The Data Protection Act, 2001 (hereinafter Act) regulates the processing of personal data whether held electronically or in manual form, and it specifically extends the territorial scope to a Maltese Embassy or High Commission abroad. The Ministry of Foreign Affairs (hereinafter Ministry) which in terms to the Act is the Data Controller is set to fully comply with the data protection principles as set out in the Act. The Directorates falling within the responsibility of the Ministry of Foreign Affairs in regard to data protection issues are:
- Directorate General – Political
- Directorate General – European and Economic Affairs
- Directorate Financial Management
- Directorate protocol and Consular Services
- Information Management Unit
The Ministry processes personal data either on computer or in manual files in accordance with Maltese Laws, EU Regulations and International Conventions. The purposes of processing by the Ministry include the following:
a) Consular services and assistance as required in respect to data subjects;
b) Diplomatic representations in Malta and overseas as represented by Maltese missions abroad, including Malta Based Officers and locally engaged personnel;
c) Legalisation and authentication services;
d) Administration of Scholarships offered by foreign countries and international organisations;
e) Issuance of visas to enter Maltese territory as well as Schengen Member States;
f) CCTV recordings at the Ministry and its missions for security purposes.
Personal data will not be used for other purposes and will not be disclosed to third parties without your consent unless obliged under a specific law, international convention or EU regulation.
All data subjects are entitled to know what information the Ministry and Maltese Missions abroad hold and process about them and why; and how the data is being used. In this respect, all data subjects have the right to access any personal data kept about them. The Act sets down a formal procedure for dealing with data subject access requests, which the Ministry follows. In this regard, requests to access personal data by data subjects must be made in writing and addressed to the Data Controller or the Data Protection Officer of the Ministry at the Ministry of Foreign Affairs, Palazzo Parisio, Merchants Street, Valletta VLT 1171, emailed on email@example.com or to the Malta Missions abroad at the particular address of each Mission. In the latter instance, requests to access personal data are dealt with by the Missions being the representatives of the Ministry of Foreign Affairs in the country/countries to which they are accredited.
An identification document such as a photocopy of the Identity Card or photocopy of the Passport of the data subject making the request must be submitted with the request. Such identification material will be returned back to the data subject.
The Ministry aims to comply as quickly as possible with requests for access to personal data and will ensure that it is provided within a reasonable time unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. All data subjects have also the right to request that their information is amended, erased or not used in the event the data is incorrect. In this regard, the Ministry will take appropriate action in the event that the data subject is correct.