PRIVACY POLICY

Introduction
NAAR Ltd. takes Data Protection very seriously and invests in resources to ensure that personal data is protected through processes that are by design targeted at keeping personal data safe. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the client (further 'data subject').

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR). By means of this data protection declaration, NAAR Ltd. informs the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

Data Controller
As the controller, NAAR Ltd. has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed.
The Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
NAAR Ltd.
40 Windsor Court, Flat 2B, Windsor Terrace, Sliema, SLM 1856
tel: +356 2157 2156, e-mail: info@naarmalta.com, www.naarmalta.com
What data do we collect and why do we store and process your Personal Data?
NAAR Ltd, collects a series of general data and information when a data subject either becomes at one of our branches or through our Internet channels. This data and information is stored on our centralised server. Generally, when a data subject visits our restaurant we can collect the following: Name and Surname, Address, Telephone and Mobile numbers and Email Addresses.

When using our website we may collect the above personal details as well. Our web hosting provider also collects data through their server logs such as (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (referrer), (4) the date and time of access to the Internet site, (5) an Internet protocol address (IP address), (6) the Internet service provider of the accessing system, and (7) any other similar data and information that may be used in the event of attacks on our information technology systems.

The data collected is never used by NAAR Ltd. to draw any conclusions about the data subject. Rather, this information is needed to help us deliver the level of service that we feel our clients deserve. We use this data to be able to contact our clients and also to offer them new services and offers from time to time. Subscription to these offers and services will require separate consent from our clients. Offer may be sent to data subjects through various channels such as: Email Marketing, Printed Material sent by post.

NAAR Ltd. analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
Who collects personal data?
Data is collected by

  • Our employees through walk-ins at our branches.
  • Through our website and social media pages.
  • Through emails opened and actioned by our employees.
  • Through phone calls.
Retention Period
We usually retain the personal data of our clients for the period during which they are considered as clients. As part of the services we offer, we include periodic services as part of a structured course or programme. In this case NAAR Ltd. will retain the data throughout the period of the programme and will request permission to retain the data longer.

As a policy, NAAR Ltd. retains all personal data for two years from the date of the last contact with the client (data subject). After this period, the data subject is no longer considered a client and their data is erased. In the case of marketing communications we ask for specific permission from the data subject to retain their email address indefinitely. The data subject is reminded continuously in every mail shot that they may opt out whenever they like.
Who we share your data with
NAAR Ltd. uses third party partners to help in processing data for marketing purposes. We share data with General Informatix Ltd. We are assured that this company handle personal data under the strictest controls. We also purposely share only the data that is required for the processing task rather than all the personal data about a data subject.
Subscription to our newsletter
On our website, users are given the opportunity to subscribe to our newsletter. NAAR Ltd. uses this newsletter to inform its customers and business partners about its offers. The newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter and (3) if the data subject is a client and gives NAAR Ltd. consent (Opts in). A confirmation e-mail will be sent to the e-mail address when a user subscribes. A double opt-in procedure is employed. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.

The personal data collected as part of a registration for the newsletter will only be used to send our newsletter.
How to contact us
You can contact us as follows :
NAAR Ltd.
40 Windsor Court, Flat 2B, Windsor Terrace, Sliema, SLM 1856
tel: +356 2157 2156, e-mail: info@naarmalta.com, www.naarmalta.com
Routine erasure and blocking of personal data
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.

If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is erased in accordance with legal requirements.
Your rights as a Data Subject

As a data subject GDPR provides you with extensive rights as follows:

  • Right of confirmation
  • Right of access
  • Right to rectification
  • Right to erasure (Right to be forgotten)
  • Right of restriction of processing
  • Right to data portability
  • Right to object
  • Automated individual decision-making, including profiling
  • Right to withdraw data protection consent
  • Data protection for applications and the application procedures


For more detailed information about your rights under GDPR, please visit:
www.naarmalta.com/data-subject
Close
How can we help?
Messenger
Mail
Phone
This website uses cookies. Cookies remember you so we can give you a better online experience.
Close
CONTACT US
T. (+356) 2137 3412
info@naarmalta.com

ADDRESS
1 Triq Censu Tabone, St. Julian's STJ1017

WE ARE OPEN
Mon. - Wed. 4pm - 12pm,
kitchen 4pm - 11pm.
Thu. - Fri. 12pm - 11pm,
kitchen 12pm - 3pm/6pm - 10pm.
Sat. - Sun. 10am - 11pm,
kitchen 10am - 4pm/6pm - 11pm.