Privacy Policy for
Integra Private Wealth

Welcome to the privacy notice of Integra Private Wealth Ltd (Company Registration Number C46966], licensed by the Malta Financial Services Authority as an Investment Services Provider), iFund Solutions Ltd (licensed fund administrator), and Liberty Atlantic Advisors (US expatriate services) (together, "Integra", "we", "us", or "our").

We respect your privacy and commit to protecting your personal data in line with the Data Protection Act (Chapter 586 of the Laws of Malta) and the General Data Protection Regulation (GDPR). This notice explains how we collect, use, and safeguard your data when you use our website (integra-pw.com), engage our services, or contact us.

  • Who We Are

Controller: Integra Private Wealth Ltd (primary controller).
Address: 228, Tower Road, Sliema SLM 1601, Malta.
Email: info@integra-pw.com.
Data Protection Contact: Use the above for queries (mark subject "Data Protection"). Complaints: Information and Data Protection Commissioner (idpc.org.mt).

It is your duty to keep your data current; notify us of changes to ensure service quality.

  • Data We Collect

    Identity Data: Name, DOB, nationality, ID numbers.
    Contact Data: Address, email, phone.
    Financial/Transaction Data: Bank details, portfolio, trading history.
    Compliance Data: Source of wealth/funds, KYC docs (MFSA-required).
    Technical Data: IP address, login info, browser data (via cookies; see Cookie Policy).

We do not collect special category data (e.g., health, politics) unless required for compliance (e.g., PEP status), with explicit safeguards.

  • How We Collect It

Directly: Forms, emails, onboarding docs.
Automatically: Website cookies/analytics (e.g., Squarespace Analytics; opt-out available).
Third parties: Public registries, KYC tools, advisors, banks (for due diligence).

  • How We Use It

We use your personal data for several clearly defined purposes. We use all relevant data (including identity, contact, financial, transaction and compliance data) to onboard you as a client and to provide you with portfolio management and related services; this is necessary to perform our contract with you and to comply with our regulatory obligations, including those imposed by the MFSA. We use compliance and due diligence data (such as KYC information, source of funds and source of wealth) to carry out risk assessment, anti‑money laundering and counter‑terrorist financing checks, which we are legally required to perform. We use technical and transaction data to provide you with secure access to our platforms, to maintain the integrity of our systems and to monitor for fraud or misuse, based on our legitimate interests in operating a secure and efficient business. We may also use your contact details and basic profile information to send you updates, market insights or information about our services; where required we will rely on your consent for this and you can opt out at any time, and in some cases we may rely on our legitimate interests in keeping you informed about relevant services. Finally, we may process any of the above categories of data for internal business administration, IT and security management, accounting, auditing and regulatory reporting, where this is necessary to comply with our legal obligations or for our legitimate interests in running, protecting and developing our business. We do not rely heavily on consent as a legal basis, except for certain marketing activities where this is appropriate.

  • Sharing Your Data


    Internal: Group entities (legitimate interests).

External:
- Service providers (IT, legal, auditors—in EU/Malta).
- Regulators (MFSA, FIAU), banks, depositaries.
- Fraud prevention/sanctions checks.

No sales of data. Third parties bound by confidentiality (e.g., Professional Secrecy Act).

  • International Transfers

    Primarily EU/Malta. If outside (e.g., US advisors via Liberty), we use adequacy decisions or Standard Contractual Clauses. SWIFT transactions may involve US under TFTP.

  • Retention

    Minimum 5 years (legal min.); up to 10 years for audits/tax. Deleted sooner if no obligation, unless anonymised for analytics.

  • Security

    Encryption, access controls, breach protocols (notify you/regulator if required). Staff trained; third parties vetted.

  • Your Rights

    - Access, rectify, erase, restrict, object, portability.
    - Withdraw consent (impacts marketing/services).
    - No fee usually; respond within 1 month. Verify identity.

  • Glossary

    - Legitimate Interests: Business efficiency/security, balanced vs. your rights.
    - Changes: Check periodically. Links to third sites not controlled by us.