Privacy Policy

Last updated: 3 May 2026

Who we are

Our website address is: https://maltaindepth.com

This blog is operated by Daniel Farrugia as an independent publication focused on Maltese public affairs. We are committed to protecting the privacy and personal data of our readers and commenters in accordance with the EU General Data Protection Regulation (GDPR) and Maltese data protection law.

For privacy-related questions, data access requests, or any concerns about how your data is handled, please contact us at:

contact@maltaindepth.com

What personal data we collect and why

Comments

When you leave a comment on this site, we collect:

  • The name you provide
  • The email address you provide
  • The comment content
  • Your IP address
  • Your browser user agent string (the technical identifier your browser sends automatically)
  • The date and time of submission

This information is used to:

  • Moderate comments before they appear publicly
  • Detect and prevent spam
  • Maintain an orderly discussion
  • Identify and address abusive behaviour

All comments are manually reviewed and approved by the site administrator before appearing on the site. Your comment will not be visible to others until approval.

Our legal basis for processing this data is legitimate interest in maintaining a moderated, civil, and spam-free public discussion.

Analytics

This website uses Cloudflare Web Analytics to understand readership patterns. This service does not use cookies, does not track individual users across sites, and does not collect personal data in a directly identifiable form. It collects only aggregate, anonymised information including:

  • Page views and visit counts
  • Referrer URLs (where visitors arrived from)
  • Country-level location (derived from IP address but not stored as such)
  • Browser type and device type
  • Page load performance metrics

No data collected through analytics is sold to third parties or used for advertising purposes. The data is used solely to understand which articles readers find valuable and how they reach the site, in order to improve editorial decisions.

For more information about Cloudflare’s privacy practices, see Cloudflare’s privacy policy at https://www.cloudflare.com/privacypolicy/.

Media

If you upload images to the website, please be aware that images may contain embedded metadata including location data (EXIF GPS). Visitors to the website can download and potentially extract such data from publicly visible images. We recommend removing such metadata before uploading.

Cookies

If you leave a comment on our site, you may opt in to saving your name, email address, and website URL in cookies. These are stored on your device for your convenience, so you do not have to fill in your details again when leaving another comment. These cookies last for one year.

If you visit our login page (as an administrator), a temporary cookie will be set to determine whether your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When an administrator logs in, we set several cookies to save login information and screen display choices. Login cookies last for two days, and screen-options cookies last for one year. If “Remember Me” is selected, the login persists for two weeks. Logging out removes these cookies.

Our analytics service (Cloudflare Web Analytics) does not use cookies. We do not currently use third-party advertising or tracking cookies. If this changes in the future, this policy will be updated and, where required, consent will be requested.

Embedded content from other websites

Articles on this site may include embedded content (such as videos, images, or social media posts from other websites). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These third-party websites may collect data about you, use cookies, embed additional tracking, and monitor your interaction with the embedded content, including tracking your interaction if you have an account and are logged in to that website. We do not control these third parties’ practices and encourage you to review their privacy policies.

Hosting and server logs

This website is hosted by Namecheap (EasyWP service). The hosting provider may automatically collect and store technical information such as IP addresses, browser types, request times, and accessed URLs in server logs. This information is typical for the operation of any website and is used by the hosting provider for security, performance, and abuse-prevention purposes.

Server logs are managed by the hosting provider in accordance with their own data protection practices. For more information, see Namecheap’s privacy policy at https://www.namecheap.com/legal/general/privacy-policy/.

Who we share your data with

We do not sell, trade, or rent your personal data to third parties for marketing purposes.

We may share data in the following limited circumstances:

  • With our hosting provider (Namecheap/EasyWP): for the technical operation of the website, including storing comments and site data on their servers located in the European Union.
  • With Akismet (a spam-filtering service operated by Automattic Inc.): comment data including IP address is sent to Akismet for automated spam analysis. Akismet’s privacy policy is available at https://automattic.com/privacy/.
  • With Cloudflare: anonymised analytics data is processed through Cloudflare Web Analytics as described above.
  • When required by law: we may disclose data in response to a valid legal request from law enforcement or judicial authorities, a court order, or where required by applicable law.

We do not voluntarily share commenter data with third parties outside of these circumstances.

Data backups

Routine backups of this website (including comments, content, and any personal data submitted through the comment form) are created automatically and stored on the publisher’s private Google Drive account. Database backups are retained for seven days; full file backups are retained for two weeks. Backups outside these retention windows are automatically deleted.

These backups exist solely for disaster recovery purposes — to restore the website in the event of technical failure, attack, or accidental data loss. They are not used for any other purpose, are not shared with third parties, and are accessible only to the publisher.

How long we retain your data

If you leave a comment, the comment and its associated metadata (name, email, IP address, timestamp) are retained indefinitely so that we may preserve the continuity and historical record of public discussion on our articles, and so that we can recognise repeat commenters for moderation purposes.

You may at any time request that your comments or personal data be deleted by contacting us (see below). We will process such requests promptly in accordance with your rights under GDPR.

For users with administrative accounts, personal information is stored in their user profile. Administrative users can see, edit, or delete their personal information at any time (except usernames, which cannot be changed).

Backups containing personal data are retained for the periods described in the “Data backups” section above and then automatically deleted.

What rights you have over your data

Under the GDPR, if you are a resident of the European Union or European Economic Area, you have the following rights:

  • Right of access: you can request a copy of the personal data we hold about you.
  • Right to rectification: you can request correction of inaccurate data.
  • Right to erasure (“right to be forgotten”): you can request that we delete your personal data, subject to certain legal limits.
  • Right to restrict processing: you can request that we limit how we use your data.
  • Right to data portability: you can request to receive your data in a structured, commonly used format.
  • Right to object: you can object to processing based on legitimate interest.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at the email address listed above. We will respond within one month, as required by GDPR.

You also have the right to lodge a complaint with the Information and Data Protection Commissioner of Malta (IDPC). Contact details are available at https://idpc.org.mt.

Where your data is sent

Visitor comments may be checked through Akismet, an automated spam-detection service operated by Automattic Inc. Personal data submitted in comments (including IP addresses) may be transferred outside the European Union in the course of this spam-detection processing. Automattic participates in the EU-US Data Privacy Framework and applies appropriate safeguards for international data transfers.

Our website hosting is provided by Namecheap (EasyWP) with servers in the European Union.

Cloudflare Web Analytics processes data through Cloudflare’s global infrastructure. Cloudflare is a US-based company subject to relevant international data transfer safeguards.

Confidential communication

Readers should be aware that the blog’s public comment form is not a secure channel. Please do not submit sensitive, personal, or confidential information through comments. For confidential communication, contact us via email at the address above.

Security of your data

We take reasonable technical and organisational measures to protect your personal data, including:

  • Encrypted connections (HTTPS/SSL) for all site traffic
  • Two-factor authentication on administrative accounts
  • A web application firewall (Wordfence) and malware scanning
  • Access controls on administrative functions
  • Regular software updates and security monitoring
  • Moderation of all comments before publication

No method of electronic transmission or storage is entirely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

Children’s privacy

This website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has submitted personal data to this site, please contact us so we can remove it.

Changes to this privacy policy

We may update this privacy policy from time to time to reflect changes in our practices or legal obligations. The “Last updated” date at the top of this policy will indicate when it was most recently revised. We encourage you to review this policy periodically. Significant changes will be announced on the site where practicable.

Contact

For any privacy-related questions, concerns, or data requests:

Email: contact@maltaindepth.com

Data Controller: Daniel Farrugia

Website: maltaindepth.com