The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap 586) regulate the processing of personal data whether held electronically or in manual form. The Office for the Commissioner for Voluntary Organisations is set to fully comply with the Data Protection Principles as set out in such data protection legislation.
Purposes for collecting data
The Office for the Commissioner for Voluntary Organisations collects and processes information to carry out its obligations in accordance with present legislation. All data is collected and processed in accordance with Data Protection Legislation and the Voluntary Organisations Act 2007 (Chapter 492 of the Laws of Malta) (hereinafter, referred to as Voluntary Organisations Act) and Subsidiary Legislation 492.01 (Annual Returns and Annual Accounts Regulations) 2012 (hereinafter referred to as SL 492.01)
Recipients of data
Personal Information is accessed by the employees who are assigned to carry out the functions of the Office for the Commissioner for Voluntary Organisations. Personal Data will be disclosed to as per provisions of the Voluntary Organisations Act and SL 492.01 Disclosure can also be made to third parties but only as authorised by law.
You are entitled to know, free of charge, what type of information the Office of the Commissioner for Voluntary Organisations holds (in accordance with the provisions of the applicable law) and processes about you and why, and who has access to it, how it is held and kept up-to-date, for how long it is kept, and what the Office of the Commissioner is doing to comply with data protection legislation.
The GDPR establishes a formal procedure for dealing with data subject access requests. All data subjects have the right to access any personal information kept about them by the Office for the Commissioner for Voluntary Organisations either on computer or in manual files, in accordance with the provisions of the applicable law. Requests for access to personal information by data subjects are to be made in writing and sent to the Commissioner for Voluntary Organisations. Your identification details such as ID number, name and surname have to be submitted with the request for access. In case we encounter identification difficulties, you may be required to present an identification document.
The Office of the Commissioner for Voluntary Organisations aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data subject will be informed accordingly.
All data subjects have the right to request that their information is amended, erased or not used, only in the event that the data results to be incorrect, and in accordance with the applicable law.
In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Information and Data Protection Commissioner, whose contact details are provided below.
Your personal data is collected through the provisions of the Voluntary Organisations Act and SL 492.01. Data collected will be retained for at least ten years.
Data that needs to be destroyed after the noted timeframes will be disposed of in an efficient manner ensuring that such information is no longer available within the Office for the Commissioner for Voluntary Organisations.
The Office of the Commissioner for Voluntary Organisations can be contacted at:
Block C, Beltissebħ,
Floriana FRN 1700
Telephone: (+356) 25687261
The Information and Data Protection Commissioner
The Information and Data Protection Commissioner may be contacted at:
Level 2, Airways House,
Sliema SLM 1549