Nasdaq CSD is committed to complying with the GDPR requirements and principles, including safeguarding and protecting personal data and addressing individual rights regarding data that it processes. This obligation is fundamental in the way Nasdaq does business and is reflected in its privacy policies, agreements, and data protection safeguards.
The below Privacy Letters, one for each type of regulated business operated by Nasdaq in Europe, set out Nasdaq CSD’s personal data handling practices under the GDPR, so that clients and market participants understand how Nasdaq CSD acts to safeguard privacy while fulfilling its obligations to protect them against fraud, ensure the efficient operation of markets and satisfy regulatory obligations. Nasdaq is committed to transparency with all clients and market participants regarding its personal data processing and privacy practices. Information on how to contact Nasdaq regarding privacy practices is provided in the letters. The letters describe how Nasdaq incorporates compliance with the GDPR into its services and products as well as summarize Nasdaq’s privacy program.
To address transparency and compliance requirements under the GDPR, Nasdaq holds Privacy Policy. The Nasdaq Privacy Policy describes how Nasdaq collects, uses and discloses personal data about clients and market participants who receive Nasdaq products and services, explore or maintain a business relationship with Nasdaq and/or use its websites or online features. The Privacy Policy applies to all personal data processed by Nasdaq. The Privacy Policy also describes clients rights, where applicable, and how to exercise them.