FUAM Privacy Notice
This privacy notice tells you about the information we collect from you when you visit our federation websites (www.fuam.org.mt or http://www.bluedolphinofmalta.org.mt) or make enquiries via any of our websites. In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data.
We may update this Privacy Notice as needed, but we’ll inform you of this through our public communication channels and via our Facebook Pages. We still recommend you to check this page regularly. The last update was done on the 20th December 2018.
Who are we?
We are the Federation of Underwater Activities Malta (“FUAM”), a Voluntary organisation in the process of being registered with the Office of the Commissioner of Voluntary Organisations. We do not have an official address or telephone, but you can contact us by email at email@example.com or by writing to us at P.O. Box 3, Manoel Dimech Street, Sliema, Malta. You can also send us a message in our Facebook Page
We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.
What personal data do we collect?
- When you request to join us, participate in our activities or when you make an enquiry, you may provide or be requested identification details, scuba diving qualifications and contact information. For your own safety, and to meet legal obligations for Diving activities, we request medical self-certification and/or a medical certificate.
- We also collect identification, contact and medical information to be able to issue you with Diving Certifications.
- We do not voluntarily use any cookies on our websites (www.fuam.org.mt and bluedolphinofmalta.org.mt) but links on the website may lead you to third party websites which may include such cookies. You need to check the Privacy Information Notices or Policies of such websites individually to understand what they do with this data.
- Our facebook pages may contain any data that you may put yourself or shared by third parties. Since this data lies on facebook.com’s services, you may want to refer to facebook’s own privacy notices. Where we may have control, we will be more than willing to assist in removing data that is placed there about you without your consent.
- When you visit our website, within the web server access logs we may collect your IP address, page visited or requested, date and time, browser and operating system version.
- When you attend our events, photos may be taken. If you would like us not to show you in these photos, or if you want us to remove you from any event photos published on our website, kindly let us know.
Why do we collect this information?
- We will use your information to be able to contact you in relation to the activities of the FUAM and to maintain a record of your diving certifications.
- We require this information in order to process your service, deliver your service and fulfil our service to you.
- Our website access logs are only collected for tracking visits to our site for statistical and performance optimisation purposes and to assist should any visitor, including you, not be able to access websites.
What do we do with your information?
- Your personal information is stored in our online website system and our organisation’s information systems which are based within the European Union. We do not share your information with other entities, and neither we transfer data with organisations that are based outside of the European Union unless we inform you.
- We do follow basic and appropriate security practices in order to secure your personal data as best as we can. Should we identify a breach which might put your data at risk, we will inform you either via a public message or by direct communication.
- We do not use the information you provide to make any automated decisions that might affect you.
How long do we keep your information for?
- Unless you hold a current CMAS certification, we keep records of membership transactions information for up to 10 years after provision of service due to statutory record keeping obligations. Your personal information associated with your request will then be removed.
- If you have a CMAS certification, unless you ask us to delete your certification data specifically, we will retain associated data for a period of 25 years after certification to be able to process renewals and/or being able to issue replacement qualification records.
- The most recent Medical certificate that you provide us will be kept for the period of your membership or if you join us for one event, after our potential liability for such an event passes. You may request us to update or dispose of these certificates at any time. However, if you tell us not to keep any copies of your medical certificate, we will have to refuse from allowing you to join on our diving activities as this is a legal requirement for us to ensure that divers are fit for scuba diving and to ensure your personal safety. Diving Certifications Cards may be requested to be returned in such a case as we would no longer be able to defend a claim against us in such a case.
Your rights over your information
- By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate.
- You can also ask us to give you a copy of the information and to stop using your information for a period of time if you believe we are not doing so lawfully.
- To submit a request to exercise any of the above rights, please use the contact information provided above.
Your right to complain
If you have a complaint about our use of your information, you can contact the Information Commissioner’s Office via their website at http://www.idpc.org.mt or write to them at:
Information and Data Protection Commissioner
Level 2, Airways House, High Street, Sliema SLM 1549, Malta
Tel: (+356) 2328 7100 – Email: firstname.lastname@example.org