The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap 586) regulate the processing of personal data whether held electronically or in manual form. The Malta Information & Technology Agency (MITA) is set to fully comply with the Data Protection Principles as set out in such data protection legislation.

Purposes for collecting data

The Legal Unit within the Finance and Contracts Department collects and processes information to be used solely for the purpose of providing subscribers with alerts, updates and information on procurement and other relevant initiatives comprising those related to IT organised by MITA.

To subscribe through the website to receive alerts and notifications, the Data Subject will be required to provide personal data. This data is limited to the name, surname, email address and company name. No other data is collected from use of our website.

All data is collected and processed in accordance with Data Protection Legislation.

Recipients of data

Personal Information is accessed by the employees who are assigned to carry out the functions within the Finance and Contracts Department. Personal Data will be disclosed through various protocols, controls and relevant policies, procedures, and guidance. MITA will maintain organisational, physical and technical security arrangements to provide the utmost protection to subscribers’ personal data against unauthorised use or disclosure.

Disclosure can also be made to third parties but only as authorized by law.

For further information on how your data is stored and protected, please refer to the following link:

Your rights

You are entitled to know, free of charge, what type of information the Finance and Contracts Department holds and processes about you and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what the department is doing to comply with data protection legislation.

The GDPR establishes a formal procedure for dealing with data subject access requests.  All data subjects have the right to access any personal information kept about them by the Finance and Contracts Department, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing and sent to MITA’s Data Protection Officer, whose contact details are provided below.

Your identification details such as ID number, name and surname would have to be submitted with the request for access.  In case we encounter identification difficulties, you may be required to present an identification document.

MITA aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request.  Should there be any data breaches, the data subject will be informed accordingly.

All data subjects have the right to request that their information is not used or is amended if it results to be incorrect. 

These rights may be restricted, if applicable, as per Data Protection Legislation.

In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Information and Data Protection Commissioner, whose contact details are provided below.

Retention Policy / Opt-in Opt-out

Subscribers will be able to withdraw their consent at any time. To stop receiving alerts, updates, and communications from the department, the ‘unsubscribe’ mechanism is located at the bottom of the website, to allow the withdraw of the consent to receive alerts and email notifications.

Once the data subject unsubscribes from receiving email notifications, personal data will be retained until it is permanently deleted during routine data erasure that will be performed every six months.

The Data Protection Officer may be contacted on email:  or by telephone 25992410.

The Malta Information & Technology Agency Data Controller may be contacted at:
Gattard House, National Road
Blata l-Bajda HMR 9010
Telephone: 25992410

The Information and Data Protection Commissioner may be contacted at:

Level 2, Airways House,
High Street,
Sliema  SLM 1549
Telephone:  23287100 


 Last Updated: 19 August 2021