Privacy Policy — Laws of Malta

Last updated: May 2026. Regulation (EU) 2016/679 (GDPR) · Data Protection Act (Cap. 586)

1. Data Controller

Laws of Malta — lawofmalta.com. Email: mario.aquilina23@proton.me. Controlled from: Malta (EU). Processing may occur on infrastructure operated by third-party providers in the EU and internationally.

2. Data We Collect and How We Use It

AI Chat Queries

When you use the AI assistant, your query is sent to Anthropic (the AI provider) to generate a response. We do not persist chat content on our application servers after processing. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Retention: Chat content is not persisted on our servers after processing. Anthropic may retain data per their own policy. Transfer to Anthropic, Inc. (USA) under Standard Contractual Clauses (SCCs) in accordance with GDPR Art. 46.

Browser localStorage

We store preferences in your browser's localStorage on your device only — not on our servers: language preference (EN/MT), last 30 chat messages to persist conversation, bookmarked laws, recently viewed laws, and your cookie consent choice. This stays in your browser until you clear browser data or use the Clear Chat function. We do not share it with anyone.

Voluntary Donations

If you make a donation via PayPal or Revolut, their payment processors collect and handle your payment data under their own privacy policies. We receive only confirmation of the amount donated.

3. Cookies

We use two categories of cookies: Essential (always active) and Analytics (with consent only). We do not use advertising or social media cookies. Google Analytics is only activated if you choose to accept analytics. Until consent is given, the site runs on essential cookies only. You can modify or withdraw consent at any time using the Cookie Settings link at the bottom of any page.

4. Third-Party Processors

  • Anthropic, Inc. (USA) — AI chat text processing — anthropic.com/privacy
  • Google Analytics GA4 (USA) — Visitor analytics, consent only — Measurement ID: G-QYG8G21X5H — policies.google.com/privacy
  • Vercel, Inc. (USA) — Platform hosting, CDN, Vercel Analytics (page-view telemetry) and Speed Insights (performance monitoring) — vercel.com/legal/privacy-policy
  • PayPal (Global) — Donation processing if made — paypal.com/privacy
  • Revolut (UK/EU) — Donation processing if made — revolut.com/en-MT/legal/privacy

5. Your GDPR Rights

Under the GDPR you have the following rights regarding your personal data: Right of access (Art. 15), Right to rectification (Art. 16), Right to erasure (Art. 17) — right to be forgotten, Right to restriction (Art. 18), Right to data portability (Art. 20), Right to object (Art. 21), Right to withdraw consent at any time. To exercise any of these rights, contact mario.aquilina23@proton.me. We respond within 30 days.

6. Data Security

Since we store no personal data on our servers beyond the session, the risk exposure is minimal. All communications use HTTPS/TLS. Server logs are retained for up to 7 days by Vercel; IP addresses are stored in hashed, non-reversible form.

7. Children

This platform is not directed at children and is not intended for use by minors. We do not knowingly collect data from children. If you believe a minor has provided data to us, contact us to have it deleted.

Complaints and Contact

For privacy questions or to exercise your rights: mario.aquilina23@proton.me. If unsatisfied with our response, you may lodge a complaint with Malta's Information and Data Protection Commissioner (IDPC) at idpc.org.mt.