By visiting the website https://www.identita.gov.mt (the “Website”), you (“You”, the “User” or the “Data Subject”) provide Identità (“Identity Malta”, “we” or “us”) with personal data.
We commit to process the personal data we collect through the Website (the “Personal Data”) in a highly responsible manner and in observance with applicable legislation.
We have published this Policy (the “Policy”) to inform you about the processing of Personal Data taking place through the Website.
Personal data is also collected when you fill in the “Contact us” form at: https://www.identita.gov.mt/contact-us/. We have created a specific Privacy Policy for that, which you can find at this link.
1. Data Controller and Data Protection Officer
Identità is the data controller, meaning the entity that defines the purposes and means for collecting and processing your Personal Data.
We are an Agency of the Government Malta and we deliver public services related to Identity Cards, Passports, Visas, Expatriate affairs and Public Registry in Malta.
Our Data Protection Officer is the individual responsible to attend any query related to this Policy and in general to data protection, and may be contacted at:
Data Protection Officer Identità Head Office Valley Road, Msida. MSD 9020 Malta dataprotection.identita@gov.mt
2. Purposes and legal basis
When you visit the Website, we collect your Personal Data in order to enable you to have access to it, improve the content, functionality and services we offer you through the Website.
Personal Data collected when you visit the Website includes cookies. Cookies are small files which are placed on your device in order to help the Website keep track of your visits and activity. For ease of reference, we have created a dedicated Cookie Policy which is available at this link.
The legal basis for processing is the legitimate interest pursued by Identity Malta. We have conducted a balance test in this regard. Said legitimate interest is not overridden by the interests or fundamental rights and freedoms of the Data Subject which require protection of Personal Data.
3. Recipients of personal data
In order to maintain the Website, we may transfer and share your Personal Data with our web designer, Webee Ltd.
This will be done in line with applicable laws, and arrangements are in place in order to guarantee the confidentiality, integrity and availability of Personal Data within these transfers.
Under certain conditions outlined in law, we may disclose your information to third parties, (such as other Government entities or law enforcement authorities) if it is necessary and proportionate for lawful, specific purposes.
Personal Data will not transferred to third countries or international organizations.
4. Anonymized Data
When you visit the Website, we collect anonymized usage data on your visit to the website. This type of data collected includes listing of the pages you visit on our Website, the time estimated to be spent on the Website, the kind of browser used, and country.
We will use this data for the purposes of troubleshooting issues with the Website, reporting usage statistics to direct future website content and service improvements, and improving the performance of the Website.
5. Recipients of Anonymized Data
In order to maintain the Website, we may transfer and share anonymized data with our web designer, NIU Limited.
In order to review usage of the website to make improvements to content and service offerings we may transfer anonymized usage data to the European Commission in line with our obligations under the Single Digital Regulation (EU) 2018/174 of the European Parliament and of the Council of 2nd October 2018.
In order to use tools to collect the data and analyze the results we will transfer the anonymized data to Google Inc. through the use of Google Analytics.
6. Storage periods
Personal Data we collect when you visit the Website will be retained for the duration of the session. For the retention period of cookies, please refer to the Cookie Policy.
7. Your rights
You have a number of rights under data protection legislation, which are listed below and may be invoked by contacting our Data Protection Officer.
7.1 Access
You have the right to obtain confirmation from us as to whether we are processing your Personal Data or not, and, where that is the case, access to the Personal Data, obtain information about the processing and a copy of it.
7.2 Rectification
You have the right to obtain from us without undue delay the rectification of inaccurate Personal Data concerning yourself. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
7.3 Erasure
In certain cases, you may have the right to have your Personal Data deleted.
7.4 Restriction
In case any of the conditions of law apply, you have the right to restrict processing of your Personal Data.
7.5 Data Portability
You do not have the right to port your Personal Data because we do not process it on the basis of your consent or on the basis of a contract. However, you can always request to access your Personal Data.
7.6 Object
You have the right to object processing of Personal Data at any time, on grounds relating to your particular situation. In said case we will no longer process your Personal Data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
7.7 Complaint
You can lodge a complaint with the supervisory authority of the Member State of your habitual residence or place of work, or of alleged infringement of data protection legislation.
7.8 Automated decision-making/profiling
Personal Data is not object of automated decision-making or profiling.
8. Changes to this Privacy Policy
This Policy is subject to change. Please visit this URL regularly to be aware of any change which may occur from time to time.
Last update: 18/09/2023.