Privacy Policy

Applicable to use of the IFSP website, participation in IFSP organised online events, IFSP membership and use of IFSP services

The Institute of Financial Services Practitioners (IFSP) believes the privacy and confidentiality of an individual’s personal data is important. We provide the following updated privacy policy (the “Privacy Policy”) in order to demonstrate our firm commitment to privacy.

References to “data controller”, “data subject”, “personal data”, “process”, “processed”, “processing” and “Data Protection Officer” in this Privacy Policy have the meanings set out in, and will be interpreted in accordance with applicable laws, including but not limited to the General Data Protection Regulation (EU) 2016/679 (‘GDPR’) and the Data Protection Act, Chapter 586 of the Laws of Malta and subsidiary legislation thereto, as may be amended from time to time.

1.       Controller Details

For the purposes of the GDPR, the Institute of Financial Services Practitioners (hereinafter referred to as the “IFSP” “we”, “us” or “our” in this Privacy Policy) is the Data Controller.

The IFSP is an organisation for accountants having a legal personality according to the provisions of the Second Schedule to the Civil Code, having its address at Garrison Chapel, Castille Place, Valletta VLT1063, Malta.

If you have any questions about this Privacy Policy, including concerns about your personal data or our data collection practices, please feel free to contact us by post on the abovementioned address or by email at You may also wish to contact us by telephone on 25696312. IFSP’s Data Protection Officer is Simon Gatt who may be contacted by email at

2.       Personal Data

The term “personal data” refers to all personally identifiable information about the data subject which includes all the information provided to us in event registration forms, service requests, membership forms and all information which may arise that can identify an individual personally, including information of third parties provided to us by a company or other corporate entity registering on behalf of a participant(s).

The personal data that the IFSP collects about the participant is the data voluntarily provided to us for event registration, membership, or service access purposes. The IFSP collects personal information to fulfil its role as a professional representative body. As we perform various different functions and activities to service the needs of its members, registered students and other non-member users, the personal information requested and collected will vary depending on your group.

We typically collect the following categories of data:

  1. Identification Data and other Contact Data: such as name(s), surname(s), identity card number, date and place of birth, nationality, residential address, and e-mail address, telephone numbers or any similar contact information available;
  2. Student/Professional/Other User Data: such as student or employment details, educational qualifications, work history, current employment and position;
  3. Registration Data on courses and other events: such as information connected to training, event records, attendance records for courses and events and subscription information with respect to journals, reports and newsletters issued by the IFSP;
  4. Further Data: such as certificates, or information requests received from legal bodies, such as the Malta Financial Services Authority, government authorities or regulators; or
  5. Transaction Data and Transaction Information: bank account and credit card details or details of payments, statements, incoming and outgoing payments.

We only collect information, including personal data that we believe to be relevant and required for the IFSP to carry out its functions and activities and to conduct its business as required by law and regulatory obligations.

3.       Third Party Data

Where you provide us with personally identifiable information relating to other people, such as your directors, officers, employees, advisors or other related persons, you shall be solely responsible for making sure that the provision of such data by you to the IFSP fully complies with applicable data protection law and the relevant person in regard to whom the data relates has been provided with the necessary information at law regarding the IFSP’s processing of his personal data and where necessary you will obtain the data subject’s consent to our use of their information.

Any information notices, consents or other applicable requirements that may be required to be fulfilled for the provision of third party data to us shall be borne solely by you and you hereby fully indemnify the IFSP and shall render the IFSP completely harmless against all costs, damages or liability of whatsoever nature resulting from any claims or litigation (instituted or threatened) by any third party against the IFSP as a result of the provision of any third party personal data by you to the IFSP.

4.       Legal Basis of Processing

The IFSP’s legal basis for processing personal data provided will vary from activity to activity. In some instances, processing may have more than one lawful basis. The following information below summarises the basis on which we process personal information:

  1. For the purposes of performing our contract with you, such as effecting registration with the IFSP for any course or events, our sponsorship or joint collaboration agreements, or in anticipation of you becoming a member or student of IFSP;
  2. Where we have a legitimate interest in using it, such as for day to day operational and business purposes;
  3. For compliance with our legal or regulatory obligations; and
  4. Where required, and where you have given your consent to use your personal data for a particular purpose, including Marketing consent.


5.       Purposes of Processing

Typically, the IFSP will process your personal data for the following purposes:

  1. Enrolling you as a member of the IFSP;
  2. Registering you as a student member of the IFSP;
  3. Registering you as a user of the IFSP’s services;
  4. Creating and providing access to an online account via our website;
  5. Registering you to attend a training course or other event organised by us and maintaining records of declarations;
  6. Registering you as a speaker;
  7. Communicating with you about your IFSP account, including process payments, membership dues, or registration fees;
  8. Providing you with, products, services, or information you have requested from us or which are offered by IFSP and/or its business partners;
  9. Keeping you updated and providing notices or advertisements, circulars, agendas that are consistent with IFSP’s organisational purpose;
  10. To request your participation in IFSP or third party surveys or other initiatives;
  11. Monitoring your performance on courses and events and assisting you in the tracking of your progress; or
  12. Providing marketing information about the IFSP’s services as well as news, events, and other information connected thereto.


6.       How we collect your personal data

The use for which your personal information is requested and collected will vary depending on your group. Typically, the IFSP will collect personal data in the manners outlined below:

  1. By email, or by written correspondence, on hard copy forms (such event registration forms, sponsorship or membership forms employed by the IFSP);
  2. When you post a query, submission, complaint, request subscription or registration, effect a payment transaction or otherwise contact us through our website;
  3. When you contact us voluntarily in other circumstances such as when seeking to attend an IFSP organised or sponsored event or function; or
  4. electronic systems such as online registration forms and webinars.

Generally, you would have provided your personal data to the IFSP directly. However, in some instances, we may collect personal data about you from third party sources, such as educational providers, online searches or from public registers including professional associations. Third parties such as regulators or service providers of the IFSP may also have provided your personal data to us.


7.       Marketing

From time to time IFSP would also like to contact non-member users about its products and services, promotional offers, marketing as well as information in relation to the products and services provided by third parties (“Marketing”). Marketing will be carried out primarily through the circulation of e-mails or by phone. Other means of communication may also be used, however the IFSP shall always seek your prior written consent.

You may withdraw consent to the processing of personal data for Marketing purposes at any time by sending us an e-mail on: Alternatively, you may unsubscribe to such communications by clicking the “Unsubscribe” link contained in the footer of any Marketing email you will receive from us.

However, please note withdrawal of consent for Marketing communication does not affect the lawfulness of the processing of personal data based on such consent prior to its withdrawal.


8.       Recipients

The recipients of the personal data are:
·         selected individuals within the Institute;
·         IFSP’s affiliates; and
·         third parties to whom disclosure may be required as a result of legal obligations imposed on the IFSP.

The IFSP’s recipients of personal data are located within the EU.


9.       Sharing your Information

We will not share any of your personal data with third parties without your permission, except where this is strictly required for us to provide you with a service you have engaged us to provide or where we are obliged to do so in terms of our legal or regulatory obligations.

If we ever have to share your personal data with an entity outside the EU, we will do so in accordance with the requirements of the GDPR and any other applicable law.


10.   Processing Requirement

The processing of personal data is not a statutory requirement: it is a requirement in order to complete registration to events or to provide services. Failure to provide personal data impedes us from being in a position to conclude registration for the participant.


11.   Automated Decision-Making and Profiling

Your personal data will not be used for any automated decision-making or profiling.


12.   Data Retention

Information will be retained for no longer than is necessary for the purpose for which it was obtained by us, or as required or permitted for legal and regulatory purposes, and for legitimate business purposes. In certain circumstances, where required by law or applicable regulations or where the IFSP deems it necessary for our legitimate business, regulatory and / or legal purposes, we may hold the data for a longer or shorter period.

As a general rule we will retain your personal data as long as you remain a member, or until you ask us to stop communicating with you, unless we have a valid reason to keep the information for a longer time.


13.   Data Security

We take the security of your personal data very seriously and have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, so as to safeguard its integrity and confidentiality.

The security measures we have implemented to ensure safe transmission and storage of personal data include:

  • Use of secure servers;
  • Use of firewalls;
  • Information access controls;
  • Use of back-up systems.

We also regularly review and, where practicable, improve upon these security measures.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

While we do our utmost to safeguard your personal data, no data transmission over the internet can be totally secure and therefore we cannot guarantee or warrant that no unauthorised access will occur.


14.   Cookies

As is common practice with almost all professional websites this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or ‘break’ certain elements of the site’s functionality.

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore, it is recommended that you do not disable cookies.

This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content. For more information on Google Analytics cookies, see the official Google Analytics page.


15.   Rights

For as long as we hold personal data about an individual, that individual may (where applicable):

  1. request access to and rectification of personal data where incomplete or inaccurate;
  2. request erasure of his personal data;
  3. object to the processing of his personal data;
  4. request provision of his personal data in a structured, commonly used and machine-readable format; and
  5. request transmission to himself or another controller indicated by the individual.

Please note that your rights are not absolute.


16.   Complaints

IFSP and its Data Protection Officer may be contacted on complaints regarding the processing of personal data at the details indicated above. You also have the right to lodge a complaint with the Office of the Information and Data Protection Commissioner in Malta:

Information and Data Protection Commissioner

Level 2, Airways House

High Street

Sliema SLM 1549


Tel: (+356) 2328 7100



17.   Links to other Sites.

Users will find advertising or other content on the IFSP website that enable linking to the sites of the IFSP advertisers, sponsors and other third parties. These third-party sites may have their own privacy policies or no policy at all. The IFSP Privacy Policy does not apply to such other sites. The IFSP has no control over the content displayed on such sites, nor over the measures, if any, that are taken by such sites to protect the privacy of your information.


18.   Changes to this Privacy Policy

We may update this Policy from time to time and we will replace this policy with an updated version. It is your responsibility to access the ‘Privacy Policy’ page frequently so that you will be aware of any changes that may be implemented by us from time to time.


19. Law and Jurisdiction

This Policy shall be governed by Maltese Law. Any dispute arising from, or related to, such Policy shall be subject to the non-exclusive jurisdiction of the courts of Malta.