Skip to content

Privacy Policy

Dalli Advocates (“we”, “our”, or “us”) acknowledges its responsibilities as a Data Controller under relevant data protection and privacy regulations, primarily the General Data Protection Regulation (EU) 2016/679, complemented by the Data Protection Act (Chapter 586 Laws of Malta), and any other applicable laws as may be amended from time to time.

We value your privacy and hence we want to make sure you are informed how we use and share your personal information, in terms of Article 13 of the General Data Protection Regulation, which policy can be easily accessible via a link at the bottom of each web page.

This Privacy Policy is meant to be considered alongside any additional privacy policies provided on specific occasions when collecting or processing your Personal Information. It aims to provide a comprehensive understanding of how and why we process your Personal Information, acting as a supplement to these policies rather than replacing them.

By using our Services, you acknowledge that you have read and understood this Privacy Policy.

The Services referred to in this Privacy Policy include when:

  • you approach and engage us to provide you with our legal and advisory services (the “Services”);
  • receive the various Services that you may request from us during the course of this engagement; and/or
  • you visit and use our website (, regardless of where you visit and use it from.
  • Response to any queries you contact us about via social media, namely through; Twitter, Facebook, LinkedIn, and the ‘Contact Us’ Form included on our website.

This includes any data that you may provide for and in relation to our newsletters, legislative updates, events and other marketing and promotional communications.

Kindly note that, by engaging us as your lawyers or other advisors, you enter into a contractual relationship with Dalli Advocates, as subject to and governed by our Letter of Engagement. This Letter of Engagement stipulates that we will process your personal data in accordance with the practices set out in this Notice.

  1. Data Controller

The data controller of this website is the Dalli Advocates, 280E Republic Street, Valletta, MALTA.

  1. Data Protection Officer

Our Data Protection Officer may be contacted on [email protected] or via our postal address.

  1. Types of personal data we collect

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Upon visiting our website or premises, the subsequent information will be automatically processed exclusively for our use:

    • we may collect personal information in the process of submission of forms through the website;
    • the requested web page or download;
    • whether the request was successful or not;
    • the date and time when you accessed the site;
    • limited logs of IP address of the web site or the domain name of the computer from which you accessed the site. We do not use IP address logs to track your session or your behaviour on our site;
    • the operating system of the machine running your web browser and the type and version of your web browser;
    • Cookies are small pieces of data that the site transfers to the user’s computer hard drive when the user visits the website. This website makes limited use of cookies and consequently, for any further information, you are being guided to visit our Cookies Policy;
    • Your bank account details and other financial information;
    • CCTV footage, when you visit Our offices; and
    • Any personal data which you may voluntarily provide to Us.
  1. Use of personal data collected

We may use your data to:

  • Evaluate the potential establishment of a professional relationship with you, offer assistance, and deliver the requested services.
  • Formalize an engagement arrangement with you.
  • Verify and confirm your identity.
  • Adhere to our legal obligations, particularly those pertaining to anti-money laundering and the prevention of terrorism funding.
  • Conduct conflict checks for due diligence purposes.
  • Oversee our association with you or your company, encompassing billing and debt collection requirements.
  • Satisfy internal compliance policies and requirements.
  • Maintain internal records, including file management.
  • Fulfill external mandatory reporting obligations to entities such as the FIAU, the MFSA, the MBR, the Police, and other public, regulatory, law enforcement, or tax authorities, both domestic and overseas.
  • Furnish information about our services, as well as legal updates, news, and events organized by the firm.
  • Administer and safeguard our business and the website, encompassing troubleshooting, data analysis, testing, system maintenance, support, reporting, and data hosting.
  • Market our services to you via email or other channels if you have subscribed to our mailing lists.
  • Pursue legitimate interests, whether by us or a third party, provided such interests do not override your fundamental rights, freedoms, or interests.

Additionally, we may process your personal data when explicit consent is provided, utilsiing the data for the specific purposes outlined during the request for explicit consent. Processing data based on consent is not anticipated, except in the instances of (i) job applicants at Dalli Advocates who wish for us to retain their personal data for future contact regarding potential job openings of interest, and (ii) communications related to legal updates, newsletters, and events when there is no underlying legitimate interest for us to send you such communications.

Special categories of personal data

On occasion, we may find it necessary to gather and handle specific special categories of personal data, potentially involving details related to your criminal convictions and offences. By availing our services, your explicit consent for processing such data to fulfil your service requests is implied. Additionally, the processing of third-party special categories of data may occur, authorised and in compliance with our legal obligations.

It is important to note that the legal professionals and other advisors within Dalli Advocates are bound by stringent professional confidentiality commitments.

We will not share your information with any third parties for the purposes of direct marketing.

We will retain the Personal Information only for the period necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

The Website is not intended for minors, and we do not knowingly collect data relating to minors except and unless where it is necessary in order to provide you with the Services that you may request from us (most commonly, where the requested Services concern your family, including your children). We will treat any information relating to minors which is disclosed to us in connection with the Services in a sensitive manner and with the utmost confidentiality.

It is imperative that the personal data we hold about you is accurate and current at all times. Otherwise, this will impair our ability to provide you with the requested Services (amongst other potential and salient issues). Please keep us informed if your personal data changes during the course of our engagement and professional relationship with you.

  1. Applicable legal grounds

We process your Personal Information where the following legal grounds apply:

  • You have provided us with your consent (in such cases, you will be provided with clear information as to what you are consenting to and how you can withdraw your consent);
  • Processing is necessary for our legitimate business interests, including the effective running of the website; managing compliance; monitoring trends; developing new products; improving performance; and for the establishment, exercise and defence of legal claims;
  • Processing is necessary to comply with legal obligations which we are subject to;
  1. Your Rights

Subject to regulation 4(f) of Subsidiary Legislation 586.09, as an individual you may exercise your rights to the personal data processed by us, including: 

    • Right of access: You have the right to obtain for us confirmation whether personal data concerning you is being processed, and where that is the case, access to the personal data and the additional information as outlined in the regulations. You can ask us for copies of your personal data that is being processed. There are some restrictions which means you may not always receive all the information we process.
    • Right to rectification: You have the right to ask us to modify your personal data in case you belief that your personal data is not correct, up to date or accurate.
    • Right to erasure: You have the right to ask us to delete your personal data in certain circumstances.  This not an absolute right, a is limited by, and subject to all our compliance, regulatory and legal obligations. 
    • Right to restriction of processing: You have the right to ask us to restrict the processing of your information in certain circumstances. 
    • Right to data portability: You have the right to ask us to provide you with an electronic copy of the personal data that you have provided.  You may also request us to forward such data to another controller. This right only applies if we are processing information based on your consent and processed by automated means.
    • Right to withdraw your consent: You have the right to withdraw your consent at any time if such processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), without affecting the lawfulness of such processing taking place before its withdrawal.
    • Right to lodge a complaint: Should you require any clarification or need to discuss matters relating to the processing of your Personal Information, you may contact the Data Protection Officer by e-mail at [email protected]

In the case you are not satisfied with the outcome, as a data subject, you also have a right to lodge a complaint with the Information and Data Protection Commissioner, either online, via the submission of a report by conventional mail, or by email at [email protected]. Also, you may seek to enforce your rights through judicial remedy.

No fees are applicable when exercising your rights. You will be provided with a response within one month. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

Occasionally, if your request is particularly complex or you have made a number of requests, we may extend our response time up to three months. In any case, we will inform you accordingly.

We may need to request specific information from you to help verify your identity. This is a security measure to ensure that personal data is not disclosed to unauthorised third parties.

We may also contact you to ask you for further information or clarification in relation to your request to speed up our response.

  1. Third-Party Websites links 

The website may contain links to third-party websites, plug-ins, and applications. Please be aware that you are responsible for reviewing the privacy policy of each visited website. We do not assert ownership over third-party websites linked through our site, and we are not accountable for their content or control.

Upon accessing these external websites, you will no longer be governed by our policy but by the privacy policy of the respective site. It is highly recommended that you carefully read the privacy notice of every website you visit, especially when departing from our website.

  1. Website Security Measures

This site uses Secure Sockets Layer (SSL) to ensure secure transmission of your personal data.  You should be able to see the padlock symbol in the status bar on the top left-hand corner of the browser window.  The url address also starts with https:// depicting a secure webpage.  SSL applies encryption between two points such as your PC and the connecting server.  Any data transmitted during the session will be encrypted or scrambled and then decrypted or unscrambled at the receiving end.  This will ascertain that data cannot be read during transmission.

  1. Disclosure

We may need to provide access to, disclose, or share your personal data with the following entities:

  • Other law firms participating in delivering services to you, including those we collaborate with or engage on your request or behalf.
  • Suppliers and external agencies processing information on our and/or your behalf, facilitating the provision of requested information and/or materials.
  • Service providers, including those offering IT support and system administration services for Dalli Advocates.
  • Professional advisers such as consultants, bankers, professional indemnity insurers, brokers, and auditors.
  • Regulatory bodies, authorities, and entities, including but not limited to the Commissioner for Revenue, the Courts of Malta, the Financial Intelligence Analysis Unit, the Police Authorities, and the Malta Financial Services Authority.

In the event of a business change, the new owners may utilise your personal data in alignment with the terms specified in this Notice.

  1. Data Retention

Kindly be aware that Dalli Advocates regards its professional association with clients as a continual and uninterrupted commitment, lasting until the termination aligning with the stipulations outlined in our Letter of Engagement.

Whenever feasible, we may anonymise the data within our possession about you once its necessity for identification purposes has ceased. Under certain conditions, we might also pseudonymise your personal data, rendering it no longer associated with you, for research or statistical purposes. In such instances, we reserve the right to utilise this information indefinitely without providing additional notice to you.

  1. Changes to this Privacy Policy

This Privacy Policy may change from time to time. If there are any changes to this privacy policy, we will replace this page with an updated version. It is therefore in your own interest to check this policy any time you access our web site so as to be aware of any changes which may occur from time to time.

  1. Feedback

Any comments or suggestions that you may have and which may contribute to a better quality of service in relation to this website will be welcome and greatly appreciated.

This Privacy Policy was last updated on 09.11.2023