Last updated: 24 July 2025

This Privacy Policy (“Privacy Policy”) applies to your use of the website https://resella.app (the “Website”) and to the Resella programme (the “Service” or “Resella”), powered by TWBS Limited, C 96635, a company registered in Malta, Centris Business Gateway II, Level 3, Suite D, Triq is-Salib tal-Imriehel, Zone 3, Central Business District, Birkirkara (“we”, “us”, “our”).

We are committed to protecting and respecting your privacy. This policy explains how we collect, use, disclose, and protect your personal data when you use the Website or interact with the Resella Service.

1. Information We Collect

We may collect and process various types of personal data, including information you provide directly, such as your name, contact details (e.g., email address), organisation or company details (if applicable), any communications or enquiries you send us, and data submitted when registering or applying for access to Resella. We also collect certain information automatically when you visit our Website, including your IP address, device and browser information, date, time and duration of your visit, pages viewed, interactions, and referral URLs.

2. How We Use Your Information

We process your personal data solely for the purposes of delivering and managing your experience with Resella, including: providing you with access to and participation in the Resella Services; verifying your identity and eligibility in line with our programme criteria; facilitating communications with you regarding your account, service-related notices, technical updates, promotional content (where legally permitted or based on your consent), and responding to your inquiries or requests; ensuring the functionality, integrity, and security of the Resella technical infrastructure; monitoring usage, performance, and engagement trends to improve our services and user experience; detecting and preventing fraudulent or unauthorised activity; and complying with our legal and regulatory obligations, including those arising under applicable financial services, anti-money laundering, and data protection laws. Where possible, we use anonymised or pseudonymised data for analytics and operational insights. We rely on a combination of legal bases under Article 6 of the GDPR to process your data, including your consent (where required), the performance of a contract, compliance with legal obligations, and our legitimate interests in maintaining and developing Resella in a secure and responsible manner

3. How We Share Your Information

We do not sell your personal data to any third party. However, we may share your information with carefully selected and trusted third-party service providers who support the operation, maintenance, and improvement of Resella—for example, providers of hosting infrastructure, analytics tools, communication services, and customer support platforms. These parties are granted access to personal data only to the extent necessary to perform their designated functions and are contractually bound by data processing agreements to maintain strict confidentiality, implement appropriate security measures, and act only in accordance with our instructions. We may also share your information with competent regulatory, administrative, or law enforcement authorities if required to do so by applicable law, court order, or regulatory obligation. Additionally, we may disclose data to business partners strictly on the basis of your explicit consent or direct interaction with those services, and always in compliance with applicable data protection laws.

4. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

5. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes set out in this Privacy Policy, including the provision of Resella, compliance with our legal obligations, resolution of disputes, enforcement of our agreements, and protection of our legitimate interests. The specific retention period depends on the nature of the data, the context in which it is collected, and any legal or contractual requirements that may apply. Where personal data is no longer required for the stated purposes, or where you lawfully exercise your right to erasure and no overriding legal basis exists to retain it, we will securely delete or anonymise the data in accordance with applicable laws and industry best practices.

6. Your Rights

Under applicable data protection laws you have several rights in relation to your personal data. These include the right to request access to the personal data we hold about you; the right to request correction of inaccurate or incomplete data; the right to request the erasure of your data where it is no longer necessary for the purposes for which it was collected, where you withdraw your consent (if applicable), or where processing is otherwise unlawful; the right to restrict or object to certain types of processing, including direct marketing or processing based on our legitimate interests; the right to withdraw your consent at any time where processing is based on consent, without affecting the lawfulness of processing prior to withdrawal; and the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller where technically feasible. You also have the right to lodge a complaint with a supervisory authority, if you believe that your data has been processed unlawfully or in violation of your rights. To exercise any of these rights, please contact us using the details provided in the “Contact Us” section below.

7. Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, remember preferences, and analyse site usage. For details on how we use cookies and how you can manage your preferences, please refer to our Cookie Policy.

8. Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR. These measures include, but are not limited to, access controls, encryption of personal data in transit and at rest where applicable, regular security audits, vulnerability assessments, and system monitoring to prevent unauthorised access, disclosure, alteration, or destruction of data. All personal data is processed in a manner that ensures confidentiality, integrity, availability, and resilience of the systems and services supporting Resella. While we take all reasonable steps to protect your information, no method of electronic storage or transmission over the internet can be guaranteed to be entirely secure, and therefore we cannot warrant absolute security.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our data practices. We encourage you to check this page periodically. Continued use of our Website or services constitutes acceptance of the updated terms.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: support@resella.app