Artio is committed to protecting the privacy and protection of data of our clients, partners, employees and all other persons in respect to whom personal data has been or may be collected (hereinafter the “Data Subjects”). Artio will only collect personal data in a lawful, fair and transparent manner, limited to the purposes for which it has been collected, keeping accurate and up-to-date as much as possible, whilst ensuring secure storage, integrity and confidentiality of the personal data collected.

All data is collected and processed in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), Data Protection Act 2001 (the “Act”) and other subsidiary legislation (collectively referred to as “Data Protection Laws”.

Personal data refers to all personally identifiable information about you, such as your name, surname and address, and includes all information which may arise that can be identified with you personally.

What are the purposes of this Privacy Policy (the “Policy”)?

This Policy sets out the following:

• What personal data we collect and process about you in connection with your relationship with us as;

• Where we obtain the data from;

• What we do with that data;

• How we store the data;

• Who we transfer/disclose that data to;

• How we deal with your data protection rights;

• And how we comply with the data protection rules.

• All personal data is collected and processed in accordance with the Data Protection Laws.

Data Controllers

“Artio” (referred to as “we”, “us”, “our” or the “Company” in this policy) refers collectively to Artio Corporate Services Limited (C 56930) and Artio Trustees Limited (C 58395) of Suite 4, Level 2, Parklane Business Centre, Mountbatten Street, Hamrun, HMR1556, Malta. Artio is the “data controller” of all personal data that is collected by Artio for the purposes of the Data Protection Laws.

What personal data we collect

The personal data we typically collect and process are:

• The personal data that we collect for the fulfilment of our client engagement procedures and any documents or information which you may be required to supply to us for such purposes;

• Personal data that we may process as a result of legal obligations imposed on us;

Your identity details such as your name, surname, employer, title, position, and status;

• Copies of your identification documents, source of funds and source of wealth;

• Your contact information such as your email address, physical address and telephone numbers;

• Your bank account details and other financial information;

• Any information you provide to us when posting a query, complaint or observation through our website

• Information you provide to us for the purposes of attending meetings or events;

• Personal data provided to us by, on behalf of or in relation to our clients, business partners, service providers and employees;

• Any personal data lawfully generated by us in the course of executing our client’s instructions; and

• Any personal data which you may voluntarily provide to us.

Uses of personal data

Your data may be used for the following purposes:

• Providing our services to you or to our clients;

• Complying with our legal and regulatory obligations, in particular our legal and regulatory obligations with respect to anti-money laundering and combating the funding of terrorism;

• Conflict check purposes;

• Managing our relationship with you or your company, including for billing and debt collection purposes;

• Securing access to our offices;

• The purpose of a legitimate interest pursued by us or by a third party, provided such interest is not overridden by your interests, fundamental rights and freedoms;

• The purposes you would have requested when providing us your personal data; and

• Keeping you updated with updates, news, and events organised by the firm where it is in our legitimate interests to do so.

We may also process your personal data for one or more of the following purposes:

• To comply with a legal obligation;

• You have consented to us using your personal data;

• To protect your vital interests or those of another person (e.g. medical emergency);

• It is in our legitimate interests in operating as a number of fitness centres in Malta.

We will not retain your data for longer than is necessary to fulfil the purpose it is being processed for. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means. We must also consider periods for which we might need to retain personal data in order to meet our legal and regulatory obligations or to deal with complaints, regulatory demands queries and to protect our legal rights in the event of a claim being made.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimise over time the personal data that we use, and if we can anonymise your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.


We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction, breach or damage.

Cookies Policy

The Website site uses cookies to enable us to improve our service to you and to provide certain features that you may find useful. This may include cookies of media and advertising partners that are being placed on your machine when visiting our Website. Please visit our partners’ websites for information on their privacy and cookie policy.

Cookies are small text files that are transferred to your computer’s hard drive through your web browser to enable us to recognise your browser and help us to track visitors to our site; thus enabling us to understand better the products and services that will be most suitable to you. A cookie contains your contact information and information to allow us to identify your computer. Most Web browsers automatically accept cookies, but, if you wish, you can change these browser settings by accepting, rejecting and deleting cookies. The “help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you choose to change these settings, you may find that certain functions and features will not work as intended. The cookies we use do not detect any information stored on your computers.

For more information about cookies and how to stop cookies being installed visit the following website:

Sharing of Personal Data

We will not share your personal data with any third parties, unless such sharing is required by law or expressly consented by you.


Your personal data will not be used for any decision solely taken on the basis of automated decision-making processes, including profiling, without human intervention.

We use systems which could profile you. Such systems are used by us exclusively to help us comply with legal obligations imposed on us as a result of prevention of money laundering and combating the funding of terrorism legislation. As stated, no automated-decision will result from our use of such systems.

Data Protection Contact Person

Artio does not fulfil the requirements for the appointment of a Data Protection Officer as contemplated by Article 37(1) of the GDPR. In order to comply with the spirit of the Data Protection Laws, the Company has designated Dr. Adrian Cutajar as the Company’s Data Protection Contact Person. Any notification to be sent under this Policy to the Company shall be sent to Dr. Adrian Cutajar on the following email address: or by mail to his attention on:


Level 2, The Forum, Constitution Street, Mosta, MST 9051, Malta

Tel: +356 21227974

Your data protection rights

As long as we retain your personal data, you shall enjoy the following rights:

Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.

Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

Object to processing of your personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.

Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.

Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

If you want to exercise any of these rights, then please submit a notification in writing to the Company’s Data Protection Contact Person as set out above.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Changes to Data Protection Policy

This Policy may change from time to time and any changes thereto will be communicated to you by way of a notice on the Website.

Vers. dated 25 May 2018