Skip to main content

GDPR

Is your organisation GDPR compliant?

The GDPR or ‘General Data Protection Regulation’ (Regulation 2016/679/EU) is a new single EU law dealing with data protection that is intended to do away with the fragmented system that was previously in place and update laws across the EU that have not kept up with the digital age we live in. On 25 May 2018, as in the case of other EU Member States, the GDPR took effect in Malta. The new Data Protection Act, 2018 (Chapter 586 of the Laws of Malta) has also come into effect. Data controllers and processors had until this date to prepare for the various new, and in some cases, onerous obligations introduced by the GDPR.

Maltese organisations (especially those processing large amounts of personal data) must take all necessary measures to ensure full compliance with this new law and this, as soon as possible.

Are you ready for DORA? Is it applicable to you?
Find out more on our dedicated DORA section by clicking here

UNDERSTANDING GDPR

GDPR at a glance

  • Fines up to €20,000,000 or 4% of an entity’s total worldwide annual turnover
  • Significantly expanded territorial scope
  • Mandatory data breach notification in certain cases
  • Mandatory appointment of a Data Protection Officer in certain cases
  • Data Processors now also directly responsible at law
  • More stringent consent requirements
  • Increased level of information to be provided to data subjects
  • More stringent requirements in controller-processor contracts
  • Removal of the general notification requirement
  • New data subject rights

WHAT WE BELIEVE IN

How can we help?

Our Reputation

Mamo TCV Advocates is a leading Maltese law firm with years of experience in the field of privacy law and, in particular, data protection law. With clients ranging from world-famous multinational IT companies to individual data subjects we can provide your organisation practical advice regardless of the situation you are in.

GDPR Compliance

Over the past years we have carried out several GDPR audits and training sessions for our diverse portfolio of clients and we are now assisting clients with their various new obligations at law. From rules relating to direct marketing to data retention obligations, we have you covered.

What we Offer

  • Comprehensive expert legal advisory services
  • Data protection risk assessments
  • Training of DPOs and other staff members
  • Drafting of layered privacy policies & other notices
  • Drafting of data processing agreements & addenda
  • Full legal representation in contentious matters and/or IDPC investigations

Key Contacts

Claude Micallef Grimaud
Antoine Camilleri

Stay updated with our latest insights

Pier on Seashore in Malta
Data Protection and Privacy

DORA: An Overview of the Maltese Legal Provisions

On 16 July 2024, Legal Notice 166 of 2024 was published in Malta. This implemented the relevant provisions of DORA (full title being Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) 648/2012, (EU) 600/2014, (EU) No 909/2014 and (EU) 2016/1011) into Maltese law. The said provisions can now be found under the Malta Financial Services Authority Act (Digital Operational Resilience Act (DORA)) Regulations, 2024 (S.L. 330.20) – the ‘Maltese Regulations’. The Maltese Regulations shall come into force on…
Mamo TCV Advocates - DORA Services
Banking & Finance

Are you ready for DORA?

The ‘Digital Operational Resilience Act’ or “DORA” (Regulation (EU) 2022/2554) shall be enhancing and improving Information and Communications Technology (‘ICT’) operational risk requirements across various financial sectors. Subsequently, it imposes obligations on a vast array of different financial entities, as well as certain ICT service providers that assist such financial entities. These financial entities include the following: Credit institutions Account information service providers Investment firms Alternative Investment Fund Managers Crypto-asset service providers Payment institutions Central securities depositories Credit rating agencies Data reporting service providers Insurance and reinsurance undertakings Insurance intermediaries Crowdfunding service providers Mamo TCV Advocates can provide assistance by…
DSA Update: Maltese Implementing Law, Including New Registration Obligations, Now in Effect
Telecoms, Media & Technology

DSA Update: Maltese Implementing Law, Including New Registration Obligations, Now in Effect

The EU Digital Services Act (Regulation (EU) 2022/2065) (the “DSA”) has been implemented into Maltese law by virtue of the Digital Services (Designation and Enforcement) Order, Subsidiary Legislation 418.05, (the “Order”) which came into force on 12th March 2024. The Order designates the Malta Communications Authority (“MCA”) as the Digital Services Coordinator for Malta. This role, created by the DSA, tasks the MCA with ensuring that intermediary service providers established in Malta comply with their obligations under the DSA. This entails handling any complaints received by users and acting as the point of contact between service providers and users. Furthermore,…
Telecoms, Media & Technology
Full Implementation of Digital Services Act Imminent
Mamo TCV Advocates: New Data Protection Law Relating to Third Party rights
Data Protection and Privacy
New Law enables Third Parties to a Contract to benefit from Data Protection Rights
The European Data Protection Board has issued its Opinion on the European Commission’s Draft Adequacy Decision which constitutes a new framework for transatlantic transfers of personal data.
Data Protection and Privacy
The EDPB Issues Opinion on the New EU-U.S. Data Privacy Framework

Subscribe to our newsletter


How can we help you?