Privacy Policy for EEC-ITIS Malta Tourism and Languages Institute

Effective Date: 25/10/2024

1. Introduction

EEC-ITIS Malta Tourism and Languages Institute (hereinafter referred to as “EEC-ITIS” or “the Institute”) respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, and protect information when you interact with us, in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and relevant Maltese data protection laws.

2. Data Controller

The Data Protection Officer, based at 9, EEC-ITIS Building, Triq S. Pietru, San Gwann SGN 2310, Malta, is the data controller responsible for the personal data we collect and process.

3. Personal Data We Collect

We collect and process various types of personal data from students, parents/guardians, staff, and visitors to fulfill educational, administrative, and contractual obligations. The data we collect includes, but is not limited to:

  • Identity and Contact Information: Name, address, email address, phone number, date of birth, and nationality.
  • Academic Information: Grades, attendance records, disciplinary actions, and assessments.
  • Financial Information: Bank details for payment of fees or wages, invoices, and payment history.
  • Health Information: Necessary health data to ensure the safety and well-being of students and staff.
  • Technical Data: IP addresses, login data, and information on how you use our website and online platforms.
  • Other Data: CCTV recordings and visitor logs for security purposes.

4. Purpose and Legal Basis for Processing

We only process your data where there is a legitimate purpose to do so under GDPR, which includes:

  • Consent: When you have given explicit consent for specific purposes.
  • Contractual Obligation: To fulfill the terms of an enrollment or employment contract.
  • Legal Obligation: To comply with Maltese and EU laws, including education, tax, and employment regulations.
  • Legitimate Interests: To ensure the safety of our community and to maintain the efficient operation of our services.

5. How We Use Your Personal Data

We use your data to:

  • Provide educational and support services
  • Manage enrollment, attendance, and assessment records
  • Facilitate communication with students and families
  • Administer tuition fees, scholarships, and financial aid
  • Ensure a safe learning environment through health, safety, and security protocols
  • Improve our programs and services through analysis and feedback collection
  • Comply with legal obligations and accreditation requirements

6. Data Sharing and Disclosure

We only share your personal data with third parties when necessary. This includes:

  • Educational Partners and Accreditation Bodies: To maintain accreditation and program standards.
  • Service Providers: Third parties providing IT, security, payment processing, and administrative services.
  • Legal and Regulatory Authorities: To comply with legal requirements.
  • International Transfers: If necessary, we ensure that adequate data protection measures are in place, including Standard Contractual Clauses (SCCs) as per GDPR guidelines.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined or as required by Maltese law. Upon expiration of the retention period, personal data is securely erased.

8. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. This includes physical security, encryption, and regular data security assessments.

9. Your Rights

Under GDPR, you have the right to:

  • Access your data and request a copy.
  • Rectify incorrect or incomplete data.
  • Erase your data in certain circumstances (“right to be forgotten”).
  • Restrict processing under specific conditions.
  • Data Portability: Request transfer of your data to another institution.
  • Object to data processing for direct marketing or where processing is based on legitimate interests.
  • Withdraw Consent at any time for data processed on a consent basis.

To exercise any of these rights, please contact our Data Protection Officer (DPO) at 9, EEC-ITIS Building, Triq S. Pietru, San Gwann SGN 2310, Malta.

10. Use of Cookies

Our website may use cookies to enhance user experience. For more information on the cookies we use and how you can manage them, please refer to our Cookie Policy.

11. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of any significant updates through our website.

12. Contact Information

For questions or concerns about this Privacy Policy or our data processing practices, please contact:

Data Protection Officer
EEC-ITIS Malta Tourism and Languages Institute
9, EEC-ITIS Building, Triq S. Pietru
San Gwann SGN 2310, Malta

Telephone:  +356 21-376-868
Skype :eec.itis.malta
Email: [email protected]

Alternatively, you can use our contact form.

13. Right to Lodge a Complaint

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with the Information and Data Protection Commissioner (IDPC) in Malta.