1. Introduction

At 1 st Step Solution Ltd we are committed to protecting and respecting your privacy.

This Privacy Notice (“Notice”) relates to the services provided by 1 st Step Solution Ltd (“us”, “we”, “our”), a limited liability company registered in the Republic of Malta, bearing company registration number C-28388 and having its registered office at Block 19, Office 18, Vincenti Buildings, Strait Street, Valletta, VLT 1432, Malta.

This Notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. Please read the following carefully to understand you rights and our obligations in relation to the processing of your personal data.

Any changes we may make to our Privacy Notice in the future will be posted on this page. We continually review and update this Privacy Notice to reflect changes in our services as well as to comply with changes in Data Protection and Privacy Laws. We would, therefore, encourage you to review this Notice on a regular basis.

2. Who are we?

For legal purposes, 1 st Step Solutions Ltd is the Data Controller. We are responsible for deciding how to hold and use the personal information collected from you.

Our contact Details are as follows:
i. E-mail Address: info@1step.eu
ii. Telephone Number: +356 21224847

3. Who does this Privacy Notice apply to?

This Notice relates to the collection and use of the personal data of individuals. It does not apply to information we collect or use in relation to companies or other organizations.

It is intended that this Privacy Notice applies to the following data subjects:

4. How do we collect personal data?

We collect personal data when:

  1. You visit and make use of our website;
  2. You choose to engage us as your Service Provider to provide you with one or more of our various services (the “Services”) and complete our letter of engagement. By engaging us to provide you with our Services, you enter into a contractual relationship with 1 st Step Solutions Ltd;
  3. You fill in any of the online forms or questionnaires available on our website;
  4. You create an account on our website;
  5. When you communicate with us by post, phone, email or otherwise or during face-to-face meetings;

5. Applicable Laws

Since we are established in Malta, the privacy laws that we must abide by are the following:

  1. The Data Protection Act, Chapter 586 of the Laws of Malta;
  2. The General Data Protection Regulation (the “GDPR”), Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC.

6. What personal data do we process?

We may collect and process the following data about you:

I. Identification and contact data

This would include your title, name, surname, date of birth, and contact details such as your email address, your home address and your mobile number.

II. Compliance Data

This would include, apart from the identification and contact data, your passport, identity card, proof of address such as a utility bill, reference letters from the bank, and financial status information such as source of wealth and bank statements and other related documentation.

III. Payment Information

This would include transaction records of payments made in connection with your customer account and details of your bank account or credit or debit card in order to process payments

IV. Website Tracking Information

This means details of transactions you carry out through our website and details of your visits to our website. We may automatically collect technical data about your equipment, browsing actions and patterns. We may collect this personal data by using cookies, server logs and other similar technologies. Further details are in the section entitled “Website and Cookies Privacy Notice”.

V. Publicly available sources

We may receive personal data about you from third parties and/or publicly available sources.

7. How we use your personal data

Irrespective of the manner in which we have collected your personal data, we will only process such data for the purposes of the provision of services to you and purposes which are inherently related thereto, including the fulfillment of any legal obligation imposed upon us.

8. We process your personal data on the following legal bases:

We will ensure that we have additional grounds for processing your personal data if processing of special categories becomes envisaged. Note that special categories of personal data include data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric or health data, sexual orientation and data related criminal convictions and offenses.

9. Who will see your data?

The recipients of your personal data may be any of the following:

10.Data Retention

In accordance with the GDPR, we shall retain your personal data for as long as necessary to fulfil the purposes for which we collected it and may retain it thereafter for the purpose of abiding by any legal, auditing, tax and/or other regulatory obligations to which we may be subject.

Our retention of your personal data shall however not exceed the period of ten (10) years from when you cease to be our client and your file is closed, in order to comply with various reporting and/or anti-money laundering obligations. Thereafter, your personal data shall be immediately and irrevocably destroyed.

There may be circumstances where 1 st Step Solution Ltd has a legitimate interest to retain your data for longer periods. This includes circumstances where your data and file is required for existing/ongoing legal proceedings.

11. Data security

At 1 st Step Solution Ltd we are committed to keeping your data secure and we shall adopt appropriate technical and organizational measures to protect against any unauthorized or unlawful processing, including accidental loss, destruction, storage or access.

If a personal data breach occurs, we will inform affected data subjects of the occurrence of the breach in accordance with the law.

12. Your Rights under the GDPR

You have certain rights in relation to your personal data including:

13. Subject Access Requests

Individuals can make a formal written request for information we hold about them by sending an e-mail with the subject ‘Data Subject Access Request’ on info@1step.eu.

You can also contact us simply if you wish to discuss our handling of your personal data.