Data Protection and Privacy

Data Protection and Privacy

Practice Area Overview

Mamo TCV Advocates is a leading Maltese law firm with years of experience in the field of privacy law and, in particular, data protection law. With clients ranging from world-famous multinational IT companies to individual data subjects we can provide your organisation practical advice regardless of the situation you are in.

In November 2017, Mamo TCV organised Malta’s largest conference on data protection with the goal of educating the general public on the implications of the incoming GDPR.

What is the GDPR? The GDPR or ‘General Data Protection Regulation’ (Regulation 2016/679/EU) is a single EU law dealing with data protection that intended to do away with the fragmented system that was previously in place and update laws across the EU that had not kept up with the digital age we live in.

On 25 May 2018, the GDPR came into effect across the EU (including Malta) and repealed and replaced the previous Data Protection Directive and the domestic laws implementing it. On this day, as in the case of other EU Member States, the GDPR took effect in Malta. The new Data Protection Act, 2018 (Chapter 586 of the Laws of Malta) has also come into effect in Malta. Data controllers and processors had until this date to prepare for the various new, and in some cases, onerous obligations introduced by the GDPR.

With fines as high as €20,000,000 or 4% of an entity’s total worldwide annual turnover, the GDPR introduced a number of rights for data subjects but also a number of obligations that directly impact Maltese and international data controllers and data processors.

Maltese organisations (especially those processing large amounts of personal data) must take all necessary measures to ensure full compliance with this far-reaching law and this, as a matter of urgency.

Over the past years Mamo TCV has carried out several GDPR audits and training sessions for our diverse portfolio of clients and we are now regularly assisting clients with their various data protection obligations at law.

For more information, please visit our GDPR page here where, among other things, you can download our popular (and free) GDPR Guidelines.

Scope of Services
  • Data Protection compliance, including full GDPR due diligence
  • Comprehensive expert legal advisory services
  • Data protection risk assessments
  • Training of DPOs and other staff members
  • Drafting and vetting of layered privacy policies & other notices/documents
  • Drafting and vetting of data processing agreements & addenda
  • Full legal representation in contentious matters and/or IDPC investigations
  • Expedited legal services in case of data breaches.

Key Contacts

Claude Micallef-Grimaud