, by sending an email to  We respect your privacy and will not send you any commercial communication against your wishes.


3. What information do we collect?

The information that we will collect or otherwise process for the purpose set out above is the following:

  • Name
  • Surname
  • Email Address


4. Sharing of information

Your personal data may be shared with the following third parties:

  • We use an automated third party marketing platform that allows us to send marketing material by email. We may be required to disclose your personal details to such third parties accordingly, and to marketing companies that may assist us in this respect.
  • We may send you details and information about goods and services of any of our group or associated companies, either on their behalf or share your details with such group or associated companies; or
  • We will also disclose your personal information to third parties if we intend to sell or buy any business or assets, in which your personal details will be disclosed to the prospective seller or buyer.

Whenever data is being disclosed or made available to third parties, we will endeavor to ensure that your data is adequately protected, is only processed on the basis of our instructions, and is safeguarded by implementing all those measures as are mandatory in terms of the GDPR.


5. Data retention period

We will keep your personal data unless you inform us that you no longer wish to receive any further commercial communication (opt-out).

We may keep your personal data for longer period if we cannot delete it for technical reasons, or we are obliged to keep it by law.


6. Data subject rights

In terms of applicable law, you can exercise the following rights (where applicable):

  • Right to data portability: right to request the transfer of your personal information to another party.
  • Right of access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Right to object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes or if data were being processed on grounds of public interest or for historical or scientific purposes.
  • Right to rectification of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Right to erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (instructions appear at the end of this list showing how you can do this).
  • Right to restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Right to withdraw consent, where consent has previously been given and we rely on such consent to process personal data and
  • Right to be notified of rectification, erasure and restrictions.

To exercise any of these rights, please get in touch with the Data Protection Officer on the details set out hereunder.


7. Other Data Transfer

IP Address

The Internet Protocol Address (hereinafter referred to as ‘IP Address’) comprises information with regards to the location of your computer on the internet and the name of your internet service provider. This information is automatically recorded by our website and shall also include the date and time you visited our website, the web pages and services that you may have accessed on this site and may also include the website that you visited prior to visiting our website. When we record your IP Address, the data collected is grouped up with other logged IP addresses in order for us to determine the geographic location of visitors to our site, the period of time such visitors visit the site, the pages viewed the most and other reasons. This enables us to administer our site, diagnose potential server problems, analyse visitor trends and statistics and overall, enable us to provide you with a better internet experience.


“Cookies” are small text files sent by a website so that the website can recall who you are; they serve as a memory therefore, enabling a website to remember users who have already visited the site. Such cookies are stored on the user’s computer. There are two types of cookies, session cookies and persistent cookies, the former being temporary and remain in the cookie folder on your hard disk until you close your browser, whilst persistent cookies last longer and remain on your hard disk until their pre-set lifetime expires or until they are removed. We may use both session cookies and persistent cookies. You can choose whether to accept cookies or not. You can also set your browser to notify you when you receive a cookie or reject a cookie. If users reject the cookies, they may still be able to use our site; however, they may be limited to certain areas of our site.

Web Beacons

Web beacons are small image files on a web page that are placed on a website or in an email. Web beacons are similar to cookies and are used to track the online movements of the users. These are invisible and you can render them ineffective by changing the browser’s cookie settings to refuse cookies. Web beacons can collect information such as an IP Address, your computer’s Operating system, the content viewed on the website and the time it was viewed, a browser type and the existence of cookies previously set by the server.


Our website contains links to other sites. Please be aware that we are not responsible for the privacy practices of these other sites and we therefore encourage our users to read the privacy statements of each site they visit that collects personal information.


8. Right to lodge a complaint

If you are not satisfied with the way we manage your personal data, you have the right to make a complaint with any relevant data protection authority (particularly the one situated where you habitually reside).


9. Data Protection Officer

Email address:  
Address:                        99, Mill Street, Qormi, Malta QRM3100
Telephone number:   +356 22785400


10. Updates

From time to time, we may update this notice.  Where we make material changes to this notice, we will use reasonable endeavours to notify you of such changes.


Last Updated: 21/05/2018

Request a quote