Jump to Content Jump to Main Navigation

Part B Commentary, 4 ESMA and Competent Authorities, Art.29: Disclosure of personal data to third countries

Edited By: Marco Ventoruzzo

From: Market Abuse Regulation: Commentary and Annotated Guide (2nd Edition)

Edited By: Marco Ventoruzzo, Sebastian Mock

From: Oxford Legal Research Library (http://olrl.ouplaw.com). (c) Oxford University Press, 2023. All Rights Reserved.date: 17 July 2024

Improper disclosure — Market abuse — Regulated activities — European Securities and Markets Authority (ESMA)

This chapter continues the discussion on personal data, this time focusing on Article 29. Article 29 specifically governs rules concerning the disclosure of personal data to third countries. According to this provision, the transfer of personal data to the supervisory authorities of third countries is not generally forbidden but it must occur on a case-by-case basis. A competent authority may, according to Article 29(1), transfer personal data obtained through its own activities to third countries only if the requirements of the GDPR (2016/679/EU) are fulfilled. Special requirements are listed in Article 29(2) on the disclosure of personal data received from the competent authorities of another Member State. Article 29(3) stipulates special provisions for cooperation arrangements within the meaning of Article 26; these arrangements also facilitate the exchange of personal data.

Users without a subscription are not able to see the full content. Please, subscribe or login to access all content.