Privacy Policy
Our commitment
Protecting Your Privacy
We, the team at Apcopay Ltd., strongly value our own privacy - and therefore are committed to protect your personal data (i.e. information that identifies you) as though it is our - own.
If you have any questions about how we protect your privacy, get in touch here: dpo@harvest.tech
One of your rights under EU law - the GDPR - is that you must be informed when your personal data - also known as personal information - is processed (collected, used, - stored) by any organisation. You also have the right to know the details and purpose of that processing.
This privacy policy describes our practices relating to the personal data of visitors of Apcopay and those users who make use of our online facilities. For all our services, the data controller - the company that's responsible for your privacy - is Apcopay Ltd. with its address at Nineteen Twenty Three, Valletta Road, Marsa, Malta.
We assure you that we will only use and disclose any personal data collected from you in accordance with the manner set out in this policy.
Information We Collect
Most of the personal data which we may collect about you through this website is given to us only if you choose to give it to us.
Such personal information may be requested from you when you fill in a field (e.g. to submit a vacancy, sign up for our newsletter or fill in any other form with your questions and comments or any other form or application downloaded through or from Apcopay Ltd's Website. If you send us emails, then the personal data we process will depend on what you send us in the email.
The information we collect from you normally includes the following:
- 1. Name + Surname;
- 2. Contact Details:
- 1.Email address
- 2.Contact Number
- 3. Information about your device (phone or laptop) from which you used our website; Last login IP.
Check out the next sections to understand how and why we use this information.
Some other information is given to us because you accessed this website. This is explained in Cookies Section below.
How & Why we use your information
We use your information in a number of different ways – what we do with it then depends on the information and the purpose for which we collected.
1. Your name and contact details
2. Your contact history with us
What you've said to us – for example, over email or contact forms.
3. Information about your device (phone or laptop) with which how used our website
What you've said to us for example, over email or contact forms.
No information is collected when you browse our site or use our app.
4. Your responses to surveys, competitions and promotions
We also anonymise and aggregate personal information (so that it does not identify you) and use it for purposes including testing our IT systems, research, data analysis, improving our site and app, and developing new products and services. We also share this anonymised information with third parties – but don’t worry, they cannot identify you.
The Legal Basis for Processing
For some of the uses of your personal data (as described above) there is a legal basis under applicable data protection laws for us to use such personal data without having obtained your consent.
This includes, for example, where it is necessary for us to use the information to perform a contract with you or take steps at your request prior to entering into a contract with you, such as to process your order, provide customer-care and support services to you.
It also includes circumstances (such as we have described below) where we have a legitimate interest to use your data, provided that proper care is taken in relation to your rih5ghts and interests:
Retention Periods
Children Under 18
If you are less than 18 years old, please get your parent/guardian’s permission before you provide any personal information to us.
We will need to process personal data relating to parents or guardians in that case – and we may also need to request for verification documentation to ensure that consent is given or authorised by the holder of parental responsibility.
Sharing your information
We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. It is not our business to do so – and we want to earn your trust and confidence.
Marketing Messages
We would normally communicate to you about products or services in which you have shown interest – we understand that you would be interested in receiving this information as it is of use with the product or service. But rest assured, you can ask us to stop.
Also, if you have said we can (i.e. you gave us your clear confirmation), we will send you marketing messages by email or SMS, to keep you aware of what we’re up to and to help you see and find our products.
How to stop marketing messages from us
You can stop receiving marketing messages from us at any time through any of the following methods:
Once you do this, we will update your profile to ensure that you don’t receive further marketing messages. Please note that, it might take a few days for all our systems to be updated, so you might get messages from us while we process your request. If you ask us to stop marketing messages this will not stop service communications (such as order updates). This may be necessary of us to communicate to you as part of our services from our contract.
Cookies – What are cookies?
A cookie is a small text file (typically numbers and letters) that is downloaded onto ‘terminal equipment’ (e.g. your computer or smartphone) when you (or someone else) access a website using that device. Cookies are then sent back to the originating website on each subsequent visit – and they are useful because they allow a website to recognize a user’s device and store some information about your preferences or past actions.
Some cookies are needed for the for the sole purpose of carrying out the transmission of a communication over an electronic communications network – others may be necessary for the provision of a service over the internet, in which case they have to be used.
Other cookies may be desirable to improve your experience, in which case we will ask you for your consent to use them.
What cookies do we use?
1. Analytics Cookies
These are used to understand, improve, and research users visiting our website and their needs to improve our website’s user experience. For example, we may use cookies to understand what pages a user browses before submitting using the contact form. We do not share information about this analysis with any third parties.
Google Analytics cookies: _ga, _gat, _gid
We use Google Analytics to measure traffic on our website. Google has their own Privacy Policy which you can review here. If you’d like to opt out of tracking by Google Analytics, visit the Google Analytics opt-out page.
2. Necessary Cookies
Cookies: PHPSESSID, viewed_cookie_policy
PHPSESSID is native to PHP applications. The cookie is used to store and identify a users’ unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
How do you change your cookie settings?
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
Other Passive Information which we collect
Apart from the information you provide us with when using our Website, other information is passively collected from you (without you actively furnishing such information) when you navigate through the website. We use various technologies and navigational data collection methods to gather such passive information for various reasons, for example, to track how many visitors access our website, the date and time of their visit, the length of their stay and which pages they view. The passive information also aids us to determine which web browsers our visitors use and the address from which they accessed our website – for instance, if they connect to our Website through clicking on one of our banner ads. This technology does not identify you personally.
Such passively collected information may be used and combined to improve our services to website visitors, customise the website based on your preferences, compile and analyse statistics and trends of our visitors and their use of the sites operated by us and our related entities or subsidiaries. Together with our related entities and subsidiaries we will use this information and share it with third parties to improve the content, functionality and administration of our websites, to better understand our customers and markets, and to improve our products and services.
We assure you that, unless you have consented, such passive information shall not be combined with personally identifiable information collected elsewhere by our website or respective sites operated by our related entities or subsidiaries.
Information we collect on behalf of our clients as part of our services
As part of our services being provided to our clients, we act as data processors. We handle Credit Card Processing information as required for carrying out transactions between clients of the Operator and Financial Institutions, in order to execute financial transactions as instructed by the Operator.
Any data that is processed by us shall be for the duration established by the specific Data Processing Agreement between us and the client and will be retained subject to the requirements of PCI-DSS compliance.
The Data is collected from the client’s customers so as to be able to perform financial transactions on behalf of the customers with the relevant financial institutions as instructed by the Operator. The processing includes the collection, storage and forwarding of transaction details to the relevant financial institutions. The purpose of the processing is to perform financial transactions as instructed by the Operator.
The type of personal data that is collected includes:
Any Personal Data will be retained by us for the purposes of financial records. The retention will be in accordance with the requirements of PCI-DSS compliance, or as instructed by the specific Operator (acting as the Data Controller), as long as such retention does not conflict with other legal requirements. Any Personal Data processed on behalf of the Controller will be deleted or destroyed after the termination of this agreement plus any additional retention period required by the relevant legislation.
Vacancies – Job Applicants
Our website includes a section with which candidates may submit their information for vacancies we have.
We are the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information, please contact us at dpo@harvest.tech.
What will we do with the information you provide to us?
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements where necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us, to contact you to progress your application.
We will use the other information you provide to assess your suitability for the role you have applied for.
What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. The information we ask for is used to assess your suitability for employment.
You don’t have to provide all the information that we ask for, but it might affect your application if you don’t.
Application stage & Short listing
If you use our online application system, the information you give us will be collected by our recruitment section. This may mean that it will be processed by us, or by the Human Resources department of the affiliated companies within the Harvest Division.
We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
Shortlisting
Once we receive your application, the applications will be assessed for suitability for the post and the application passed to the relevant manager or department head for assessment and shortlisting for interview.
Assessments
We might ask you to participate in further recruitment tests or occupational personality profile questionnaires; and/or to attend an interview – or a combination of these. Information will be generated by you and by us and if so, this information is held by us for the recruitment exercise and perhaps afterwards if you are selected.
If we make a conditional offer of employment we may ask you for information so that we can carry out pre-employment checks – which may be required to seek assurance as to trustworthiness, integrity and reliability and the possibility to work with us. Further processing of your information would be required if we are to apply for a work permit.
Depending on the job requirements, you may be required to provide: Proof of your identity; Proof of your qualifications; References from past Employers; Police Conduct; and declaration of any unspent convictions.
(i) We will contact your referees, using the details you provide in your application, directly to obtain references
(ii) We may also ask you to complete a questionnaire about your health. This may be to establish your fitness to work or to establish suitability for any health insurance schemes which may be offered through the company. This is done through a data processor.
If we make a final offer, we will also ask you for the following:
Final recruitment decisions are made by hiring managers and members of our recruitment team. All of the information gathered during the application process is taken into account.
Retention Periods
If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained in our talent pool for a period of up to twelve (12) months. If you say yes, we may proactively contact you should any further suitable vacancies arise within that period. You may ask us to cancel this at any time – however we normally keep information about your application for at least 6 months in case you raise any questions about the process.
If you are employed with us, we will keep your personal data throughout the employment and for a period after that in accordance with our HR Policies and Procedures and our HR Document Retention Policy.
Your rights
You enjoy several rights relating to your personal information:
Security of your Personal Data
Security of your personal data is very important to us. Where it’s appropriate, our website uses HTTPS to help keep information about you secure. However, no data transmission over the internet can be guaranteed to be totally secure.
You may complete a registration process when you sign up to use parts of the websites. This may include the creation of a username, password and/or other identification information. Any such details should be kept confidential by you and should not be disclosed to or shared with anyone. Where you do disclose any of these details, you are solely responsible for all activities undertaken where they are used.
Whenever you create a password, then to protect your account you should choose a strong password, meaning it should be lengthy and include a mixture of letters and numbers with a mix of CAPS. We do our best to keep the information you disclose to us secure. However, we can’t guarantee or warrant the security of any information which you send to us.
Security measures which have been implemented to secure information transmitted over our website or stored on our systems include the following:
- 1. Use of secure servers
- 2. Use of firewalls;
- 3. Use of encryption;
- 4. Physical access controls at data centres
- 5. Information access controls;
- 6. Use of back-up systems;
Please understand, however, that no system is perfect or can guarantee that unauthorised access or theft will not occur.
Changes to how we protect your privacy
Our website is continually under review– new functions and features are periodically added and improved to interface, thus changes to our privacy policy may be required from time to time.
We therefore encourage you to check our privacy policy on a frequent basis.
Links to Other Websites
We are always happy to hear from you, whether to make a suggestion but especially if you feel we can do better.
If you have any questions about this Privacy Policy, or if you wish to make a complaint about how we have handled your personal information, please contact us at:
Nineteen Twenty Three,
Valletta Road,
Marsa, Malta MRS 3000
We have appointed a Data Protection Officer who may be contacted here: dpo@harvest.tech