Privacy Policy

Last updated: 4 July 2026

This Privacy Policy explains how MtLocalGoodies collects, uses, shares and protects your personal data when you use our website. MtLocalGoodies is a directory that helps people in Malta and Gozo discover verified local businesses. We do not sell goods, take orders or handle payments between you and a business, so we collect far less data than a shop would. We handle what we do collect lawfully, fairly and transparently under the EU General Data Protection Regulation (GDPR) and Maltese data protection law. Any question, write to us at info@mtlocalgoodies.com.

1. Data controller

The data controller responsible for your personal data is Lukasz Samelko, who is registered in Malta and operates MtLocalGoodies as part of his marketing services, in accordance with the laws of Malta.

2. What we collect

We only collect what we need to run the directory and support the people who use it:

When you find a business on MtLocalGoodies and contact it directly, for example over WhatsApp or by phone, that conversation happens between you and the business, on their own channel. We are not part of it and do not receive its contents.

3. How and why we use your data (lawful bases)

Under the GDPR we rely on the following lawful bases:

4. Who we share your data with

We never sell your personal data. We share it only with the providers we need to run the service, each acting under their own data protection obligations:

We do not pass your personal data to the businesses listed in the directory. If you choose to contact one of them, you do that directly and share only what you decide to tell them.

5. International transfers

Some of our providers (such as Stripe, Formspree and Google) may process data outside the European Economic Area. Where that happens, the transfer is protected by appropriate safeguards recognised under the GDPR, such as the European Commission’s Standard Contractual Clauses or an adequacy decision, so your data keeps an equivalent level of protection.

6. How long we keep your data

We keep listing and membership data for as long as your listing is active and then only as long as we need it to meet our legal, accounting and tax obligations, after which it is securely deleted or anonymised. Enquiry emails are kept while we deal with them and for a reasonable period afterwards. Analytics data is retained for the period set in our Google Analytics configuration. Consent records are kept for as long as we need them to show we complied.

7. Your rights

Under the GDPR you have the right to:

To exercise any of these rights, email info@mtlocalgoodies.com. We will respond within the time limits set by the GDPR.

8. Your right to complain

If you believe we have not handled your data properly, you can lodge a complaint with the Maltese supervisory authority, the Information and Data Protection Commissioner (IDPC), at idpc.org.mt. We would rather put it right first, though, so please contact us and give us the chance.

9. Security

We use appropriate technical and organisational measures to protect your data against loss, misuse and unauthorised access. Membership payments are encrypted and handled by Stripe, and we limit access to personal data to the people who need it to run the service.

10. Changes to this policy

We may update this Privacy Policy from time to time. The current version always carries the “last updated” date shown above, and material changes will be reflected here.

11. Contact us

For any privacy question or to exercise your rights, contact MtLocalGoodies at info@mtlocalgoodies.com.