Privacy Notice

Our Organization collects the following data:

Personal identification information:

• Email address

Registration/Login information:

• Email address
• Password

Locality issue related information:

• Issue category: water, street, vehicle, electricity, garbage, animal
• Issue locality
• Issue description
• Images of the issue being reported

Device Specifications

• Operating Software - collected in the event of software related errors

How do We collect this data?

You directly provide Us with all the data We collect. We collect data and process data when you:

• Register an account within the CityWatch application
• Login to your account
• Submit an issue within the CityWatch application
• Change your personal data

How will We use this data?

Our organization collects this data so that we can:

• Ensure you are a real user
• Allow you to manage your account (change password, find account if forgotten)
• Know where to send responses with regards to issues submitted by you
• Provide local councils with the means to read the data created and transmitted by you and with the means to manage said data (not including personal data)

How do we store your data?

Our organization securely stores your data using a cloud server database. Your data is password protected on the Organization’s database and is accessible by authorized staff members only. All data transmitted to the Organization (personal or not) is passed through an encrypted stream and is non-human readable during transmission. Passwords undergo a cryptographic procedure to be stored in the database in a secure manner. This procedure is known as hashing and once hashed; passwords are converted into non-human-readable strings of characters. As such, passwords can only be compared and never recovered.

Our Organization will keep your data until either of two conditions have been met:

1. You provide digital consent through in-app functionality to delete your account. In this case your email and password data will be deleted with immediate effect. Emails tied to submitted issues will be deleted within 30 days of account deletion.
2. The organization stops providing this service. In this case your email and password data will be deleted within two months of service termination.

Your data will be deleted by being purged from Our database and backup storage. Issue related data will never be deleted unless authorization for deletion is provided from an authorized member of the Organization’s staff. If your account is deleted, any email address tied with an issue submitted by you will be deleted within 30 days BUT the removal of issue related data is at the discretion of the Organization.

Marketing

Your personal information will not be used for marketing purposes. Should this change:

• The privacy notice will be appropriately updated
• You will be duly notified
• Only upon confirmation from you will marketing services be activated

DISCLOSURES OF YOUR PERSONAL DATA

We have to share your personal data with service providers acting as processors based in Malta and Germany who provide system administration services and hosting. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

INTERNATIONAL TRANSFERS

We do not transfer your personal data outside the European Economic Area (EEA).

What are your data protection rights?

Our Organization would like to make sure you are fully aware of all your data protection rights. Every user is entitled to the following:

The right to access - You have the right to request the Organization for copies of your personal data. Your first request will be processed free of charge however we may charge you a small fee for any additional request of this service.

The right to rectification - You have the right to request that the Organization correct any information you believe is inaccurate. You also have the right to request the Organization complete information you believe is incomplete.

The right to erasure - You have the right to request that the Organization erase your personal data, under certain conditions and when We do not have a legal reason to continue to process and hold it.

The right to restrict processing - You have the right to request that the Organization restrict the processing of your personal data, under certain conditions.

The right to object to processing - You have the right to object to the Organization's processing of your personal data, under certain conditions.

The right to data portability - You have the right to request that the Organization transfer the data that we have collected to another Organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact Us on our:

Email: dataprotection@citywatchmalta.com.

Or alternatively contact the relative Local Council by sending an email to the relative address stipulated in Schedule 1.

You also have the right to complain to the supervisory authority if you feel that we have not responded to your requests to solve a problem. The supervisory authority in Malta is the Office of the Information and Data Protection Commissioner (IDPC) which is at Floor 2, Airways House, Triq il-Kbira, Tas-Sliema and can be reached on 2328 7100.

Changes to this Privacy Notice

The Organization keeps this Privacy Notice under regular review and places any updates on this web page. This Privacy Notice was last updated on 16 April 2021.

How to contact us

If you have any questions about this Privacy Notice, the data We hold on you, or you would like to exercise one of your data protections rights, please do not hesitate to contact Us at dataprotection@citywatchmalta.com or alternatively the respective local council listed in Schedule 1.

Schedule 1

This schedule will list the enrolled Maltese Local Councils. Each Local Council listed received the data you send to us depending on the location in which your data is recorded.

• Swieqi Local Council: dataprotection.swieqi@gov.mt