Cookie Policy

 The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act 2018 (Cap 586 of the Laws of Malta) regulate the processing of personal data whether held electronically or in manual form. The Malta Information & Technology Agency (MITA) is set to fully comply with the Data Protection Principles as set out in such data protection legislation.


Purposes for collecting data

MITA manages the implementation of IT programmes in Government to enhance public service delivery and provides the infrastructure needed to execute ICT services to Government. MITA is also responsible to propagate further use of ICT in society and economy and to promote and deliver programmes to enhance ICT education and the use of ICT as a learning tool. GMICT Policy.

MITA collects and processes information to carry out its obligations in accordance to the General Data Protection Regulation 2016/679, the Electronic Communications Data Protection Directive 2002/58/EC, the Directive 2016/680, the GMICT Policy, and all applicable laws and regulations relating to the processing of personal data and privacy.

MITA implements appropriate physical, electronic, managerial and disciplinary procedures that protection the information from unauthorised access, the maintenance of data accuracy and the appropriate use of information.


Recipients of data

Personal Information is accessed by MITA employees who are assigned to carry out their functions in accordance to the business process of the Agency.   Personal data may also be disclosed to Public Authorities and third parties as authorised by law. The citizen’s rights are safeguarded by the Data Protection legislations, other National laws, as well as by MITA’s internal policies and procedures.   


Your rights

You are entitled to know, free of charge, what type of information the Agency holds and processes about you and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what the Unit is doing to comply with data protection legislation.

The GDPR establishes a formal procedure for dealing with data subject access requests.  All data subjects have the right to access any personal information kept about them by MITA, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing, or by using MITA’s Data Subject Access Request Form and sent to the MITA’s Data Protection Officer.  Your identification details such as ID number, name and surname have to be submitted with the request for access.  In case we encounter identification difficulties, you may be required to present an identification document.

MITA aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the

data subject making the request.  Should there be any data breaches, the data subject will be informed accordingly.

All data subjects have the right to request that their information is amended, erased or not used in the event the data results to be incorrect.

In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Information and Data Protection Commissioner, whose contact details are provided below.


Retention Policy

The Rentention Policy outlines the retention requirements for the various categories of documentation held within MITA.

Data that needs to be destroyed after the noted timeframes will be disposed of in an efficient manner ensuring that such information is no longer available within MITA.


Data Protection Officer

The Data Protection Officer may be contacted at:

Malta Information & Technology Agency

Gattard House, National Road

Blata Il-Bajda 1057



Telephone:  25992410

Email:  [email protected]


The Information and Data Protection Commissioner

The Information and Data Protection Commissioner may be contacted at:

Level 2, Airways House,

High Street,

Sliema  SLM 1549

Telephone:  23287100 

Email:  [email protected]

Freedom of Information

Eligible persons may submit Freedom of Information (FOI) requests to all Public Authorities, including MITA.



Eligible Persons

In order to be eligible to submit FOI requests, a person has to be a resident in Malta and to have been so for a period of at least five years.

Such person has to be also either a citizen of Malta or a citizen of any other Member State of the European Union or a citizen of any other state the citizens of which have a right, in virtue of any treaty between such state and the European Union, to be treated in Malta in the same manner as citizens of Member States of the European Union.

FOI requests or complaint forms have to be submitted in writing, and can be sent by e-mail to [email protected] or through the FOI portal via the e-ID or through the online form.


Information to be provided

When submitting an FOI Request, applicants will be required, apart from providing contact details, to give an indication of the document / information that they wish to obtain. They will also need to indicate the format in which they wish to receive such document / information, namely as a hard copy/print-out, as an electronic copy, in the form of a summary / excerpt of contents or by on-site inspection of the document / information in question.

Copies of the ID card or passport and/or additional documentation, as deemed necessary may be requested by the Public Authority, in the case of requests relating specifically to the individual, individual’s assets/interests/right of access.


Types of Requests

In essence, one may ask for any article that is held by a public authority and on which information has been recorded in whatever form, including electronic data, images, scale models and other visual representations, and audio or video recordings, regardless of whether the information can be read, seen, heard or retrieved with or without the aid of any other article or device.

One may also ask for documentation which contains policies, principles, rules or guidelines in accordance with which decisions or recommendations are made in respect of members of the public (including bodies corporate and employees of the public authority in their personal capacity).

Furthermore, eligible persons have the right to request information (in the form of a written statement) on a decision or recommendation made in their respect or in respect of a body corporate which they represent.



FOI requests will be duly acknowledged by the Public Authorities. The acknowledgement forms will include a unique reference number and an indication of the date by when the response will be given.

The forms shall also include specific information related to the Public Authority, such as its address, telephone numbers, e-mail addresses, opening hours and also details of its internal complaints procedure.

Checks to be carried out by the Public Authority

On receipt of the application form, the Public Authority will verify whether the request qualifies as an FOI request and will inform the applicant accordingly if this is not the case. If it transpires that additional information / documentation is required, applicants will be contacted by the Public Authority to whom the request has been submitted and they will be provided with all possible assistance in order to ensure that such request complies with the provisions of the Act.

This notwithstanding, when submitting an FOI request, applicants are not required to provide any justifications for requesting any particular documentation / information.

The Public Authority will also verify whether the requested document / information is held at its end. If this is not the case such Public Authority will seek to identify the proper entity to whom the request should be submitted and will transfer such application accordingly (informing the applicant in the process).

If no alternative entity is identified (meaning that the document / information cannot be traced at any Public Authority) the applicant will be informed accordingly.


Processing of request

Once it establishes that a request is an FOI request and can be addressed from its end, the Public Authority will determine whether it can provide the applicant with the document/information requested (in full or in part) or whether it will refuse the request.

Prior to taking a decision in this regard, the Public Authority shall consider whether any of the exemptions listed in the FOI Act apply. The Public Authority will submit notification of whether the request will be accepted or not within 20 working days from its receipt.

An additional 20 working days extension can be further applied, bringing up the total to a maximum of 40 working days from the date of the receipt of the original request.


Payment of Fee

When submitting a response to the Applicant, the Public Authority shall indicate whether any fees apply.

If applicable, such fees shall cover only the costs related to making a document available to the applicant, namely hours of processing, costs of photocopies / faxes and digital media and costs related to inspections.

Notwithstanding the above, the total applicable fee shall not exceed €40. No additional fees can be incurred for submitting applications or complaints.

The application of fees is regulated by L.N. 158 of 2010.

Remedial Action

If the applicant is not satisfied with the response provided by the Public Authority vis-à-vis its request, the applicant is entitled to submit a complaint to the same Public Authority. If, subsequently, the applicant remains unsatisfied with the response received, s/he may lodge an appeal with the Information and Data Protection Commissioner (IDPC).

If the applicant remains dissatisfied with the outcome of the appeal s/he may appeal to the Information and Data Protection Tribunal and, subsequently, to the Court of Appeal.

Complaints may be submitted for the following reasons:

  • The Public Authority has applied an extension to the 20-working day deadline
  • The Public Authority has imposed a fee which is deemed to be excessive
  • The document is not being provided in the requested format
  • The request is being refused (for e.g. request not deemed to be an FOI request)
  • The Public Authority does not respect the 20 working day deadline (or the deadline indicated in the notification of extension, if applicable) for submitting a response

Applicants may submit a complaint through the IDPC’s website by clicking here.


Receiving documentation / information

Whenever a Public Authority communicates a decision to an Applicant that access to a document / information will be granted, the applicant shall also be invited to effect payment of fees (if applicable). Within 10 working days following payment, the Public Authority will provide the document / information in the same format as the applicant had originally requested or, if this is not possible, in any other format deemed appropriate by the Public Authority.

Applicants who submit requests through the FOI portal ( may be provided with the possibility of downloading the document / information directly from the site.

If no fee will be charged, the document / information will be provided within 10 working days following notification. The request shall be considered to have been abandoned by the applicant if payment is not effected within 20 working days following notification.


Internal complaints procedure

Applicants shall submit their complaint via email, their E-ID or online form found on the FOI Portal

Applicants may file a complaint within a maximum of thirty (30) days from the last relative communication received from MITA or the act or omission giving rise to the complaint, as the case may be. The complaint will be received by the FOI Officer.

The FOI Officer shall bring the complaint to the attention of the FOI Complaints Handling Officer who shall review the processing of a Request for Information by the FOI Officer. The FOI Complaints Handling Officer shall reply to the applicant within ten (10) working days from the receipt of the complaint, informing them of the right to refer any further complaint to the Information and Data Protection Commissioner under article 23 of the FOI Act.

The FOI Complaints Handling Officer will provide an independent review of the processing of a request for information and shall issue a decision accordingly.


Other Information

Requests for information will be received through email or through the online form/e-ID available at

MITA is not in a position to accept requests for information at its office.  However, any applicants who come in person at the MITA Head Office will be, whenever possible, helped to fill in the form electronically at the premises.

Payments are to be made by cash or cheque payable to MITA.  Payment can be submitted in person at the below-indicated address or by post quoting the reference number of the FOI request.



You can access the documents listed below from this link:


Information provided in accordance with Article 17 of the Freedom of Information Act may be viewed by accessing the following Link or by contacting:


The Freedom of Information Officer
Malta Information Technology Agency
Gattard House, National Road, Blata L-Bajda. HMR9010, Malta
Email: [email protected]


Receive the 

latest updates

on open positions.

You have Successfully Subscribed!