The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act 2018 (Cap 586 of the Laws of Malta) regulate the processing of personal data whether held electronically or in manual form. 2i Limited is set to fully comply with the Data Protection Principles as set out in such data protection legislation.
2i Limited manages the implementation of IT programmes in Government to enhance public service delivery and provides the infrastructure needed to execute ICT services to Government. 2i Limited is also responsible to propagate further use of ICT in society and economy and to promote and deliver programmes to enhance ICT education and the use of ICT as a learning tool.
2i Limited collects and processes information to carry out its obligations in accordance to the General Data Protection Regulation 2016/679, the Electronic Communications Data Protection Directive 2002/58/EC, the Directive 2016/680, the GMICT Policy, and all applicable laws and regulations relating to the processing of personal data and privacy.
2i Limited implements appropriate physical, electronic, managerial and disciplinary procedures that protection the information from unauthorised access, the maintenance of data accuracy and the appropriate use of information.
Personal Information is accessed by 2i Limited employees who are assigned to carry out their functions in accordance to the business process of the Agency. Personal data may also be disclosed to Public Authorities and third parties as authorised by law. The citizen’s rights are safeguarded by the Data Protection legislations, other National laws, as well as by 2i’s Limited internal policies and procedures.
You are entitled to know, free of charge, what type of information the Agency holds and processes about you and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what the Unit is doing to comply with data protection legislation.
The GDPR establishes a formal procedure for dealing with data subject access requests. All data subjects have the right to access any personal information kept about them by 2i Limited, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing, or by using 2i’s Limited Data Subject Access Request Form and sent to the 2i’s Limited Data Protection Officer. Your identification details such as ID number, name and surname have to be submitted with the request for access. In case we encounter identification difficulties, you may be required to present an identification document.
2i Limited aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data subject will be informed accordingly.
All data subjects have the right to request that their information is amended, erased or not used in the event the data results to be incorrect.
In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Information and Data Protection Commissioner, whose contact details are provided below.
The Rentention Policy outlines the retention requirements for the various categories of documentation held within 2i Limited.
Data that needs to be destroyed after the noted timeframes will be disposed of in an efficient manner ensuring that such information is no longer available within 2i Limited.
What is a cookie?
A cookie is a small piece of data that a website asks your browser to store as text strings on your computer’s hard disk. All cookies are set with expiry dates which determine how long they reside on your browser. Generally, cookies can be removed automatically after the lapse of the expiry date or else can be deleted manually by the user.
Which types of cookies does this website utilise?
This website only makes use of session cookies, that are temporary cookies which are used to give you access to the content of this website. These types of cookies expire and are deleted as soon as you close the browser. We also track cookies anonymously for website analytics to provide the Office with the necessary information on the site’s traffic. You can set your browser to reject all cookies.
Eligible persons may submit Freedom of Information (FOI) requests to all Public Authorities, including those listed under the Office of the Prime Minister. The requests have to be in written format on the prescribed forms and have to be delivered to an office of the Public Authority, either electronically – by e-mail or through the website www.foi.gov.mt, or manually or by post.
SUBMITTING A REQUEST/COMPLAINT
In order to be eligible to submit FOI requests, a person has to be a resident in Malta and to have been so for a period of at least five years. Such person has to be also either a citizen of Malta or a citizen of any other Member State of the European Union or a citizen of any other state the citizens of which have a right, in virtue of any treaty between such state and the European Union, to be treated in Malta in the same manner as citizens of Member States of the European Union.
Obtaining Request for Document/Information Forms
Request for Document/Information Forms are available for download from this website or from the Freedom of Information website at www.foi.gov.mt. They can also be obtained from the various Public Authorities (either by calling on site or through their respective websites). Applicants can submit a request directly through the above-indicated portal either through e-ID or by filling the online form.
Information to be provided
When filling in the Request Form, the applicant will be required to provide his contact details, such as the number of the Identity Card or residence permit, the telephone number as well as his electronic address. These details are required, amongst other things, to facilitate contact with the Public Authority. The applicant will need to give an indication of the documentation/information he wishes to obtain. The applicant will also need to indicate the format in which he wishes to receive such document and information.
Types of requests
One may ask for any document held by a public authority without giving reason or justify his request. In the case of documents that are a recording of sounds and visual images, the Public Authority may make arrangements for the applicant to hear or view those sounds or visual images as long as it is possible. Access to a document must be provided in accordance with the applicant’s preference.
Applicants may seek information in relation to a decision or recommendation made by the Public Authority in respect of them. In such cases, the request must be made within 6 months from the relevant decision or recommendation. If there is a lapse of time from the date when the relevant decision/recommendation is taken and the date when the person learns about the decision/recommendation, the six months will apply as from the date when the person learns about the decision/recommendation.
FOI requests will be duly acknowledged by the Public Authorities. The Public Authority undertakes to submit notification indicating whether a request would be met or not in terms of the Freedom of Information Act as soon as reasonably practicable, and in any case within twenty (20) working days. Such timeframe may be extended by up to forty (40) working days in line with Article 11 of the Freedom of Information Act, in which case the applicant will be given notice of the extension and the reasons, therefore.
Processing of request
Once it establishes that a request is an FOI request and can be addressed from its end, the Public Authority will determine whether it can provide the applicant with the document/information requested (in full or in part) or whether it will refuse the request. Prior to taking a decision in this regard, the Public Authority shall consider whether any of the exemptions listed in the FOI Act apply. The Public Authority will submit notification of whether the request will be accepted or not within 20 working days from its receipt however it can apply an extension of up to an additional of 40 working days.
The Public Authority will also verify whether the requested document/information is held at its end. If this is not the case, such Public Authority will seek to identify the proper entity to whom the request should be submitted and will transfer such application accordingly (informing the applicant in the process). If no alternative entity is identified (meaning that the document/information cannot be traced at any Public Authority) the applicant will be informed accordingly.
Payment of Fee
The Public Authority may charge fees to cover costs. These fees shall be levied in accordance with the Fees charges by Public Authorities for Access to Documents Regulations, 2010 (LN 158/2010) and the total applicable fee shall not exceed EUR 40.
No additional fees can be levied for submitting applications or complaints.
The applicant is entitled to submit a complaint to the same Public Authority within a maximum of 30 working days from the date of the last relevant communication by the Public Authority. Subsequent and different complaints on the same request can only be submitted to the Public Authority after the said Public Authority answers to the original complaint or following the lapse of 10 working days from the date of submission of the complaint.
Complaints may be submitted for the following reasons:
If, subsequently, the applicant remains unsatisfied with the response received, he/she may lodge an appeal with the Information and Data Protection Commissioner (IDPC) within 60 working days from the date of the notification by the Public Authority. Should the applicant remain dissatisfied with the outcome of this procedure, he or she may appeal the decision through the Information and Data Protection Appeals Tribunal within 20 working days from the last relevant communication by the IDPC. An appeal from this decision may be registered at the Courts of Appeal within 30 working days from the last relevant communication of the Information and Data Protection Appeals Tribunal.
Internal complaints procedure
A complaint may be lodged by filling the Internal Complaints Procedure Form and forward it to the pertinent FOI officer. The FOI officer will eventually inform the complainant about the outcome of his/her complaint, informing about the possibility to lodge an appeal with the Information and Data Protection Commissioner (IDPC) in accordance with Articles 9 (Fees) and 23 of the Freedom of Information Act, Cap. 496.
You can access the documents listed below from this link: