Terms and conditions applicable for this website, documents downloaded from this website and any other material related to Malta Information Technology Agency can be found here. By utilising, downloading and viewing any of the content on this website you indicate that you accept and agree to abide by these terms and conditions of use.
Data Protection Policy
The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act 2018 (Cap 586 of the Laws of Malta) regulate the processing of personal data whether held electronically or in manual form. The Malta Information & Technology Agency (MITA) is set to fully comply with the Data Protection Principles as set out in such data protection legislation.
Purposes for collecting data
MITA manages the implementation of IT programmes in Government to enhance public service delivery and provides the infrastructure needed to execute ICT services to Government. MITA is also responsible to propagate further use of ICT in society and economy and to promote and deliver programmes to enhance ICT education and the use of ICT as a learning tool.
MITA collects and processes information to carry out its obligations in accordance to the General Data Protection Regulation 2016/679, the Electronic Communications Data Protection Directive 2002/58/EC, the Directive 2016/680, the GMICT Policy, and all applicable laws and regulations relating to the processing of personal data and privacy.
MITA implements appropriate physical, electronic, managerial and disciplinary procedures that protection the information from unauthorised access, the maintenance of data accuracy and the appropriate use of information.
Recipients of data
Personal Information is accessed by MITA employees who are assigned to carry out their functions in accordance to the business process of the Agency. Personal data may also be disclosed to Public Authorities and third parties as authorised by law. The citizen’s rights are safeguarded by the Data Protection legislations, other National laws, as well as by MITA’s internal policies and procedures.
You are entitled to know, free of charge, what type of information the Agency holds and processes about you and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what the Unit is doing to comply with data protection legislation.
The GDPR establishes a formal procedure for dealing with data subject access requests. All data subjects have the right to access any personal information kept about them by MITA, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing, or by using MITA’s Data Subject Access Request Form and sent to the MITA’s Data Protection Officer. Your identification details such as ID number, name and surname have to be submitted with the request for access. In case we encounter identification difficulties, you may be required to present an identification document.
MITA aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data subject will be informed accordingly.
All data subjects have the right to request that their information is amended, erased or not used in the event the data results to be incorrect.
In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Information and Data Protection Commissioner, whose contact details are provided below.
The Rentention Policy outlines the retention requirements for the various categories of documentation held within MITA.
Data that needs to be destroyed after the noted timeframes will be disposed of in an efficient manner ensuring that such information is no longer available within MITA.
What is a cookie?
A cookie is a small piece of data that a website asks your browser to store as text strings on your computer’s hard-disk. All cookies are set with expiry dates which determine how long they reside on your browser. Generally, cookies can be removed automatically after the lapse of the expiry date or else can be deleted manually by the user.
Which types of cookies does this website utilise?
This website only makes use of session cookies, that are temporary cookies which are used to give you access to the content of this website. These types of cookies expire and are deleted as soon as you close the browser. We also track cookies anonymously for website analytics to provide the Office with the necessary information on the site's traffic. You can set your browser to reject all cookies.
Freedom of Information
Eligible persons may submit Freedom of Information (FOI) requests to all Public Authorities, including MITA.
SUBMITTING A REQUEST/COMPLAINT
In order to be eligible to submit FOI requests, a person has to be a resident in Malta and to have been so for a period of at least five years. Such person has to be also either a citizen of Malta or a citizen of any other Member State of the European Union or a citizen of any other state the citizens of which have a right, in virtue of any treaty between such state and the European Union, to be treated in Malta in the same manner as citizens of Member States of the European Union.
Information to be provide
When submitting an FOI Request, applicants will be required, apart from providing contact details, to give an indication of the document / information that they wish to obtain. They will also need to indicate the format in which they wish to receive such document / information, namely as a hard copy/print-out, as an electronic copy, in the form of a summary / excerpt of contents or by on-site inspection of the document / information in question. Copies of the ID card or passport and/or additional documentation, as deemed necessary may be requested by the Public Authority, in the case of requests relating specifically to the individual, individual's assets/interests/right of access.
Types of requests
In essence, one may ask for any article that is held by a public authority and on which information has been recorded in whatever form, including electronic data, images, scale models and other visual representations, and audio or video recordings, regardless of whether the information can be read, seen, heard or retrieved with or without the aid of any other article or device. One may also ask for documentation which contains policies, principles, rules or guidelines in accordance with which decisions or recommendations are made in respect of members of the public (including bodies corporate and employees of the public authority in their personal capacity). Furthermore, eligible persons have the right to request information (in the form of a written statement) on a decision or recommendation made in their respect or in respect of a body corporate which they represent.
FOI requests will be duly acknowledged by the Public Authorities. The acknowledgement forms will include a unique reference number and an indication of the date by when the response will be given. The forms shall also include specific information related to the Public Authority, such as its address, telephone numbers, e-mail addresses, opening hours and also details of its internal complaints procedure.
Checks to be carried out by the Public Authority
On receipt of the application form, the Public Authority will verify whether the request qualifies as an FOI request and will inform the applicant accordingly if this is not the case. If it transpires that additional information / documentation is required, applicants will be contacted by the Public Authority to whom the request has been submitted and they will be provided with all possible assistance in order to ensure that such request complies with the provisions of the Act. This notwithstanding, when submitting an FOI request, applicants are not required to provide any justifications for requesting any particular documentation / information.
The Public Authority will also verify whether the requested document / information is held at its end. If this is not the case such Public Authority will seek to identify the proper entity to whom the request should be submitted and will transfer such application accordingly (informing the applicant in the process). If no alternative entity is identified (meaning that the document / information cannot be traced at any Public Authority) the applicant will be informed accordingly.
Processing of request
Once it establishes that a request is an FOI request and can be addressed from its end, the Public Authority will determine whether it can provide the applicant with the document/information requested (in full or in part) or whether it will refuse the request. Prior to taking a decision in this regard, the Public Authority shall consider whether any of the exemptions listed in the FOI Act apply. The Public Authority will submit notification of whether the request will be accepted or not within 20 working days from its receipt. An additional 20 working days extension can be further applied, bringing up the total to a maximum of 40 working days from the date of the receipt of the original request.
Payment of Fee
When submitting a response to the Applicant, the Public Authority shall indicate whether any fees apply. If applicable, such fees shall cover only the costs related to making a document available to the applicant, namely hours of processing, costs of photocopies / faxes and digital media and costs related to inspections. Notwithstanding the above, the total applicable fee shall not exceed €40. No additional fees can be incurred for submitting applications or complaints.
The application of fees is regulated by L.N. 158 of 2010.
If the applicant is not satisfied with the response provided by the Public Authority vis-à-vis its request, the applicant is entitled to submit a complaint to the same Public Authority. If, subsequently, the applicant remains unsatisfied with the response received, s/he may lodge an appeal with the Information and Data Protection Commissioner (IDPC). If the applicant remains dissatisfied with the outcome of the appeal s/he may appeal to the Information and Data Protection Tribunal and, subsequently, to the Court of Appeal. Complaints may be submitted for the following reasons:
• The Public Authority has applied an extension to the 20-working day deadline
• The Public Authority has imposed a fee which is deemed to be excessive
• The document is not being provided in the requested format
• The request is being refused (for e.g. request not deemed to be an FOI request)
• The Public Authority does not respect the 20 working day deadline (or the deadline indicated in the notification of extension, if applicable) for submitting a response
Applicants may submit a complaint through the IDPC’s website by clicking here.
Receiving documentation / information
Whenever a Public Authority communicates a decision to an Applicant that access to a document / information will be granted, the applicant shall also be invited to effect payment of fees (if applicable). Within 10 working days following payment, the Public Authority will provide the document / information in the same format as the applicant had originally requested or, if this is not possible, in any other format deemed appropriate by the Public Authority. Applicants who submit requests through the FOI portal (www.foi.gov.mt) may be provided with the possibility of downloading the document / information directly from the site.
If no fee will be charged, the document / information will be provided within 10 working days following notification. The request shall be considered to have been abandoned by the applicant if payment is not effected within 20 working days following notification.
Internal complaints procedure
Applicants shall submit their complaint via email, their E-ID or online form found on the FOI Portal www.foi.gov.mt.
Applicants may file a complaint within a maximum of thirty (30) days from the last relative communication received from MITA or the act or omission giving rise to the complaint, as the case may be. The complaint will be received by the FOI Officer.
The FOI Officer shall bring the complaint to the attention of the FOI Complaints Handling Officer who shall review the processing of a Request for Information by the FOI Officer. The FOI Complaints Handling Officer shall reply to the applicant within ten (10) working days from the receipt of the complaint, informing them of the right to refer any further complaint to the Information and Data Protection Commissioner under article 23 of the FOI Act. The FOI Complaints Handling Officer will provide an independent review of the processing of a request for information and shall issue a decision accordingly.
Requests for information will be received through email or through the online form/e-ID available at www.foi.gov.mt. MITA is not in a position to accept requests for information at its office. However, any applicants who come in person at the MITA Head Office will be, whenever possible, helped to fill in the form electronically at the premises.
Payments are to be made by cash or cheque payable to MITA. Payment can be submitted in person at the below-indicated address or by post quoting the reference number of the FOI request.
You can access the documents listed below from this link:
Information provided in accordance with Article 17 of the Freedom of Information Act may be viewed by accessing the following Link or by contacting:
The Freedom of Information Officer
Malta Information Technology Agency
Gattard House, National Road, Blata L-Bajda. HMR9010, Malta