Skip to Content

PRIVACY POLICY

Last updated: 05/02/2026

This Privacy Policy describes how Else Group Ltd (the "Company", "we", "us", or "our") collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679, GDPR and applicable Maltese data protection laws.

By accessing or using our website, services, or engaging in commercial transactions, you consent to the practices described herein.

1. DATA CONTROLLER

The Company is the data controller for all personal data collected.

Contact:

  • Email: [insert contact email]
  • Address: [insert company address]

2. TYPES OF DATA WE COLLECT

2.1 Personal Data

  • Name, billing & shipping address, email, phone number
  • Payment information (processed securely by our payment provider)
  • Account credentials, preferences, and purchase history

2.2 Device & Usage Data

  • IP address, browser type/version, time zone
  • Cookie identifiers, browsing patterns, pages visited, searches performed
  • Device type and operating system

2.3 Customer Support & Communication Data

  • Any information voluntarily submitted through customer support channels
  • Notes on correspondence and interactions

2.4 Special Categories

  • We do not intentionally collect sensitive personal data (e.g., health, religion, ethnicity).

3. PURPOSES OF DATA PROCESSING

We process personal data to:

  1. Fulfill contracts, including order processing, delivery, and invoicing
  2. Provide customer support and respond to inquiries
  3. Manage our business operations, internal record-keeping, and analytics
  4. Comply with legal and regulatory obligations, including tax and auditing
  5. Provide marketing communications only when consent is given
  6. Detect and prevent fraud and unauthorized transactions

4. LEGAL BASIS FOR PROCESSING

Under GDPR, we process personal data based on:

  • Consent: where you have agreed to marketing communications or cookies
  • Performance of a contract: processing orders, deliveries, and services
  • Legal obligation: tax, audit, and compliance requirements
  • Legitimate interest: fraud prevention, security, and operational efficiency

5. DATA SHARING

We may share personal data with:

  • Service providers and contractors (logistics, IT, analytics, marketing)
  • Payment processors
  • Legal and regulatory authorities as required by law
  • In connection with mergers, acquisitions, or business transfers

All third parties are required to comply with GDPR obligations.

6. DATA RETENTION

We retain personal data only for as long as necessary to fulfill the purposes outlined and to comply with legal obligations.

  • Customer and transaction data: minimum 10 years (for tax and audit compliance)
  • Marketing data: until consent is withdrawn
  • Website and cookie data: per retention schedules detailed below

7. DATA SECURITY

We implement technical and organisational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.

This includes:

  • Encrypted storage of sensitive information
  • Role-based access controls
  • Regular security assessments

8. YOUR DATA SUBJECT RIGHTS

Under GDPR, you have the following rights:

  1. Right of access – request a copy of your data
  2. Right to rectification – correct inaccurate data
  3. Right to erasure – delete your data where applicable
  4. Right to restriction – limit processing in certain circumstances
  5. Right to data portability – receive data in a portable format
  6. Right to object – object to processing based on legitimate interest or marketing
  7. Right to withdraw consent – for cookies or marketing
  8. Right to lodge a complaint – with the Maltese Data Protection Commissioner

Requests can be sent to [insert contact email]. We will respond within the legally required timeframe.

9. COOKIES & TRACKING

We use cookies and similar technologies to:

  • Ensure website functionality
  • Analyse usage patterns and improve our services
  • Provide targeted advertising only if consented

You may adjust your cookie preferences via your browser settings or our cookie banner.

10. AUTOMATED DECISION-MAKING

We may use automated systems to detect fraud, prevent abuse, and optimise our website. These do not produce legal or similarly significant effects for you.

11. TRANSFER OF DATA OUTSIDE THE EEA

If we transfer personal data outside the European Economic Area, we ensure it is protected by:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules where applicable

12. MINORS

Our services are not intended for individuals under 18. We do not knowingly collect personal data from minors.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. The updated policy will be published on our website with an updated “Last Updated” date.