General Data Protection Regulation (GDPR)

This page houses all information in relation to MOSL’s compliance with General Data Protection Regulation (GDPR) and compliance of the market and its Market Operator systems. Information on this page relates to MOSL’s obligations towards personal data held in the central market systems, rather than personal data it has collected and holds as a business (such as employee data).

Summary of Arrangements

Under the GDPR, data controllers who jointly control personal data must make available to data subjects a summary of the arrangements and allocation of responsibilities between them. Therefore, MOSL has provided a Summary of Arrangements that will be updated yearly (if required).

GDPR Guidance

For more information on the rights of data subjects and how to enact them, please refer to the Information Commissioner’s Office (ICO) website’s advice for the public.

Natural Persons Guidance

The Natural Persons Guidance document is designed to be a supplementary working document to support trading parties with identifying personal data, thus falling under the GDPR/Data Protection Act (DPA) scope. Please note access to this document is for members only.

Data Protection Officers (DPO's)

A current list of DPO’s for all trading parties and the Market Operator is available here. Please note access to this list is for members only. The MOSL Data Protection Officer can be contacted on

Data Subject Rights Request Form

If a Data Subject Request has been received and assistance is required from the Market Operator or another Trading Party, then a Data Subject Rights Request Form (DSRR) should be sent to the relevant party.

Related Pages

Privacy Notices and Policies

View MOSL's policies.

View page

Keep up to date

Receive the most relevant and up-to-date communications from MOSL by signing up to our mailing list.