Procurement Current Schemes Get Involved

Search

Search in Website

The Environment Protection Act (Cap. 549) establishes the framework for safeguarding Malta’s environment and ensuring sustainable development. Within this legal framework, Project Green (PG) has been set up with the mission to implement and promote initiatives that contribute to a greener, more sustainable Malta.

The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap. 586), including the regulations made thereunder, regulate the processing of personal data, whether held electronically or in manual form if it forms part of a filing system. Project Green is set to fully comply with the applicable provisions of the data protection legislation.

 

Legal Basis and Purposes of Processing

The legal basis and the purposes of processing with regard to the processing operations conducted by PG are the following:

 

Processing Operation

Project Green collects and processes personal data in line with its responsibilities for the protection, management, regulation, monitoring, investigation, and documentation in relation to environmental sustainability, protection, and community projects.

This includes processing information related to applications for the Register of PG NGOs and FOIs, as well as other environmental-related regulatory and administrative functions.

In certain cases, processing may be necessary to fulfil PG’s mandate in implementing and promoting green initiatives.

 

Legal Basis for Processing 

PG processes personal data based on the following legal grounds, in accordance with the General Data Protection Regulation (GDPR) and national laws:

  • Legal Obligation (Article 6(1)(c) GDPR): Processing is necessary for PG to comply with legal obligations under the Environment Protection Act (Cap. 549) and related legislation.
  • Public Interest (Article 6(1)(e) GDPR): PG carries out tasks in the public interest, particularly in relation to environmental sustainability, protection, and community projects.
  • Legitimate Interests (Article 6(1)(f) GDPR): In certain cases, processing may be necessary to fulfil PG’s mandate in implementing and promoting green initiatives.

 

Purposes of Processing 

The personal data collected by PG is processed strictly for purposes that align with its statutory functions and may include:

  • Managing applications for environmental projects, schemes, and permits.
  • Processing stakeholder input and feedback from public consultations.
  • Coordinating with government entities, NGO’s, and local councils on green projects.
  • Monitoring compliance with environmental regulations.
  • Promoting awareness and engagement in sustainability initiatives.
  • Disseminating information and updates related to green projects.
  • Sharing and ensuring compliance with national and EU environmental obligations.
  • Sharing information with competent authorities or law enforcement when legally required.
  • Manages tenders applications documentation and maintains tender agreements and data process agreements.

 

Personal Data and Special Categories of Personal Data

The categories of personal data and the special categories of personal data that will be processed are as follows:

 

Categories of Personal Data

Personal contact details, identification details, application forms, identification numbers, bank account numbers, project information, HR application and consultant forms details.

 

Special Categories of Personal Data

PG does not routinely process special categories of personal data (e.g. racial or ethnic origin, political opinions, religious beliefs, health data). Where such processing is necessary (e.g. accessibility requirements or sensitive project impacts), this will be carried out strictly in line with Article 9 GDPR, ensuring appropriate safeguards are in place.

 

Source/s

– Other Government Entities or Public Authorities in relation to environmental protection.
– Publicly Accessible Sources such as registers, publications, and consultation feedback.

 

Recipients of Personal Data

Personal data may be disclosed to:

  • Government entities and public authorities in line with PG’s mandate under the Environment Protection Act (Cap. 549).
  • Other Competent Regulatory Authorities – Personal data may be disclosed to government bodies or authorities responsible for cultural heritage management, regulatory compliance, or enforcement of legal obligations.
  • Law Enforcement Agencies – In cases where disclosure is required by law or necessary for investigative, prosecutorial, or security-related purposes.

Disclosure can also be made to third parties, but only as authorised by law.

 

Your Rights

Your rights as data subjects in connection with the processing of your personal data are:

  • The right to receive a copy of your personal data undergoing processing, including information in relation to the processing activities.
  • The right to request us to rectify personal data you think is inaccurate. You also have the right to ask us to complete personal data you think is incomplete.
  • The right to request the erasure of your personal data in certain circumstances.
  • The right to request the restriction of your personal data in certain circumstances.
  • The right to portability of your personal data in relation to information that you have given us.
  • The right to object to the processing of your personal data if we are able to process your information because the process forms part of our public tasks or is in our legitimate interests.
  • The right to not be a subject to a decision based solely on automated processing including profiling.
  • The right to withdraw your consent at any time, where applicable.

Requests to exercise your rights are free of charge and should preferably be made in writing and sent to the Data Protection Officer of Project Green. Your identification details such as ID number, name and surname must be submitted with the requests for the purpose of verifying your identity. In case the controller has reasonable doubts concerning your identity, you may be requested to provide additional information necessary to confirm it.

PG aims to comply as quickly as possible with the request and is obliged to respond without undue delay and at the latest within one (1) month from receipt of the request.

The right exercise by the data subject may be limited or restricted, where necessary, pursuant to the applicable law.

 

Contact Details

The Data Protection Officer of Project Green may be contacted at:

Data Protection Officer
Project Green
Avenue 77, Triq in-Negozju,
Zone 3 Central Business District,
Birkirkara CBD3010, Malta

Email: dpo.pg@projectgreen.mt

 

The Data Controller of Project Green may be contacted at:

Data Controller
Project Green
Avenue 77, Triq in-Negozju,
Zone 3 Central Business District,
Birkirkara CBD3010, Malta

Email: info@projectgreen.mt

 

You have the right to lodge a complaint with the supervisory authority, which may be contacted at:

Information and Data Protection Commissioner
Airway House,
Triq il-Kbira,
Sliema SLM 1549, Malta

Email: idpc.info@idpc.org.mt
Website: https://idpc.org.mt

Project Green

Project Green

I will be back soon

Project Green
Hey there 👋
How can I help you?
Start Chat with: messenger
Messenger