The website is maintained and managed by the National Statistics Office of Malta (NSO).
The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act 2018 (Cap 586 of the Laws of Malta) regulate the processing of personal data whether held electronically or in manual form. The NSO is set to fully comply with the data protection principles as set out in such data protection legislation.
Personal Data Collected and GDPR
The NSO is responsible for the collection, compilation, analysis and publication of a wide range of statistical information and related matters. The NSO is once again entrusted to carry out the Census of Population and Housing according to the Census Act (Cap. 118 of the Laws of Malta) a nationwide project held every 10 years
NSO’s Director General was appointed Census Officer with the powers to request any data he deems necessary for the Census including access to public records and gives power of entry to enumerators collecting data.
The Census Act places a legal obligation on all the persons requested to provide information and empowers enumerators power of entry to collect the necessary information. The GDPR, in Article 6 recognizes ‘legal obligation’ as a basis for the collection of personal data and this enables NSO to collect all the data needed for the Census. However, the NSO must ensure that data is handled according to the principles set out in the GDPR.
All the information provided during the Census project, must be treated as confidential and all reports, summary of statistics and publications in connection with the Census cannot contain any of the particulars comprised in any individual return so arranged as to enable any person to identify any particulars so published as being particulars relating to any individual person (Art. 7(2) of the Census Act)
The NSO, set up by the Malta Statistics Authority Act, in its day to day operations already aims to comply with both national and European Data Protection and statistical legislation. The principles by which the NSO processes personal data , are set out in the Personal Data Protection Policy, which indicates the responsibilities of its officers of statistics. NSO implements appropriate physical, electronic, managerial and disciplinary procedures that protect the information from unauthorised access, the maintenance of data accuracy and the appropriate use of information. Data is handled on a need to know basis and datasets are only accessed by officers according to the needs required.
These practices are also used in the process of the Census 2021.
The Census Act obliges all officers working on the Census to undertake an oath of secrecy. The oath places added legal and criminal responsibility on the officers to make appropriate use of the data being handled and to ensure confidentiality is maintained.
The purposes, methods, storage limitation and retention period of personal data must be consistent with the Information Classification and Handling Procedure and with the Data Retention Policy. The accuracy, integrity, confidentiality and relevance of personal data based on the processing purpose must always be maintained. Adequate security mechanisms designed to protect personal data must be used to prevent personal data from being stolen, misused, or abused, and prevent personal data breaches. Such measures are described within the Anonymisation and Pseudonymisation Policy.
When the NSO learns of a suspected or actual personal data breach, the DPO carries out an internal investigation so appropriate remedial measures are taken in a timely manner, according to the Data Breach Response and Notification Procedure. Where there is any risk to the rights and freedoms of data subjects, the NSO will notify the relevant Data Protection Commissioner without undue delay and, when possible, within 72 hours.
The Data Protection Officer of the NSO may be contacted at:
Dr Sarah Jane Meli
National Statistics Office
Lascaris, Valletta VLT 2000
What is a cookie?
A cookie is a small piece of data that a website asks your browser to store as text strings on your computer’s hard-disk. All cookies are set with expiry dates which determine how long they reside on your browser. Generally, cookies can be removed automatically after the lapse of the expiry date or else can be deleted manually by the user.
You can delete all cookies that are already on your device by clearing the browsing history of your browser. The cookies from all websites you have visited will be removed. However, be aware that you may also lose some saved information like saved login details and site preferences.
Embedded content from other websites
Some of our pages display content from external provided (e.g. You tube, Facebook, and LinkedIn). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.