Data Handling & Privacy Policy

At CA Plus we take your privacy very seriously. We have implemented systems and processes that place privacy at the forefront of our work and these have been further strengthened in line with the General Data Protection regulations (GDPR). See more about CA Plus’s GDPR compliance.

This Privacy Policy is designed to help you understand what information we collect and how we use and share that information as well as how we ensure the rights of data subjects as these relate to their personal data and specifically to put you in control of your own personal data.

As used in this Privacy Policy, “CA Plus” or “Us” refers to CA Plus Limited and includes subsidiaries, associate companies and affiliates.  The “Client”, “You”, “Your” and the “User” means an existing CA Plus client, or a user of one ofCA Plus’s applications or Web Sites.

The term “Web Sites” means CA Plus’s principle websites (including but not limited to, and

CA Plus never sells personal data and we commit to process personal data strictly in compliance with the EU General Data Protection Regulation (“GDPR”) as well as the Laws of Malta (together the “Applicable Law”).

How do we use this personal data?

CA Plus will not sell, rent, or loan our email lists or personal data to any 3rd party.

We will store and/or process your personal data in any of the following circumstances:

  1. Where it is necessary for CA Plus’s Legitimate Business Interests to manage the relationship with you as a client, prospective client, employee or supplier or your legitimate interests, provided that this processing does not override the Data Subject’s fundamental rights.
  2. Where our Clients, as Data Controllers, need to process this Personal Data for the performance of a contract with the Data Subject as per (Art 6(1)(b) of GDPR). e.g. where a CA Plus’s product is used to manage the Personal Data of data subjects.
  3. Where the processing is necessary for the performance of a contract between CA Plus and you;
  4. Where CA Plus needs to comply with a legal or regulatory obligation.

We use the information we collect from all of our services to provide, protect, maintain, support, administer and improve our products/services.   When you contact CA Plus for sales, software and support services we keep a record of your contact to help solve any issues you might be facing or to provide the requested service to you as well as to administer our relationship with you.

We may use your email address to inform you about our services and products such as letting you know about upcoming changes or improvements and/or new product modules.  You will always give you the right to opt out.   We will request specific consent (Opt-In) to allow us to communicate with you for purposes other than those related to our relationship.

People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used.

If you receive emails from us, we may use certain analytics tools, to capture data such as when you open our email or click on any links or banners our email contains. This data helps us to gauge the effectiveness of our communications and marketing campaigns.

What Personal Data Do We Collect?

Contacting CA Plus

You may choose to contact CA Plus for pre-sales or post-sales services, support or other type of enquiries either via telephone, messaging services, email, a contact form on a website or even through real-time chat facilities made through our software or web sites.

These types of contact may result in us asking you for certain information to allow us to respond and provide you with our services including your name, address, phone number, and email address.  In the case of any chat facility that we may provide this will also result in the  storage of the contents of the chat sessions including your company name, and the chat activity. We will retain and process this personal data in our systems to allow us to service your request and the ongoing relationship with you whether you are a client, prospective client or supplier. Your rights as data subject, as defined below, will of course be preserved.

We may also collect Personal Data such as name, email and physical addresses and even credit card information, where necessary, to support our licensing and billing processes.

We collect information in the following ways:

  • Information you give us like your name, email address, telephone number and the company / individual with whom you work.
  • Information we get from your use of our services. We collect information about the version numbers of the software that your use, serial numbers, number of users and number of companies.
  • In some of the licensing procedures, we maintain a list of companies which are required to enable us to generate software activation keys.
  • In the software hosted by use, we maintain log information and this includes:
  • details of how you used our service, such as your browsing pages history.
  • Login and logout date and time
  • Name and company
  • device event information, such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL.
  • cookies that may uniquely identify your browser.
  • Location information from where you are using our services
  • We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.

Payment Information

When you purchase a good or services on-line through one of our Web Sites , we utilise 3rd party providers of payment processing and the data related to your credit card is processed by the 3rd party provider and we do not have access to that credit card information.


CA Plus web sites utilize cookies to process user usage and behaviour information in a bid to improve user experience.

If your browser has been enabled by you to allow this, CA Plus will store Cookie information onto the device used by you to access these sites.  You will be able to use your browser’s capabilities to view and delete these cookies.  The functionality of the web site may change based on the ability of Shireburn to utilise these cookies.

 On-Line Help

Use of the on-line help facilities that may be made available on the Web sites will record the details of the user name accessing the on-line help facility, the help centre activity related to the documents accessed and the location.

e-mail Contact

If you are a user of our software or services, or an end-user of one of our clients, who is obtaining support or needs to be notified of technical or commercial aspects of the use of our software or services, we shall retain the right to communicate with you as a result of a legitimate business interest provision as defined under GDPR.

If you are not an existing client of CA Plus, we shall only use the Personal Data provided by you to communicate with you regarding those services for which you have specifically consented to be contacted. You will always have the option of opting out of such communications..

Server logs

Like most websites, our servers automatically record the page requests made when you visit our Web Sites. These “server logs” typically include your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.

Firewall Logs

Accessing of our systems and network is controlled through security infrastructure including firewall protection. As is industry practice, the firewall automatically logs traffic requests made when you access our systems. These “firewall logs” typically include details such as your Internet Protocol address, request type, and the date and time of your request.  These logs are maintained for 1 year.

Where do we store your data?

Unless with explicit, prior, written consent, CA Plus shall only store Personal Data either within the European Economic Area (EEA) or in a manner which is undertaken by Shireburn through one of the following mechanisms:

  • As a result of the recognition by the European Commission, on the basis of article 45 of GDPR, of the country where the data is stored and processed as offering an adequate level of data protection, whether by its domestic legislation or of the international commitments it has entered into.
  • In a trusted country in accordance with the US Privacy Shield Framework and Principles
  • the Standard Contractual Clauses.

How long do we keep it?

CA Plus’s data retention policy varies according to the nature of data itself and details of this policy can be located in CA Plus Data Retention Policy found at:

Your Data Subject Rights

GDPR provides a data subject with the following rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

CA Plus of course respects these rights, subject to our obligations to retain and process data under other laws.  For instance, while we might receive a request for erasure of data from a Data Subject related to that subject, we may not be able to erase data related to that subject which is necessary for the performance of our legal obligations for record keeping.  A simple example is that we could erase non-critical correspondence but we are obliged to retain details of the purchase orders, invoices etc which relate to that Data Subject for period as required by laws related to accounting and business record keeping.

Should you wish to exercise any of these Data Subject Rights please send a request to

Thank you for your support of these policies and of CA Plus.