General Data Protection Regulation (GDPR)
This page is a central point for all information in relation to MOSL's compliance with GDPR and compliance of the market and central systems. Information on this page relates to MOSL’s obligations towards personal data held in central market systems, rather than personal data it has collected and holds itself as a business (such as employee data).
Market Privacy Notice
As joint data controllers, MOSL’s members aim to maintain aligned privacy notices. Schedule 13 of the MAC requires MOSL to publish a Market Privacy Notice for trading parties to align to.
Summary of Arrangements
Under the GDPR, data controllers who jointly control personal data must make available to data subjects a summary of the arrangements and allocation of responsibilities between them. Therefore, MOSL has provided a Summary of Arrangements, that will be updated yearly (if required).
Data Protection Officers (“DPO’s”)
A current list of DPO’s for all Trading Parties and the Market Operator is available here (access is for authorised users only)
For more information on the rights of data subjects and how to enact them, refer to the Information Commissioner’s Office (ICO) website’s advice for the public.
Natural Persons Guidance
The Natural Persons Guidance document is designed to be a supplementary working document to support Trading Parties with identifying personal data, thus falling under the GDPR/DPA scope.
Data Subject Rights Request Form
If a Data Subject Request has been received and assistance is required from the Market Operator or another Trading Party, then a Data Subject Rights Request Form (DSRR) should sent to the relevant party.