SpinCore Group – Malta
Version 1.1 – 16/12/2025
- Introduction
SpinCore Group (“SpinCore Group”, “we”, “us”, “our”) is committed to safeguarding your personal data and ensuring compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Maltese Data Protection Act (Cap. 586).
This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, interact with us, or engage with any of the companies within the SpinCore Group.
- Data Controller
SpinCore Group
6 The Fort Level 3 Hardrocks Business Park, Triq Burmarrad, NXR 6345, Malta
Email: privacy@spincoregroup.com
Telephone: +356 2034 1100
Company Registration Number: 864230813
SpinCore Group acts as the primary Data Controller for data processed through this website and may act as Joint Controller.
- Data Protection Officer (DPO)
SpinCore Group has appointed a Data Protection Officer to oversee compliance:
Data Protection Officer
Email: dpo@spincoregroup.com
- Personal Data We Collect
We may collect the following categories of personal data:
4.1 Data collected automatically
IP address
Browser type and version
Device identifiers
Cookie data (see Section 11)
Log files and performance metrics
4.2 Data you provide directly
Name and contact details
Email address (e.g., through contact forms)
Information submitted during recruitment processes
Business correspondence
4.3 Data received from group entities
SpinCore Group may receive personal data from other brands or subsidiaries within the SpinCore Group for administrative, operational, or compliance purposes.
- Purposes and Legal Bases for Processing
Purpose Legal Basis
Operating and securing the website Legitimate interest (Art. 6(1)(f) GDPR)
Responding to inquiries or contact requests Legitimate interest / Contract (Art. 6(1)(b),(f))
Improving website functionality and performance Consent (for analytics cookies) / Legitimate interest
Recruitment and HR processing Contract / Legal obligation
Internal group administration Legitimate interest
Security, monitoring and fraud prevention Legitimate interest
Legal and regulatory compliance Legal obligation (Art. 6(1)(c))
- Sharing of Personal Data
We may share personal data with:
Other companies within the SpinCore Group
IT and hosting service providers (including Cloudflare and GoDaddy)
Consultants or legal advisors
Regulators and public authorities when legally required
SpinCore Group
- International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), SpinCore Group ensures adequate safeguards:
Standard Contractual Clauses (SCCs)
Adequacy decisions
Appropriate technical and organizational measures
- Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Web server logs are retained for up to 12 months, contact form submissions for up to 24 months, and recruitment data for up to 12 months unless a longer retention period is agreed upon. Internal administrative data is retained in accordance with applicable legal and regulatory requirements.
- Your Rights Under GDPR
You may exercise the following rights:
Right of access
Right to rectification
Right to erasure
Right to restrict processing
Right to data portability
Right to object
Right to withdraw consent
Right to lodge a complaint with the Maltese Information and Data Protection Commissioner (IDPC)
To exercise your rights, contact privacy@spincoregroup.com
- Security Measures
SpinCore Group utilizes appropriate technical and organizational measures, including:
Encryption and secure connections (HTTPS)
Access controls
Logging and monitoring
Protection against unauthorized access
Incident response procedures
- Cookies and Tracking Technologies
SpinCore Group uses cookies to ensure website functionality, improve performance, and enhance user experience. Cookies may be set by our website or by trusted service providers such as Cloudflare and GoDaddy.
Below is the cookie table including the cookies you supplied:
11.1 Necessary Cookies (no consent required)
Cookie | Provider | Purpose | Expiry |
|---|---|---|---|
__cf_bm | Cloudflare (.spincoregroup.com) | Supports Cloudflare Bot Management and protects the site from malicious traffic. | 1 hour |
wpEmojiSettingsSupports | WordPress (spincoregroup.com) | Determines whether the browser supports rendering emojis correctly. | Session |
These cookies are essential for the website to function properly.
11.2 Analytics Cookies (consent required)
Cookie | Provider | Purpose | Expiry |
|---|---|---|---|
_tccl_visitor | GoDaddy (.spincoregroup.com) | Collects anonymized analytics and performance data for site improvement. | 1 year |
_tccl_visit | GoDaddy (.spincoregroup.com) | Tracks site visits for aggregated analytics purposes. | 1 hour |
Analytics cookies only activate with your explicit consent through our cookie banner.
11.3 Other Cookies
Cookie | Provider | Purpose | Expiry |
|---|---|---|---|
_scc_session | .spincoregroup.com | Session-related functionality. Purpose may vary depending on system configuration. | 20 minutes |
This cookie does not fall into the necessary or analytics categories but supports internal session-related processes.
11.4 Cookie Management
You may choose to accept or reject non-essential cookies and can withdraw your consent. Cookie preferences can be managed through the cookie banner or your browser settings. Please note that disabling certain cookies may affect the functionality and performance of the website.
- Updates to This Policy
SpinCore Group may update this Privacy Policy to reflect legal changes or operational developments. Any updates will be published on this page with a revised “Last updated” date.
- Contact
For any questions regarding privacy or data protection, please contact:
SpinCore Group Privacy Office
Email: privacy@spincoregroup.com