All Terms
Privacy Policy

Privacy Policy

 

Summary of Key Information

This Privacy Policy provides a comprehensive overview of how we handle your personal information. Below is a summary of each area, with additional details available in the corresponding sections: 

  • Information We Collect: We gather various types of information about you when you engage with 'TripleA' in-store, online, over the phone, via email, through post, or on our social media platforms. The specific categories of information are outlined in the section below.
  • How We Use Your Information: We utilize your information in accordance with this Privacy Policy and the lawful bases established in data protection legislation:
    • When we have your consent to do so
    • When we must fulfill a legal obligation
    • When a contract exists
    • When we have identified a legitimate interest that does not compromise your rights and freedoms
    • When there is a vital interest
  • More Sensitive Information: In some instances, we may handle more sensitive data, such as information related to health or criminal records.
  • Automated Decision-Making: We occasionally employ systems to make automated decisions; however, you retain rights regarding our use of these systems, which are explained in more detail below.
  • Protection of Children and Vulnerable Customers: We strive to safeguard children and those who may be in vulnerable situations, as detailed in the section below.
  • Analysis of Information: We perform analysis on our customers and products for various purposes, which are further elaborated on below.
  • Digital Advertising and Personalization: We conduct advertising across digital platforms, including social media, in collaboration with partners and agencies, as explained in more detail in this section.
  • Information Sharing: We may share your information within the 'TripleA' group of companies, with external service providers, and other third parties when necessary. In all cases, we conduct appropriate due diligence to ensure that the sharing of your information is secure and suitable.
  • Credit Reference Agencies and Insurance: 'TripleA' works with Credit Reference Agencies (CRAs) and will exchange information with them. Further details can be found in the section below.
  • Information Sharing with Lending Partners: When 'TripleA' acts as a credit broker, we will share your information with our lending partners when you apply for a credit account and while your credit account remains active. More information can be found in this section.
  • International Transfers of Personal Information: If necessary, we may transfer your personal information outside of Malta. When this occurs, we ensure that appropriate safeguards are implemented.
  • Retention of Personal Information: We do not retain personal information for longer than necessary.
  • Your Rights: Under data protection legislation, you possess several rights, including the right to access your information and the right to request the deletion of your information. All your rights and the methods to exercise them are outlined in this section.
  • Opting Out of Marketing Communications: You can unsubscribe from our direct marketing communications at any time, including through our dedicated form here. More information on how to stop receiving digital marketing communications can be found in our Cookies Policy.
  • Security Measures: We implement appropriate technical and organizational measures to ensure the security of all personal information we manage.
  • Links to Other Websites and Social Plugins: Our websites may contain links to third-party websites and social platforms that we do not control, and we encourage you to read their privacy policies as well.
  • Contact Us: You can reach out to us regarding this Policy using the contact details provided in this section.

Who We Are

'TripleA' is a trading name of 'ETV Limited' (referred to as "we," "us," "our," or the “Company”), a company registered in Malta, Europe (Company registration number: C5698).

 

Applicable Laws

As a Company Registered in Malta and operating under Maltese Law, the primary privacy laws applicable to us concerning you are as follows: 

  • The Maltese Data Protection Act (Chapter 586 of the Laws of Malta) as well as the various Subsidiary Legislations under the same Act.
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, regarding the protection of natural persons concerning the processing of Personal Data and the free movement of such data, which repeals Directive 95/46/EC (General Data Protection Regulation) – the GDPR.

All of the above, as may be amended from time to time, are collectively referred to as the ‘Data Protection Laws.’

 

Information We Collect

We collect personal information about you when you visit our stores, utilize our webshop ("websites"), or communicate with us via phone, email, or social media. We refer to our websites as "Online Services."

 

The types of personal information we collect include: 

  • Personal details, such as your name, surname, address, date of birth, email address, phone number, ID Card and other contact information.
  • Transaction information, including details about the products you purchased, their prices, your payment method, and anonymized payment details, as per PCI DSS recommended standards.
  • Information about you, such as your employment details, financial status, and data extracted from identification documents (e.g., passport or driving license) when reviewing your application for insurance or loans from selected third parties and partners.
  • Your account information, including payment dates and amounts owed or received, subscription services you use, and any other information related to your account.
  • The phone numbers you use to contact us over the phone, such as those for our customer services team.
  • Account credentials (including new passwords) when establishing a B2B contract with us.

When you use our Online Services, the information we collect includes: 

  • Account information, such as your username, password, and other identifiers or credentials you utilize to access our Online Services or to purchase our products and services, as well as your shopping preferences, including your preferred brands and products, and which of our stores you like to shop in. (Please note that when you log into your account, you will remain logged in for 120 minutes, even if you navigate away from our website. If you are using a shared computer or prefer not to stay logged in for this period, please ensure you log out before leaving our website.)
  • Information you provide during your interactions with us. This encompasses when you register to use our Online Services, subscribe to our services, or request further information or services from us.
  • Details about your visits to our websites or in-store Wi-Fi and the resources you access. Examples include the ads you click, device information, and location data.
  • IP address, the type of device you are using to browse, and cookie information.

 

More information is available in our Cookie Policy.

 

You may provide personal information in various situations, including when you: 

  • Purchase products at our stores, online, or through our contact center.
  • Register for or utilize our Online Services.
  • Request to receive marketing or other communications.
  • Use our Wi-Fi networks or other in-store technology.
  • Enter one of our competitions or complete one of our customer surveys.
  • Submit information when providing feedback or making inquiries.
  • Use interactive features of our Online Services.

 

How We Use Your Information

Data protection law outlines several lawful bases upon which a company may collect and process your personal information. These include:

  • Where we have entered into a contract with you.
  • Where we have your consent.
  • Where we are legally obliged to do so.
  • Where we have identified a legitimate interest that does not infringe upon your rights and freedoms.
  • Where it is necessary for your vital interests.

 

The table below provides examples of circumstances under which we might rely on these lawful bases:

 

Contract:

  • We process your personal information to manage your orders and payments or to issue refunds.
  • A contract is formed when you utilize one of our services, such as insurance, or to facilitate an agreement between you and our lending partner when you submit a credit application.
  • We also process your personal information when facilitating a contract between you and one of our Multiplay partners if you purchase broadband or television packages through us.

 

Consent:

  • We utilize email and text messages to communicate with you regarding our products and services, competitions, offers, promotions, or special events. For instance:
    • To provide a reminder service for free mobile phone upgrades to notify you when a product is restocked.
    • To send you a renewal notice.
    • To inform you about our third-party partners that may be of interest to you. 
  • We personalize your experience on our Online Services, which may include providing you with interesting and relevant content or enhancing navigation on our websites (further information is available in our Cookie Policy).
  • To enter you into competitions.
  • To record any additional needs you may have due to vulnerable circumstances or to provide extra support when you communicate with us.
  • To engage you in customer research activities conducted by 'TripleA' or agencies acting on our behalf, including interviews, surveys, and observations that may involve capturing images and videos.

 

Legitimate Interest:

  • To offer customer support and communicate with you regarding your requests.
  • To reach out to you if we need to gather or provide further information regarding your order or inquiry.
  • To verify our records and ensure your satisfaction periodically (e.g., through customer surveys).
  • For marketing activities (excluding those based on consent), such as capturing marketing permissions during a sale and customizing marketing messages via social media and other third-party platforms.
  • To send promotional materials (e.g., renewal notices) through the mail or notify you of our offers by telephone.
  • To comply with requests you make concerning your rights (for example, if you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists to fulfill your request).
  • To send you communications related to your orders, purchases, or accounts and to process payment and refunds.
  • To allow you to contribute to our blogs and engage with us on social media platforms.
  • To ensure a seamless experience with our Online Services, which includes verifying that our websites function properly (for more details, please refer to our Cookies Policy).
  • To gain a deeper understanding of you as a customer, including the products and services you utilize, how you utilize them, and your shopping habits across our company, enabling us to better serve you.
  • To enhance both the content and visual presentation of our website(s) and to ensure that information is displayed in the most effective way for your needs.
  • To manage, assess, and improve our business operations, including the creation of new products and services; to evaluate the success of our sales, marketing, and advertising efforts; and to analyze and enhance our products, offers, promotions, Online Services, and other technologies.
  • To display relevant advertisements by utilizing information gathered from your devices, provided you have consented to such data collection. This may include your searches, location, advertisements you have viewed, and personal details you have shared with us, such as your age range, gender, and interests. Depending on your advertising preferences, this information influences the advertisements you encounter across your devices. Thus, if you browse our website on your work computer, you might see ads for our products or services on your phone later that evening.
  • To enable a seamless shopping experience across multiple channels, ensuring that you can purchase from us in whatever manner you prefer. For instance, we might use your information, whether in-store or during a video call with one of our staff members, to set you up with an online account or access your existing account, allowing us to provide personalized product recommendations and assistance.
  • If you fail to repay debts owed to us or return our property, we may need to locate your whereabouts (potentially using a tracing agent) to recover payments or retrieve items. This could be conducted by a third-party debt recovery agency acting on our behalf.
  • To guard against, identify, and prevent fraudulent activities, criminal acts, claims, and other liabilities.
  • To ensure network and information security so that we can implement measures to safeguard your information against loss, damage, theft, or unauthorized access.
  • To maintain the security and safety of our stores through the use of CCTV.
  • To provide you with claim information as part of fulfilling promotional offers if you have made a qualifying purchase.
  • To help mitigate overall fraud and credit risks for our customers, ensuring a duty of care for those who apply for financial products and services.
  • To engage in the sale of anonymized sales and analytical data, ensuring that individuals cannot be identified from this data. Anonymization is carried out using robust methods that comply with applicable data protection regulations.

 

Legal Obligations

  • To identify you when you reach out to us.
  • To verify the accuracy of the information we hold about you.
  • To assist HMRC and/or the police and/or and other regulatory authorities with investigations conducted by public bodies.
  • To fulfill any requests you make concerning your Data Subject Rights.
  • For financial management purposes.
  • When necessary, for health and safety considerations.
  • To comply with our obligations to the Financial Conduct Authority (FCA).

 

Vital Interests

We may need to reach out to you in the event of urgent safety or product recall notifications, or when we reasonably believe that processing your personal information will help prevent or mitigate potential harm to you.


When we process your information based on Legitimate Interests, we will have assessed this processing and weighed it against your rights and freedoms.

 

More Sensitive Information

Under data protection legislation, certain types of personal information are classified as more sensitive. This includes details about a person's racial background, specific beliefs, or health conditions, and can also encompass information related to criminal activities.

 

We do not anticipate processing any of your more sensitive information unless it becomes pertinent to our interactions with you or if you voluntarily provide such information. For instance, this may occur if you have a vulnerability or health condition relevant to our dealings with you, if you experience a medical emergency or accident, if the information pertains to a legal dispute or complaint, or if it relates to criminal activities affecting our business. In the rare instances when we do process more sensitive information, we do so strictly in accordance with data protection laws (for example, when we have your consent, to safeguard someone's vital interests, or to prevent or detect criminal activity) or as mandated by law.

 

How we utilize your information for automated decision-making

We occasionally employ systems to make automated decisions using your personal information or the information we are permitted to gather from other sources about you or your business (such as when we conduct credit or internal fraud assessments). This approach enables us to ensure that our decisions are swift, fair, efficient, and accurate, based on the data we possess. These automated decisions may influence the products, services, or features we can offer you currently or in the future, as well as the pricing we set for them.

You possess certain rights regarding automated decisions:

  • In specific circumstances, you can request that we refrain from making decisions based solely on the automated score; and
  • You have the right to contest an automated decision and ask for a human review of it.

If you would like more information about these rights, please do not hesitate to contact us.

 

How we safeguard children and customers in vulnerable situations

We recognize the significance of protecting individuals who may be in vulnerable situations or who are children, particularly when they are registering for one of our FCA-regulated products, such as applying for credit or insurance.

 

Children’s information
We do not permit individuals under the age of 18 to enroll in credit or insurance products. Our online services are designed for adults, and we do not knowingly collect, anticipate collecting, or store information about children. If a child happens to visit our website, we implement the highest standards of privacy by design, collecting only the minimal information necessary.

 

Customers in vulnerable situations
At times, we may need to manage more sensitive information related to customers with vulnerabilities or those in vulnerable circumstances. This could include, for example, details regarding their medical conditions or symptoms. We do this to assist customers who require additional support. We only gather the least amount of information necessary to achieve this and retain it only for as long as is reasonably required.

 

How we employ information for analysis

We analyze customer and transactional data to comprehend customer attitudes and their likelihood of acting in a certain manner in the future. We utilize algorithms to categorize customers into segments based on their socio-demographics, the frequency of their interactions with 'TripleA,' the size and type of their purchases, and the feedback they provide through surveys.

 

We analyze customer data to:

 

  • Develop new products and services or modify our offerings or store environment to better align with customer expectations.
  • Create and execute marketing campaigns and product and service recommendations that are relevant to you, based on your past purchases, your online browsing activities, or the information you have shared with us in surveys.
  • Design product assortments according to customer types, their preferences, and shopping behaviors.
  • Generate commercial forecasts.
  • If you have granted consent, personalize your experience on our website.

We may also conduct analytical activities on information that has been fully anonymized.

 

Digital advertising and personalization

We advertise across various digital platforms using both targeted and non-targeted advertising. For targeted advertising, we may use information obtained through cookies or similar technologies in your web browser to display ads to you, which you may encounter on other websites or digital platforms. We will seek your consent to implement these types of cookies and similar technologies through our website's cookies consent mechanism. Further information can be found in our Cookie Policy.

 

To ensure that suitable ads are displayed, we collaborate with partners and agencies to analyze and prepare the information, as well as to measure the effectiveness of our advertising. Please see the section below titled ‘Who we share your personal information with.’ When applicable, we or our advertising partners will merge this information with your transaction details and other data, such as your cookie consent instructions and information from external or publicly available sources. By creating a more comprehensive view of your preferences in this manner, we can ensure that you see the ads that are most pertinent to you. We also utilize this information to ensure you do not receive irrelevant ads.

 

Our digital advertising includes promotions across social media platforms. The media owners we most frequently collaborate with are Meta (which owns Facebook and Instagram) and Google (which owns YouTube). The individual privacy policies are provided for your reference.

 

We will also leverage the information we have on existing customers for modeling purposes to help identify potential new customers who may have an interest in our products.

 

Who we share your personal information with

We share personal information within the ‘TripleA group’ Members of TripleA who receive this information are not authorized to use or disclose the information except as outlined in this Privacy Policy.

 

When we share your information with third parties, we will conduct due diligence before disclosing any information to them and will have robust contracts in place that address the security of any shared information.

 

Our service providers
We collaborate with partners, suppliers, insurers, and agencies so they can process your personal information on our behalf and only where they meet our standards regarding information processing and security. We share only the information necessary to assist them in providing their services to us or to help them serve you. For instance, some of our service providers handle online advertising for us regarding our products and services, as well as those of our retail partners, suppliers, and third parties. Consequently, if you have indicated that you are open to receiving online marketing from us in our cookie preference center, you may see online advertisements that we or our partners have placed on the websites you visit or the interactive services you use.

 

Our third-party service providers include:

 

  • Credit and Insurance Partners: When you apply for credit or purchase an insurance product, we will share your information with trusted third-party partners responsible for these products. If you are an approved credit customer or have purchased an insurance product, we will continue to exchange your information while you use the credit facility or have an active insurance product. Please refer to the ‘Credit Reference Agencies and Insurance’ section below for more details.
  • We share your information with financial institutions to enhance service levels, reduce risk, and provide a duty of care to you and other customers.
  • Providers that assist us in delivering our marketing campaigns and facilitating our competitions.
  • Manufacturers of products sold to our customers for whom we conduct repairs.
  • Companies that enable us to gather your reviews and feedback, both online and offline.
  • Companies that operate our contact centers, as they require your personal information to identify and communicate with you.
  • Third-party vendors who assist us in managing and maintaining the ‘TripleA’ IT infrastructure.
  • Companies that provide insights and analytics services, allowing us to stock the appropriate products, launch suitable marketing campaigns, and better understand our business and customers.
  • Specialist providers of digital advertising and content personalization, to deliver tailored ads to customers, such as Epsilon.
  • Partners that support our services, such as when we need to arrange for a specialist engineer visit.
  • Companies that process and sort information on our behalf, monitor how customers use our websites, send our emails, and gather product/customer feedback via surveys.

When you request us to deliver your purchases either to the store (via ‘Click & Collect’) or another location, we will also share your address and contact details with our delivery partners, such as Maltapost, Fastdrop or ETV Logistics, to ensure a successful delivery. These partners may reach out to you to provide periodic updates regarding your delivery.

 

Other organizations and individuals
We may also transfer your personal information to other organizations under certain circumstances. For example:

 

  • If we are required to do so by law, pursuant to any code or practice we are bound by, or at the request of a public or regulatory authority such as the Office of the Information and Data Protection Commissioner.
  • To prevent and detect criminal activity affecting our business, we may voluntarily or upon request share information with the Police.
  • Information may also be shared with fraud prevention agencies to deter fraudulent claims.
  • If necessary to exercise or protect our legal rights, users, systems, and services.
  • With banks and insurance companies if you are a financial services (insurance or credit) customer.
  • With mobile phone operators if you purchase a phone contract through us.
  • With broadband and television providers if you buy a related product from us.
  • In response to requests from individuals (or their representatives) seeking to safeguard their legal rights or the rights of others.
  • With emergency services (if you make an emergency call), including your approximate location.
  • To trusted third-party companies that have subscribed to our services for the consumption of anonymized commercial data.

Credit Reference Agencies and Insurance

To process your application, we will share your personal information with credit reference agencies (“CRAs”), and they will provide us with information about you. This will include data from your credit application as well as details regarding your financial situation and history. CRAs will supply us with both public information (including the electoral register) and shared credit, financial situation, and financial history information, along with fraud prevention data. We will utilize this information to:

  • Assess your creditworthiness and determine whether you can afford to take the product.
  • Verify the accuracy of the information you have supplied to us.
  • Prevent criminal activity, fraud, and money laundering.
  • Trace and recover debts.
  • Ensure that any offers presented to you are suitable for your circumstances.

We will also continuously exchange information about you with CRAs, including information regarding your settled accounts and any debts that are not fully repaid on time. CRAs will share your information with other organisations.  Your information will also be linked to that of your spouse, any joint applicants, or other financial associates.

 

Sharing your information with lending partners
We will share your information with our lending partners (where ‘TripleA’ serves as the credit broker and is not the lender) when you apply for a credit account. We will do this to facilitate an agreement with you and manage the agreement throughout its duration. Our lending partners and ‘TripleA’ will continue to share your information while you utilize the credit facility, including details regarding your credit application, purchases, and transaction history (which is not limited to credit purchases and includes any that are not fully completed). Lending partners and ‘TripleA’ will also between themselves share the lending decision, the status of your account and your remaining balance.

 

We may utilize and share your information for the purposes of assessment and analysis, which includes credit or behavior scoring (or both), as well as other related inquiries such as product analysis. Additionally, we may employ this information to generate statistical reports, although these reports will not include any personally identifiable information pertaining to our customers.

 

International Transfers of Your Personal Information

As a business based in Malta, we will manage your personal information within Malta, EU. Occasionally, we may transfer your personal information outside of Malta (for instance, to our suppliers, service providers, or other companies within ‘TripleA’) for the purposes outlined in this Privacy Policy. Unless permitted otherwise by data protection law, if we transfer information to a country that is not recognized as having equivalent protections for information as Malta, we will implement appropriate safeguards to ensure that your information is protected in the same manner as it would be in Malta. This may involve establishing contractual protections (referred to as standard contractual clauses) and other organizational or technical measures designed to secure the information.

 

How Long We Retain Your Personal Information

The retention of different categories of documents is governed by various requirements as well as different legislation and regulations. We will retain your personal information for as long as you remain a customer. If you do not make a purchase or engage with us for a period of three years or longer, we will remove you from our marketing mailing lists. After you cease to be a customer, in most instances, we will retain your information for a maximum of seven years following the last time you interacted with us, or, if you have purchased insurance products, for up to seven years from the conclusion of the coverage.

 

We may keep your information for longer than seven years if we are unable to delete it due to legal, regulatory, or technical reasons. Additionally, we may need to retain it in order to assist with product recalls or safety notices. If we do so, we will ensure that your privacy is protected and will only utilize the information for those specific purposes.

 

We do not retain personal information in a format that can identify individuals for longer than is necessary.

 

It is important to note that anonymized or statistical data does not fall under the scope of this Retention Policy, as such data does not constitute identifying personal information.

 

Your Rights

The table below details the Data Protection Rights that are available to you:

 

Access to Information Held About You

You have the right to request information regarding the personal data we hold about you. This request is commonly referred to as a 'Data Subject Access Request.' If we determine that we are required to provide you (or someone acting on your behalf) with your personal information, we will do so at no cost. Prior to releasing personal information to you or to another individual on your behalf, we may request proof of identity and sufficient details about your interactions with us to enable us to locate your personal information. Except in exceptional circumstances, we will respond to your request within 30 days after we have received the necessary information or, if no such information is required, after we have received your request. You can request a copy of your information using this form or by utilizing the contact details provided below.

Rectification of Information Held About You

If any of the personal information we maintain about you is incorrect or outdated, you have the right to request that we correct it.

Data Portability

In certain situations, you possess the right to request a copy of your personal information from us or to have that information transferred to an organization of your choice in a format that is easily reusable.

To Stop or Limit Our Processing of Your Information

You have the right to object to our processing of your personal information if we no longer have the right to use it, to have your information deleted if we are retaining it for too long, or to restrict its processing under specific circumstances. When we rely on our legitimate interests, as outlined under 'How We Use Your Information,' you may object to our use of your information for these purposes. If we acknowledge that your objection is valid under your rights provided by data protection laws, we will cease to use your information for those purposes permanently. If we do not agree, we will provide you with our justification for needing to continue using your information.

You can request us to restrict the use of your personal information if:

  • It is not accurate.
  • It has been used unlawfully, but you do not wish for it to be deleted.
  • It is no longer relevant, but you want us to retain it for potential legal claims.
  • You have already requested that we cease using your information, and you are awaiting our confirmation on whether we are permitted to continue using it.

Please be aware that we may be legally required to retain certain information. Before we can provide you with any information or correct any inaccuracies, we may ask you for additional details to assist us in responding to your request.

Erasure

You have the right to request the erasure of your personally identifiable information, which is commonly known as the right to be forgotten. In some instances, we may not be able to fully delete your information, such as when we have a legal obligation to retain it. When deletion is possible, we will maintain an appropriate record of the request.

Additional

Right to Withdraw Consent (when we rely on consent) - In the rare cases where we have relied on your consent to process your personal data (which we would have obtained following the necessary GDPR procedures), you may withdraw that consent at any time in a manner as straightforward as when you initially provided your consent to us.

Right to Lodge a Complaint - You also have the right to submit complaints to the relevant Data Protection Supervisory Authority. The competent authority in Malta is the Office of the Information and Data Protection Commissioner (OIDPC). We kindly request that you attempt to resolve any issues you may have with us first, even though, as previously stated, you are entitled to contact the competent authority at any time.

 

If you wish to exercise any of these rights, please contact us.

 

How You Can Prevent the Use of Your Personal Information for Direct Marketing

We will not send you direct marketing communications if you inform us not to do so. You can notify us in several ways:

 

  • You can click on the "unsubscribe" link provided in any email communication we send to you, or you can send a free SMS short code to opt out of SMS marketing, both of which will automatically remove you from those channels of communication. Please be aware that you will still receive any Service communications we need to send regarding the products and services we have sold to you.
  • Alternatively, you can unsubscribe by sending your request to [email protected]. Please note that processing your request may take up to 28 days.
  • To stop online marketing through cookies, please refer to our Cookie Policy.
  • If you are encountering marketing messages from us on your social media channels, you can stop these directly on the social media platform.

You can find additional information in our Direct Marketing Charter at the end of this Privacy Policy.

 

Security Measures

We take our obligation to protect your information very seriously. All companies within ‘Appliance Hub’ employ physical, technical, and organizational security measures to safeguard the personal information you provide against loss, destruction, and unauthorized access by third parties. We accomplish this through various means, which include, but are not limited to:

 

  • Complying with the Payment Card Industry Data Security Standard (PCI DSS) when handling debit and credit card information.
  • Following General Data Protection Regulation (GDPR) guidelines when collecting, processing, and storing information.
  • Utilizing encryption protocols and software to secure your personal information during transmission.
  • Conducting regular backups of our critical information.
  • Regularly testing and assessing our security measures.

To this end, we have established security policies, rules, and technical and organizational measures to protect the personal data we may control. All our members, staff, and data processors (including specific subcontractors and cloud service providers located within the European Union), who may have access to and are involved in the processing of personal data, are additionally contractually obliged to maintain the confidentiality of our users’ or recipients’ personal data, as well as to fulfill other obligations imposed by data protection laws.

 

Despite all of the above precautions, we cannot guarantee that data transmission or storage systems can be 100% secure. For further information about our security measures, please contact us in the manner described below.

 

Authorized third parties and external service providers acting as our data processors, with permitted access to your information (as explained in this Privacy Policy), are specifically required to implement appropriate technical and organizational security measures that may be necessary to protect the personal data being processed from unauthorized or accidental disclosure, loss, or destruction and from any unlawful forms of processing.

 

As stated above, these service providers (our data processors) are also bound by numerous other obligations in compliance with data protection laws, particularly Article 28 of the GDPR.

 

Links to Other Websites and Social Plugins

Our websites (including this Privacy Policy) contain links to other websites operated by other organizations that we do not control. This Policy does not apply to those external websites and applications, so we encourage you to read their privacy statements as well.

 

We utilize social plugins (buttons) from social networks such as Facebook, Google+, YouTube, Instagram, and X (formerly Twitter). Once a button is activated, the social network may retrieve information, regardless of whether you interact with the button or not. If you are logged into a social network, that network can associate your visit to the website with your user account. A social network cannot link a visit to websites operated by our other group companies unless you also activate the respective button there.

 

If you are a member of a social network and do not wish for that network to combine information obtained from your visit to our websites with information they hold about you, you must log out of the social network in question before activating the buttons.

 

Contact Us

If you would like to exercise any of your rights as mentioned above or have any inquiries regarding this Policy, please use the contact us section on our website.

 

Additionally, you can reach out to the Information and Data Protection Commissioner (IDPC) if you have any concerns or complaints about how ‘TripleA’ has managed your personal information: https://idpc.org.mt/. This Privacy Policy was last updated in December 2024 and supersedes all previous versions. This Policy is reviewed regularly, and if updates or changes are made, we may inform you either via email or through an announcement on our social media channels.

 

Direct Marketing Customer Charter

When you purchase a product or service online or in-store, or when you create an account with us, we collect personal information about you to inform you about our latest products, services, or offers. We may do this via post, email, text message, online, or through social media.

 

We will only use your personal information to send you marketing messages if we have a legal right to do so. This could be either with your explicit consent or where there is a ‘legitimate interest’, such as when we have a business or commercial reason for using your information. We will always provide you with the opportunity to opt out of marketing when we first collect your contact details and in every subsequent message.

 

We may ask you to confirm or update your marketing preferences if you purchase any new products or services from us in the future. We will also request this if there are changes in the law, regulation, or the structure of our business.

 

The personal information we hold about you consists of what you share with us, as well as the information we gather when you utilize our services, or from third parties we collaborate with, such as Experian. For further information on the third parties we work with and how we use your personal information, please refer to our Privacy Policy.

 

We also collect statistics regarding email openings and clicks, using industry-standard technologies to assist us in monitoring and enhancing our email communications.

 

We will not send unsolicited one-to-one (direct) marketing emails and/or SMS communications unless they adhere to the regulations set forth by the General Data Protection Regulations (GDPR), the Maltese Data Protection Act, Regulation (EU) 2016/679, and related guidance.

 

Specifically, our commitment to you includes the following:

  1. We will always require you to actively opt-in to receive electronic direct marketing messages. This excludes situations where we are contacting you regarding marketing for our own similar products during a sale or when you are establishing an ‘Appliance Hub’ account, at which point we provided you with the option to opt-out when you submitted your details.
  2. Our store and contact center staff will always inform you about any further use of your contact details for direct marketing at the time of your purchase.
  3. We will provide you with options regarding how you would like to receive marketing communications from us, including email or text message.
  4. We will ensure that the products or services we are marketing are the same or similar to those for which you initially consented to receive marketing.
  5. We will ask for your consent to share your details with third parties for their own marketing purposes, and we will identify those individual companies when we seek your consent.
  6. We will record when and how we obtained your marketing consent, as well as what it specifically covers.
  7. We will ensure that the language we use when you give your consent is clear and easily understandable, and that it is clearly distinguishable from any other matters, including other Terms & Conditions.
  8. We will avoid using confusing language in our marketing communications, including double negatives, technical or legal jargon, and confusing terminology or inconsistent language.
  9. For telephone and postal marketing communications, we will check your name and contact details against the Telephone & Mail Preference Service.
  10. We will always provide you with the option to opt-out of direct marketing at the time we collect your contact details and in every subsequent communication by clicking on the unsubscribe link.
  11. We will ensure that we promptly (and always within 28 days) remove you from our marketing activities upon your request. We will provide a simple, easily accessible, and free-of-charge method for you to withdraw your consent.
  12. We will maintain an internal suppression file listing the names and contact details of customers who have indicated they do not wish to receive marketing communications through all or certain means of communication.
  13. We will rely on the legitimate interests of the business (as an alternative to explicit consent) when we conduct postal marketing, undertake live outbound phone sales, or when we contact our business customers. We will include information in our telephone scripts and all postal marketing materials on how to opt out of receiving such marketing.
  14.  We will screen information to remove records of deceased individuals so that they are not included in marketing efforts.
  15. We will not send you any direct marketing if you have not contacted us or made a purchase within the past three years.
  16. We have procedures in place to address inaccuracies and complaints.
  17. We will fully cooperate with any investigation by the Information Commissioners Office (ICO) concerning our direct marketing activities.
  18. We may remove you from direct marketing if we believe that doing so could cause you financial harm or distress.

Bought in Lists
We will only utilize bought-in lists for texts, emails, or recorded calls where we have evidence of opt-in consent that specifically names us.

 

  1. We will use the information on these lists solely for marketing purposes.
  2. We will delete any irrelevant or excessive personal information.
  3. We will check the names on bougfht-in lists against our own records of customers who have indicated they do not wish to receive our calls, texts, or emails.
  4. We will conduct small sampling exercises to evaluate the reliability of the information on the lists.
  5. When marketing via post or email, we will include TripleA’s address and telephone number in the content.
  6. We will always inform customers of where we obtained their details.
  7. We will provide you with a link to our Privacy Policy.
  8. We will conduct adequate due diligence when we initially select information suppliers and during our ongoing collaboration with them to ensure they have obtained and used personal information fairly.
  9. We will ensure that appropriate contractual terms are in place, requiring information suppliers to verify that personal information was obtained and provided fairly and in accordance with the requirements of GDPR.
  10. We will take all necessary steps to ensure that the information has been properly sourced, permissioned, and cleaned. We will ensure that sufficient due diligence is conducted, and contractual agreements are established with personal information suppliers.