MFSA Privacy Statement

The Malta Financial Services Authority (“MFSA”) is committed to protect the privacy of individuals who visit the website and make use of the on-line facilities. It does not collect any personal data unless provided by yourselves.

All personal data provided to the MFSA are processed in accordance with the Data Protection Act (Chapter 586 of the Laws of Malta – “the Act”), Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – “the Regulation”) and any other European Union (“EU”) and national law in relation thereto.

Hereunder is a summary of relevant information in regard to the processing of website visitors’ personal data by the MFSA.

Data Controller

The MFSA is the data controller of this website whose premises are situated at Malta Financial Services Authority, Triq l-Imdina, Zone 1, Central Business District, Birkirkara, CBD 1010, Malta.

Information Collected and Purpose for Collection of Such Information

Information collected by MFSA’s servers

Log Information – When you visit the MFSA’s website, the MFSA’s servers automatically record information that your browser sends whenever you visit a website. Such information may include:

– The requested web page or download;

– Whether the request was successful or not;

– The date and time of your visit;

– Your Internet Protocol (“IP”) address or the domain name of the computer from which you accessed the site;

– The operating system of the machine running your web browser, browser type and version, browser language, browser screen size;

– One or more cookies that identify your browser.

The information which the MFSA collects is used only for statistical purposes, on an aggregated basis, on the usage of this website, and solely for the use of the MFSA.

Cookies – Cookies are small pieces of data (text files) sent by a website server to the browser on your computer when you visit the website. Cookies help the MFSA to store user preferences and track usage trends on an aggregated basis.

Information collected by third party servers

The MFSA’s website makes use of third party tools such as Google Analytics, which is an external web analytic service provided by Google Inc. (“Google”) to obtain statistics about the usage of the website. Log information collected by the MFSA’s servers is also sent to servers operated by Google in the United States. This information is used to provide the MFSA with aggregated statistics about the number of browser visits, usage patterns, and searches performed on this website.

Google itself uses this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf.

Google does not associate your IP address with any other data held by Google. By using this website, you consent to the processing of your data by Google in the manner and for the purposes set out above.

You may refuse the use of Google Analytics cookies by downloading and installing the Google Analytics Opt-out Browser Add-on

Personal data provided by the data subject

You may contact the MFSA either through the e-mail address shown on this website or through the contact form.

The MFSA requests and collects your personal data only to the extent necessary in order to provide its replies and / or comments to your questions, feedback and / or suggestions or to provide the services you request in relation to financial services.

Legal Basis

The policy on the protection of individuals in regard to the processing of their personal data is based on the Act, the Regulation and other EU and national law in relation thereto. The MFSA processes personal data in accordance with these laws.


All the personal data you provide are accessible to designated staff members of the MFSA in order to be able to respond to your questions, feedback or suggestions or to provide the services you request in relation to financial services.

The MFSA does not forward your details collected from yourself as a visitor to any third parties including Government Departments unless you give your consent thereto or unless required by law.

Retention Period of Personal Data

Your personal data may be kept for up to twelve months.

Rights as a Data Subject

As an individual you have the right to request from the MFSA access to and rectification or erasure of your personal data, or restriction of processing of these personal data. All these requests must be submitted in writing to the MFSA. In addition, you have the right to lodge a complaint with the Information and Data Protection Commissioner.

Although all reasonable efforts are undertaken to keep your personal data up to date, you are kindly requested to inform the MFSA of any change in such data that it holds.

The provision of the personal data requested by the MFSA through the e-mail address and contact form is not mandatory. There are no consequences for failure to provide the requested information other than that the MFSA will not be able to provide its replies and / or comments or services.

Security of Personal Data

As aforementioned, the MFSA processes your personal data in line with the requirements emanating from the Act, the Regulation and other EU and national law in relation thereto.

Furthermore, the MFSA takes all necessary safeguards, including information technology security support, to prevent unauthorised access.

This website uses Secure Sockets Layer (“SSL”) to ensure secure transmission of your personal data. You should be able to see the padlock symbol in the status bar on the bottom right hand corner of the browser window. The url address also starts with “https://” indicating a secure webpage. SSL applies encryption between two points such as your personal computer and the connecting server. Any data transmitted during the session is encrypted or scrambled and then decrypted or unscrambled at the receiving end. This ascertains that data cannot be read during transmission.

Links to other Websites

The MFSA’s website has a number of links to other local and international organisations and agencies. It is important to note that upon linking to these websites, you are no longer on the MFSA’s website and, consequently, you become subject to the privacy policy of the new website.

Changes to this Privacy Statement

If there are any changes to this privacy statement, the MFSA will replace this page with an updated version. Therefore, it is in your own interest to check the “Privacy Statement” page any time you access the MFSA’s website in order to be aware of any changes which may occur from time to time.

Contact Details of the MFSA’s Data Protection Officer

In case of queries on the processing of your personal data, you may contact the MFSA’s Data Protection Officer at [email protected].