NIC(Malta) logo

  Network Information Centre Malta

  privacy policy statement 

 You are using IPv4 from 

 [about]  [.mt domains]  [contact us]  [news]  

As the .mt registry and Data Controller, NIC(Malta) collects and processes personal data directly or indirectly, in order to administer .mt domain names. This Privacy Policy, is in line with the General Data Protection Regulations (GDPR 2016/679) and other applicable data protection legislation and will explain what personal data is collected by NIC(Malta) and how this data is processed.

1. What personal data does NIC(Malta) collect and process?

Handles are used to register and manage .mt domain names. When registering a domain name, an agreement is reached between NIC(Malta) and the Holder (Registrant) of the domain name. Personal data is collected and processed to perform this agreement.

Personal data collected by NIC(Malta) includes:

  • Full name and surname of natural persons

  • Email address

  • Postal address

  • Contact number

  • Payment card details when processing payments.

  • Signatures contained within documents that are submitted to us

  • IP address while accessing our online services

The agreement between NIC(Malta) and the Holder shall not be possible if any of the requested correct personal data is not provided in full.

NIC(Malta) may request to see documentary evidence to confirm the identity of the Holder. Once verified such documents shall be destroyed and disposed of in the correct manner.

NIC(Malta) has taken measures to ensure that its employees only have access to personal data when required for the performance of their respective tasks in the organisation. This prevents unnecessary exposure of personal data and further minimises the risk of data leaks.

2. How do we collect your data?

Most of the personal data we collect is either provided directly by yourselves, or by the Agents; in the case where the Holder (Registrant) has appointed separate agents to manage the domain on his behalf.

We collect and process data in various ways, including when you:

  • Register and maintain a Handle, and, possibly, during other stages of registration, renewal and maintenance of a domain name;

  • In correspondence that you may have with NIC (Malta); and

  • Use or view our website.

3. How will we use your data?

NIC(Malta) collects your personal data so that we can provide our services, such as those related to

  • The various stages of handle and domain application and registration processes; and

  • Email you with information about a new product or service which we think you might be interested in.

NIC(Malta) may contact you to confirm whether the registration details are accurate and this will be done only if need may arise.


The Whois is a publicly accessible database containing the details of every duly registered domain name. When registering a domain name, your data will be added to the Whois database.

Natural persons can hide all their contact details from being accessible in our Whois database and appoint a separate legal entity to act as Administrative Agent, to be published in the database on their behalf. The Administrative Agent will be the point of contact of the respective domain name.

The Handle Contact Person name is not shown in the Whois. We advise natural persons not to enter personal details in the other Handle contact details when responsible for legal persons, but to use generic contact details instead, such as generic email addresses.

4. Retention of personal data

NIC(Malta) retains your personal data to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. This personal data shall not be kept for no longer than necessary.

5. Disclosure of personal data

Personal data can be shared between the Agents/Holder associated with the same domain name. NIC(Malta) may also share your personal data with third parties, such as our service providers. Such third parties are required to treat your personal data in accordance with the law and to only process your data for the agreed purposes and in accordance with our instructions.

NIC(Malta) may disclose personal data as may be necessary in order to:

  • protect against abuse, misuse or unauthorised use of our systems;

  • protect the personal safety or property of our customers and users (e.g. if you provide false or deceptive information about yourself or attempt to pose as someone else, we shall disclose any information we may have about you in our possession so as to assist any type of investigation into your actions);

  • provide you with a particular service that you may request; or

  • perform any contract you may have entered into with us.

We may also use your personal data to satisfy relevant regulations, to answer to claims or requests that are raised by third parties, such as by public and/or government authorities (irrespective of your and the third parties’ country of residence/establishment) and to protect all our rights.

We may also have to share data with the authorities in the context of legal requirements (e.g. a judicial investigation). Sometimes we also have to disclose the data to judicial or legal representatives of third parties who wish to assert certain rights on one or more specific domain names.

If NIC(Malta) receives a request to share personal data in the context of a legal requirement from a country or authority outside the European Economic Area (EEA), our data protection officer will perform a prior legal analysis and then decide whether or not the request can be granted. The decision will depend, among other things, on the motivation (e.g. in the context of legal proceedings) and proportionality of the request and whether there are adequate safeguards to prevent further processing of these data.

6. Your data protection rights

You have your own data protection rights, these are:

The right to access - You have the right to request NIC(Malta) to send you a copy of personal data we have stored concerning you.

The right to rectification - You have the right to correct and/or complete any inaccurate personal data. Most of this data can be updated online through our website.

The right to be forgotten - You may request NIC(Malta) to delete the personal data we have about you. This can only be done under certain conditions, for example, if the personal data that we have collected are no longer relevant for the purpose for which they were collected or processed.

The right to restrict processing - You have the right to request that NIC(Malta) restrict the processing of your personal data. This can be done under certain conditions. For example, if you need your personal data to assert, exercise or defend legal claims, but NIC(Malta) no longer requires such data for the purposes of the processing.

The right to object to processing - We do our utmost to keep the processing of personal data to minimum. However, if you think that you can object to the processing of your personal data, you are welcome to inform us.

Should you wish to exercise any of these rights, you may submit your request in writing to our Data Controller, whose details are available at the end to the Privacy Policy.

7. Security

We make reasonable efforts to safeguard the confidentiality of all personal data that we process relating to you and regularly review and enhance our technical, physical and managerial procedures so as to ensure that your personal data is protected from:

  • unauthorised access;

  • improper use of disclosure;

  • unauthorised modifications; and

  • unlawful destruction or accidental loss.

To this end we have implemented technical measures to protect the personal data that we have under our control. All our employees and data processors, who have access to and are associated with the processing of personal data, are further obliged to respect the confidentiality of personal data in line with the legal requirements found in the GDPR and any application data protection legislation.

8. Cookies

We make use of cookies on our website. A cookie is an element of data that a website can send to your browser, which may then store it on your system. Cookies are retrieved from your system for each session visiting our website. The information gathered through cookies may include the date and time of visits, the pages viewed and the time you spend on our website.

Cookies enable the continuity of a session to be maintained, and a repeat visit to our website to be recognised. However, none of the information collected by means of cookies is associated with the individual user. We do not use cookies to capture individual e-mail addresses nor any personally identifying information. We use cookies to ultimately provide a better online experience for our users.

You can set your browser not to accept cookies, however by rejecting the cookies, some of the services available on our website may become unavailable.

9. Privacy policies of other websites

The NIC(Malta) website contains links to other websites. Our Privacy Policy applies only to our website, so if you click on a link to another website, you should refer to their Privacy Policy.

10. Changes to our privacy policy

NIC (Malta) reserves the right to modify this Privacy Policy at any time. Visitors are invited to consult this Privacy Policy from time to time in order to be aware of any changes. At the end of this Policy is the date when this Policy was last updated.

11. How to contact us

If you have any questions about NIC (Malta)’s Privacy Policy or the data we hold on you, please do not hesitate to contact us on the details below.

Data Controller


University Campus

Msida - MSD 2080

Malta (Europe)

tel: +35623408000

Additionally, should you wish to update or modify any personal data that we process about you, you may do so by modifying the appropriate registration details. Most modifications can be affected online. Other modifications can be requested in writing to the Data Controller at the above address.

We recommend that your personal data is accurate, complete and up-to-date at all times, so we can keep the Internet safe.

If you have questions about the processing of your personal data or your rights, you can contact the Data Protection Officer at

Dated: 15 November 2021

Previous version: 1.2