Privacy Policy

We are committed to protecting our visitors' and/or user’s privacy and we will not collect any personal information about you as a visitor unless you provide it voluntarily.

Pursuant to the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap 586), we have a legal obligation to respect and protect any personal information we collect from you. We, therefore, endeavour to prevent unauthorised access and sharing of that personal data, collected from you as a visitor, or user, with any third party, unless your explicit, written consent is given,  unless we must do so, as authorised, or obliged, by law.

This policy is visible and accessible, via a link, from the footer, on every page of this website.

How do we process personal data?

1)    E-Forms

We may collect personal data, that you have voluntarily submitted, on forms through this website, as follows:

2)    IP address and location

The web server logs IP addresses and the location of your computer on the Internet, for systems administration and troubleshooting purposes.  We do not use this data to track your browsing session, or your behaviour, on our site.

3)    e-ID

You may also authenticate your login, through facilities provided by other government entities, by using your eID account. In such instances, the authentication credentials will be limited to that particular session, through your web browser.

4)    Contact Us/Feedback

When using this website’s online forms, data subjects may be required to provide their contact details, so that we may get back to them, to assist.  All information and any personal data that you may decide to provide us, voluntarily, in the Contact Us/Feedback form, shall be processed only for the strict purpose of responding to your enquiry. ​

5)   Cookies

Cookies are small pieces of data that the site transfers to your computer hard drive, when you visit this website. This makes limited use of cookies and consequently, for any further information, you may wish to visit our Cookies Policy, for more details.

Your Rights

As a data subject, you may exercise your right to access the data we store about you, therefore if you have any queries, in relation to this data, if any is held by the MTCA, please contact us by  submitting your request to the Data Protection Officer, through the dedicated email account, listed in this webpage.

Although all reasonable efforts will be made to keep your data updated and correct, you are legally obliged to inform the MTCA of any changes, including, but not limited to information affecting how the we can contact you. If you believe that the information we store about you is inaccurate, you may with to contact the Data Protection Officer, for the rectification of that data. You also have the right to request the suspension of processing of that data, until it is corrected.

For any data privacy related inquiries, the Data Controller of the Malta Tax and Customs Administration may be contacted at:

(a) By post, to the Data Controller, Office of the Commissioner for Tax and Customs, Vincenzo Dimech Street, Floriana, FRN 0170.

(b) By post, to the Data Protection Officer, Office of the Commissioner for Tax and Customs, Vincenzo Dimech Street, Floriana, FRN 0170.

By email: [email protected]

If you remain dissatisfied with the outcome of your subject access request, you may lodge a complaint with the Information and Data Protection Commissioner, whose contact details are as follows: 

Information & Data Protection Commissioner
Floor 2, Airways House,
Triq il-Kbira,
Tas-Sliema. SLM 1549

Web: www.idpc.org.mt
Email: [email protected]

To provide you with a better service, our website can connect you, via a number of external links, to other local and international organisations and agencies. Once connected to other such websites, you will no longer be subject to this policy, but to the privacy policy of the respective websites.

This site uses Secure Sockets Layer (SSL) to ensure secure transmission of your personal data.  You should be able to see the padlock symbol in the status bar of browser’s address field.  The url address will also start with https:// depicting a secure webpage.  SSL applies encryption between two points, such as your PC and the connecting server.  Any data transmitted during the session will be encrypted, or scrambled and then decrypted or unscrambled, at the receiving end.  This will ascertain that data cannot be read during transmission.

This privacy policy is updated from time to time, to reflect any changes in law, or policy. An updated version will transmit any such changes. It is therefore in your interest to check the "Privacy Policy" page, any time you visit our website and inform yourself of any changes which may occurred.

We welcome any comments, or suggestions that you may have, that which may contribute to a better quality of service we offer.