The General Data Protection Regulation (GDPR) will come into force on 25th of May 2018. The Malta Gaming Authority (MGA) recognises the gaming industry’s concern about GDPR compliance and how it will impact the industry. For this reason, it has published a guidance document after consultation with the Information and Data Protection Commissioner (IDPC), which is the responsible supervisory authority for regulating the application of data protection legislation.
It will remain the responsibility of MGA licensees to ensure they are compliant with the GDPR and with the gaming regulatory framework.
These guidelines are considered to be a living document and will be further developed over time as practical issues arise with the effective implementation of the GDPR. They are to be read in parallel with legal requirements imposed on Operators by virtue of Maltese gaming laws, and are without prejudice to the said legislation. Furthermore, such guidelines and the interpretations contained therein are without prejudice to any decision which the Commissioner may take in relation to complaints and, or to any other specific data protection issue.
These interpretations are also without prejudice to any further guidelines or opinions that might be issued by the Article 29 Data Protection Working Party and, as from 25th May 2018, by the European Data Protection Board.
GDPR is aimed at harmonising data protection regulation across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations across the region approach data privacy.
The GDPR builds on the foundations of the current data protection legislation demanding more from organisations in terms of accountability for the use and retention of personal data and enhances individuals’ rights to data privacy.
Our team is able to offer guidance on the required corporate restructuring and the introduction of new internal GDPR policies. For more information please contact us on [email protected] or +356 2557 2557.