The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap 440) regulate the processing of personal data whether held electronically or in manual form. The BICC is set to fully comply with the Data Protection Principles as set out in such data protection legislation.
Purposes for collecting data
The BICC collects and processes
information to carry out its obligations in accordance with motion no. 74 of
1997. All data is collected and
processed in accordance with the General Data Protection Regulation (GDPR) and
the Data Protection Act CAP586.
Recipients
of data
Personal Information connected to these
processes is accessed by the employees who are assigned to carry out the
functions of the BICC. Personal Data will be disclosed to employers
and/or training providers subject to consent. Disclosure can also be made to third parties
but only
as authorized by law.
Your
rights
You are entitled to know, free of charge,
what type of information the BICC holds and processes about you and why, who
has access to it, how it is held and kept up to date, for how long it is kept,
and what the Unit is doing to comply with data
protection
legislation.
The GDPR establishes a formal procedure
for dealing with data subject access requests.
All data subjects have the right to access any personal information kept
about them by the BICC, either on computer or in manual files. Requests for
access to personal information by data subjects are to be made in writing and sent
to the Chairman of the BICC. Your
identification details such as ID number, name and surname have to be submitted
with the request for access. In case we
encounter identification difficulties, you may be required to present an
identification document.
The BICC aims to comply as quickly as
possible with requests for access to personal information and will ensure that
it is provided within a reasonable timeframe and in any
case not later than one month from receipt of request, unless there is good reason
for delay. When a request for access cannot be met within a reasonable time,
the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data
subject will be informed accordingly.
All data subjects have the right to request
that their information is amended, erased or not used in the event the data
results to be incorrect.
In
case you are not satisfied with the outcome of your access request,
you may refer a complaint to the Information and Data Protection Commissioner,
whose contact details are provided below.
Retention Policy
Your
personal data is collected through GDPR2016/6/79 (EU & DP ACT).
The
following schedule outlines the retention requirements for the various
categories of documentation within the BICC.
Category
of Document
|
Retention
Period
|
Justification
|
Skill
Card
|
5
years
|
Renewal
every 5 years
|
Courses
|
Online
Applications – Data through MITA’s database
|
-
|
|
Non-online
Applications – data retained for 10 years
|
In
accordance to law
|
Data
that needs to be destroyed after the noted timeframes will be disposed of in an
efficient manner ensuring that such information is no longer available within
the BICC.
The
BICC Chairman may be
contacted at:
36,
Old Mint Street, Valletta
Telephone: +356 2247 9300
Email:
info.bicc@gov.mt
The
Information and Data Protection Commissioner
The
Information and Data Protection Commissioner may be contacted at:
Level 2, Airways
House,
High Street,
Sliema SLM 1549
Telephone: 23287100
Email: idpc.info@gov.mt