APS Bank - Data Privacy Policy (GDPR)

GDPR APS Bank plc  is committed to protecting your privacy. We strongly believe that you should be fully aware of the personal data that we process about you and how and why we do so. We also believe that we have a duty to help you better understand your various rights at law. As part of this ongoing commitment and by way of preparation for new data protection legislation that will come into effect across the EU on the 25th of May 2018 (the EU General Data Protection Regulation or ‘GDPR’), we have updated our Data Privacy Policy and internal procedures. We have also taken several measures to better protect your personal data.

1. What is the General Data Protection Regulation (GDPR)?

This is a European Union (EU) Regulation intended to strengthen and unify the protection of Personal Data for European Union residents.

2. What are the key changes with GDPR?

  • An expanded definition of personal data
  • New and strengthened data subject rights and conditions for consent
  • Larger penalties for non-compliance
  • Mandatory reporting of data breaches
  • Data Protection Officer requirement

3. Who does GDPR apply to?

GDPR applies to natural persons and entities or service providers involved in the processing of personal data referring to EU residents. This impact applies even when processing is completed outside of the EU. The GDPR applies to both Controllers and Processors.

4. What are the Data Subject rights?

  • Right to access
  • Right to erasure, rectification and restriction
  • Right to object
  • Right to be forgotten
  • Right to Data portability

5. Will data subjects have to provide consent?

Yes, consent to the processing of Personal Data has been strengthened. A request for consent must be freely given in a clear and easily accessible form and the purpose for data processing must be included. Consent must be specific, separate from other matters and provided using clear and plain language. Data subjects must be given the opportunity to withdraw their consent.

6. What is the definition of Personal Data?

Personal Data includes any information relating to an identifiable EU resident irrespective of whether it regards his or her private, professional or public life. Personal Data can include a name, photo, email address, bank details, medical information or an IP address.

7. What is a Data Subject?

A natural person who is the subject of Personal Data i.e. data which can identify and distinguish a living individual from any other.

8. What is a Data Controller?

A Data Controller includes a natural or legal person controlling and responsible for the keeping and use of Personal Data both electronically and in manual files.

9. What is a Data Processor?

A Data processor includes a natural or legal person involved in the processing of Personal Data on behalf of a Data Controller. Usually, a Processor is a third party external to the Data Controller. The duties of the Processor towards the Controller must be detailed in an agreement.

10. What do you need to do if you require more information?

GDPR Data Privacy Policy buttonGDPR Q & A button
Copyright © 2017 APS Bank plc
APS Bank plc is regulated by the Malta Financial Services Authority as a Credit Institution under the Banking Act 1994 and to carry out Investment Services activities under the Investment Services Act 1994. The Bank is also registered as a Tied Insurance Intermediary under the Insurance Distribution Act 2018.