A

7. Recipients

Category: Privacy Notice for Entities exchanging information with Enemalta plc

We may share your personal data with third party recipients who typically are:

  • selected individuals within Our companies, on a need-to-know basis;
  • any service providers that may require access to your personal data in rendering Us with their services, including legal, accounting, billing, audit, insurance providers, consultants, and IT service providers;
  • Banks;
  • Local regulatory authorities or agencies such as Regulator for Energy and Water Services;
  • Authorised consultative bodies and agencies dealing with financial and accounting matters including the Court of Auditors, Financial Irregularities Panel, Internal Audit Service and Anti-Fraud Office; and
  • third parties, including but not limited to governmental institutions and authorities that may be of an executive, judicial or legislative nature, to whom disclosure may be required as a result of legal obligations imposed on Us.

We are a member (‘Member’) of a registered Credit Referencing Agency (‘CRA’) in Malta. The Member shall process Personal Data found herein according to applicable legislation, particularly, the Regulation [EU] 2016/679 (‘GDPR’) as well as the Data Protection Act, amongst others. If you as our client is in default of Our agreement, the Member has the right to pass on any of your personal information to the CRA as well as to any legally entitled third party.

Where such a disclosure is carried out, the relevant CRA, shall be deemed to be a Data Controller of the personal data it processes within its systems, in pursuance of its legitimate interests, such as promoting responsible lending, amongst others.

We do not share your personal data with any entity located outside of the EU or EEA unless required to do so at law.