- General Information
- We, Torrero Ltd and Torrero Platform N.V. (Torrero’ or ‘Company’ or ‘We’ or ‘Us’), are committed to protecting your personal data (‘Your Personal Data’), as our customer or a visitor of our website (‘You’ or ‘Customer’ or ‘Visitor’).
- This privacy notice (‘Privacy Notice’) describes the way in which Torrero collects, processes, uses, stores and protects Your Personal Data and informs You, as a data subject, of the rights You have with respect to the processing of Your Personal Data.
- In collecting and processing Your Personal Data, Torrero complies with the Laws of Malta and will process Your Personal Data in accordance with EU General Data Protection Regulation (the ‘GDPR’).
- By visiting our Website and using our Services, You acknowledge reading and fully considering this Privacy Notice.
- Data Controller
- The data controller of Your Personal Data is Torrero Ltd, a Maltese Company with registration number C98427 having its registered address at The Edge Court, Office 2, Guze Duca Street, Ħal Qormi QRM 9088, Malta and a join controller Torrero Platform N.V. a Curacao company with registration number 162912 having its registered address at Hanchi Snoa 19, TRIAS Building, Willemstad, Curacao.
- Data Protection Officer
- For any privacy issues or for further information on how Torrero uses Your Personal Data please contact our Data Protection Officer through the following email address: [email protected]
- Any notice, demand, request or other communication which You address to Torrero shall either be sent by certified mail, return receipt requested, or by e-mail. All communication done by e-mail shall be deemed received on the business day following the day of transmission.
- Definitions
- Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
- Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
- GDPR – the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced or superseded and in force from time to time.
- Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
- Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
- Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. Public authorities which may receive personal data in the framework of a particular inquiry in accordance with law shall not be regarded as recipients;
- Services – the Visitor’s ability to fill in the application page on the Website and submit it for further examination;
- Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
- Website means a group of interrelated websites owned and operated by Torrero, available in the Internet via address: www.torrero.com;
- Visitor – any person who accesses and browses the Website (‘You’, ‘Your’).
- Principles of Data Processing
- We fully respect Your fundamental rights and consider protection of Your Personal Data to be a priority. Accordingly, when processing Your Personal Data, We follow the following basic principles:
- We submit Your Personal Data only to lawful and fair processing, and We maintain full transparency vis-à-vis the way We handle Your Personal Data.
- We collect and process Your Personal Data only for specified, explicit, and legitimate purposes as outlined in this Privacy Notice, and We do not process it further in any manner incompatible with these purposes.
- We process Your Personal Data only to the extent that it is necessary and appropriate to purposes for which it is collected.
- We make reasonable efforts to ensure that Your Personal Data is accurate and, where necessary, updated with regard to the purposes of the processing, taking all reasonable steps to immediately delete or correct it in case of inaccuracy.
- We process Your Personal Data in a manner that guarantees its security by using appropriate technical and organizational measures.
- In general, We comply with all applicable laws statutory obligations, as Data Controller of Your Personal Data.
- We fully respect Your fundamental rights and consider protection of Your Personal Data to be a priority. Accordingly, when processing Your Personal Data, We follow the following basic principles:
- Type of Personal Data Collected
Torrero collects and process the following Personal Data- Data Collected when visiting the Website
During the visit of the website www.torrero.com our system automatically collects information which is generated by the browser of the visitor of our website and stores them in log files on a temporary basis including but not limited to:- the IP address of the requesting computer;
- the date and the time;
- the operating system
- the browser used by the visitor.
The log files may contain IP addresses which allow identification of the Visitor.
- Data Collected when Registering
Visitors, who are duly authorised by the Companies they represent, may submit an application with the Company to enter into negotiations with the Company and the Visitor’s company.
Upon registration of the application on the Website by a Visitor, the following data, which is subject to the GDPR, will be collected by the Company:- first and last name of the registrant;
- email of the registrant;
- mobile phone number (if provided upon registration);
- company name (if provided upon registration)
Anything else that is given by the Visitor, which is not Personal Data, will not be subject to the GDPR.
- Any other Personal Data directly provided by You during Your interaction with Us.
- Data Collected when visiting the Website
- Purposes and Legal Basis for Data Processing
- Torrero may process Your Personal Data to fulfill its obligations under the Terms and Conditions and to comply with its legal obligations, for the following purposes:
- Administration and development of the Website and the Services;
- Enhancement of user experience, including the provision of personalized Services and improvement of the Website and the Services;
- Development of new products, utilities and offerings;
- Collection, processing and performing statistical and other research and analysis of information for enhancement of the Website and the Services;
- Verifying compliance with the Terms of Use of the Website.
- Torrero may process Your Personal Data only with Your lawful consent for the following purposes:
- For personified market research and/or analysis purposes to better understand Your needs, preferences, interests, experiences and / or habits as a consumer.
- You have the right to withdraw Your consent at any time in writing to [email protected]. Withdrawal of Your consent does not affect the lawfulness of the treatment of Your data prior to its revocation.
- Torrero may process Your Personal Data to fulfill its obligations under the Terms and Conditions and to comply with its legal obligations, for the following purposes:
- Recipients of Your Personal Data
- For the execution of the purposes mentioned in this Privacy Notice, We may provide access or transmit Your Personal Data to the following recipients:
- Sharing of personal data within the Torrero Group
Personal data may be transferred or disclosed to any company within the Torrero Group. Torrero Group means Torrero Ltd, Torrero Platform N.V. and its related companies.- Our internet and data hosting providers for hosting purposes;
- Third-party providers for the smooth operation of Website and Our information and communication systems; and
- Third-party consultants to provide data analysis Services.
- Sharing of personal data with Service Providers
Torrero makes use of trusted third parties to process visitors’ personal data including but not limited to, information technology, statistics and reporting, customer support, sales, marketing related services. Pursuant to applicable data protection regulations including the General Data Protection Regulation these third parties are contractually bound to Torrero and obliged to treat visitors' data securely and confidentially. Their use of the said data is restricted to the extent required to fulfil the respective task. Torrero only transfers data to states outside the EU/European Economic Area provided that the recipient guarantees a standard of data protection comparable to that in place in Europe.
- Sharing of data with Regulatory and Enforcement Authorities
If we are under a duty to disclose or share Your Personal Data to comply with our legal obligations, Torrero may transfer Your Personal Data to regulatory and enforcement authorities within the EU/EEA.
- Sharing of personal data within the Torrero Group
- The processing of Your Personal Data by Our data Processors is done under a contract compelling data Processors to the same level of data protection provided under this Privacy Notice.
- Torrero will only transfer Your Personal Data to any third parties outside of the EU/EEA provided the recipient guarantees a standard of data protection comparable to European standards. We will take all reasonable steps possible to ensure that Your data is treated as securely as it is within the European Union and in accordance with this Privacy Notice and applicable legislation.
- In the event that We are required by a court or other administrative authority, pursuant to an investigation relating to unlawful activities such as money laundering and in any other case that We are legally bound to do so, the Company may transfer Your Personal Data to public authorities to the extent specified by law.
- For the execution of the purposes mentioned in this Privacy Notice, We may provide access or transmit Your Personal Data to the following recipients:
- Retention of Your Personal Data
- We retain Your Personal Data for as long as is necessary to fulfill the relevant purposes of processing explained in this Notice, in accordance with the Data Minimisation and Storage Limitation principles.
- Furthermore, Torrero may retain Your Personal Data after the expiration of the relevant processing purposes for the following reasons:
- In case We have a legal obligation to retain Your Personal Data under a relevant statutory provision.
- Based on Our legitimate interest to defend the Company against any potential legal claims, before any competent court or public authority.
- After the period of retention, Your Personal Data is erased from Our databases and systems.
- For more information about data retention terms in relation to specific Personal Data, please contact Us at [email protected]
- Data Security and Confidentiality
- All data will be processed in an automated manner. Torrero takes all adequate technical and organizational measures to protect visitors' data from access by unauthorized persons and to prevent accidental or unlawful processing, disclosure, destruction, loss, alteration or damage.
- The processing of Your Personal Data by Torrero is conducted in a manner that ensures confidentiality and security, taking into account the latest developments, implementation costs and the nature, scope, context and purposes of the processing, as well as the risks for Your rights and freedoms, which are applicable in each circumstance.
- Only authorized employees or service providers of Torrero have access to Your Personal Data. Torrero monitors the trustworthiness and reliability of all of its employees and service providers. At regular intervals, all employees are given training on the applicable security and data protection standards.
- Your Rights
- You have the right:
- To request access to You Personal Data and information related to their processing and obtain a copy thereof.
- To request for the correction of any inaccuracies or any missing Personal Data of yours.
- To withdraw your consent to the processing of Your Personal Data at any time where the processing is based on your consent to use or process such data.
- To request for the erasure of Your Personal Data.
- To request for the transfer of Your Personal Data to another Data Controller or directly to You in a structured, commonly used and machine-readable format.
- To request for the restriction of the processing of Your Personal Data in cases explicitly provided for by law.
- To object to the processing of Your Personal Data in cases explicitly provided for by law.
- To object to a decision taken solely on the basis of automated processing, including profiling, which has impact on You or significantly affects You.
- Any requests related to Your Personal Data or to your rights mentioned in Section 11.1 must be addressed in writing to [email protected]
- You have the right:
- Filing a Complaint
If You feel that Your rights are infringed, You have the right to file a complaint with the Office of the Information and Data Protection Commissioner at the following website https://idpc.org.mt/raise-a-concern/ - Your Obligations
- By using Our Website and by providing Your Personal Data, You acknowledge that You are required to provide Your actual, accurate and complete data as requested by the Company. Furthermore, You must inform Us of any changes to Your information so as to ensure it is kept up-to-date and accurate.
- Website and any products or Services available on Website are not intended to solicit information of any kind from persons under 18 years of age or any other age of legal majority existing in the jurisdiction of the Visitor. By using Our Website and by providing Your Personal Data, You confirm that you are at least 18 years old.
- Cookies
- Our Website uses cookies. For more information please review Our Cookie Notice available on our Website.
- Amendments to this Privacy Notice
- This Privacy Notice is subject to change from time to time. Any changes thereof shall come in force and effect from the instance they appear online on the Website. Although any substantial modifications to this Privacy Notice will communicated to You, it is recommended to review this Privacy Notice and potential amendments regularly.
Version 1.1 – last update on 19/02/2024