Privacy Policy

Introduction

At MALTA TENNIS & PADEL FEDERATION (“as National Association”), your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you register as a member of the Malta Tennis & Padel Federation. By submitting your registration, you agree to the terms outlined in this Privacy Policy.

Who We Are

The controller of your personal data is the Malta Tennis & Padel Federation, having its registered address at National Tennis Centre, Triq Martin Luther King, Pembroke PBK1990, Malta. Should you wish to contact us for any reason with respect to our processing of your personal data, you may do so via email to [email protected]

Information We Collect

When you register for membership or participate in events, we may collect the following types of personal information:

  1. Contact Information: Full name, email address, phone number, and address.
  2. Demographic Information: Date of birth, nationality, and gender.
  3. Membership Details: Membership category, playing history, emergency contact information, and any certifications or qualifications (e.g., coaching licenses).
  4. Payment Information: Credit card or bank details for processing fees and payments.
  5. Health Information: Relevant medical conditions to ensure safety during activities (optional and based on explicit consent).
  6. Professional Information: For registered professionals, coaching certifications or qualifications.

With the exception of the information referred to in point 5 above, the provision of the above-listed personal data is a necessary requirement in order to become a member of the National Association.

How We Use Your Information

We collect and process your personal data to:

  1. Facilitate membership applications and renewals.
  2. Manage national rankings, scheduling, and player profiles.
  3. Communicate with members about association updates, events, or competitions.
  4. Process payments for memberships, tournaments, and other activities.
  5. Ensure safety and compliance during events and training.
  6. Fulfil regulatory or legal obligations.

Legal Bases for the Processing of Your Personal Data

We collect and process your personal data on the basis of necessity for:

  • Our legitimate interest to manage memberships within our association and organise tournaments and other activities for our members; 
  • The performance of our contract with you, namely the membership terms of the National Association; 
  • Compliance with any legal obligation to which we may be subject; and/or
  • Your explicit consent, in the case of health information about you as described above. 

Disclosure of Your Information

We may share your information:

  1. With service providers: Third-party processors for payment handling, scheduling, communication, and data management (bound by confidentiality agreements).
  2. With other members or entities: Where necessary for tournament draws, rankings, or coordination purposes.
  3. With authorities: To comply with legal obligations, such as anti-doping or safeguarding requirements.
  4. With your consent: When necessary to fulfil your specific requests or agreements.

We do not sell, lease, or trade your personal data to third parties.

Data Retention

We retain your data for as long as necessary to fulfil the purposes outlined in this policy or as required by law. If you cease membership or request deletion, your data will be removed within one (1) month unless required for legal or regulatory compliance, in which case we would retain your data for as long as necessary in order to comply with any applicable legal or regulatory requirements.

Security Measures

We use appropriate technical and organizational measures to safeguard your personal data against unauthorized access, disclosure, alteration, and destruction. These include secure databases, encrypted transactions, and restricted access.

Your Rights

You have the right to:

  1. Access your personal data.
  2. Request correction of inaccurate or incomplete data.
  3. Request deletion of data (subject to legal and operational limitations).
  4. Request the restriction of the processing of your personal data (in cases explicitly provided for by law).
  5. Request that we provide you with personal data which we hold about you in a structured, commonly used and machine-readable format (except where such personal data was provided to us in handwritten format, in which case, upon your request, such personal data will be provided to you in such handwritten format).
  6. Request that we transmit the personal data which we hold about you to a third-party controller indicated by you (where technically feasible).
  7. Object to the processing of your personal data where we are relying on our legitimate interests (or those of a third party) for such processing.
  8. Object to a decision taken solely on the basis of automated processing, including profiling, which has an impact on you or significantly affects you.
  9. Withdraw consent for processing where consent is required, which withdrawal would not affect the lawfulness of the processing carried out prior to such withdrawal.
  10. Lodge a complaint with the relevant data protection authority.

To exercise your rights, contact us at [email protected]

Updates to This Policy

We may update this Privacy Policy periodically. Updates will be communicated through our website or directly via email to members.

Data Protection Policy

Purpose

This Data Protection Policy outlines how the Malta Tennis & Padel Federation protects personal data and ensures compliance with data protection regulations.

Principles of Data Protection

We adhere to the following principles:

  1. Lawfulness, fairness, and transparency: We process personal data lawfully and transparently.
  2. Purpose limitation: Data is collected for specified, explicit, and legitimate purposes.
  3. Data minimization: We only collect data necessary for the intended purposes.
  4. Accuracy: We ensure that data is accurate and up-to-date.
  5. Storage limitation: We do not store data longer than necessary.
  6. Security: Data is protected against unauthorized access and breaches.

Responsibilities

  1. The Data Protection Officer is responsible for ensuring compliance with this policy.
  2. All staff, contractors, and volunteers who handle personal data must adhere to this policy and undergo regular training.

Data Security Measures

We implement the following security measures:

  1. Password-protected databases and encryption for sensitive information.
  2. Secure online payment gateways with anti-fraud protections.
  3. Regular data backups and system updates.
  4. Access controls to ensure only authorized personnel access data.

Data Breach Policy

In the event of a data breach:

  1. We will contain the breach and mitigate potential harm.
  2. Notify the appropriate regulatory authorities within 72 hours if required by law.
  3. Inform affected individuals promptly and provide guidance on safeguarding their information.

Training and Awareness

All staff, contractors, and volunteers are required to complete regular training on data protection laws and best practices. Awareness campaigns ensure all stakeholders are informed of their roles in protecting data.

Review of Policy

This policy will be reviewed annually or in response to changes in regulations or operational processes.

For more information or to raise a concern about how your data is handled, contact us at [email protected]