Privacy Policy

Last updated: June 2025

1. Introduction

Insights Malta ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect information when you use our platform.

2. Data We Collect

2.1 Account Information

When you register, we collect your email address, full name (optional), and password (stored securely as a salted hash).

2.2 Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, and timestamps. This helps us improve the platform and provide better analytics.

2.3 Address Information

You may optionally provide your street address and locality to receive personalised notifications about planning applications in your area. This information is stored only for notification purposes and can be removed at any time in your Settings.

2.4 Payment Data

Payment processing is handled by Stripe. We store only your Stripe customer ID and subscription status. We never store credit card numbers or banking details.

3. How We Use Your Data

  • To provide and maintain the Service.
  • To manage your account and subscription.
  • To send you planning application notifications based on your preferences.
  • To communicate important updates about the Service.
  • To improve and optimise the platform.
  • To comply with legal obligations.

4. Legal Basis (GDPR)

We process your data on the following legal bases:

  • Contract performance: Account management, subscription billing.
  • Legitimate interest: Platform improvement, security monitoring.
  • Consent: Notification preferences, newsletter subscriptions.
  • Legal obligation: Tax records, regulatory compliance.

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe — for payment processing.
  • Hosting providers — to deliver the Service (data centres within the EU).
  • Legal authorities — when required by law.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where retention is required by law.

7. Your Rights

Under GDPR you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Erase your data ("right to be forgotten").
  • Restrict processing of your data.
  • Data portability — receive your data in a machine-readable format.
  • Object to processing based on legitimate interest.
  • Withdraw consent at any time for consent-based processing.

To exercise these rights, email us at privacy@insightsmalta.com.

8. Cookies

We use essential cookies to maintain your session and authentication state. We do not use third-party tracking cookies or advertising cookies.

9. Security

We implement industry-standard security measures including encrypted connections (TLS), hashed passwords, and regular security audits. No system is 100% secure; we encourage you to use a strong, unique password.

10. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or in-app notification.

12. Contact

For privacy-related questions or to exercise your rights, contact our Data Protection Officer at privacy@insightsmalta.com.