2. Transfer of Personal Data by the SC
The SC may transfer personal data to a foreign supervisory authority as provided under section 150 of the Securities Commission Malaysia Act 1993. Where desirable and necessary, personal data may be transferred by the SC, such as where the transfer is requested by the foreign supervisory authority for assistance in its investigation conducted for the enforcement or administration of its laws and regulations under an information sharing arrangement, such as the IOSCO MMoU.
3. Rights of a Data Subject
An individual whose personal data has been transferred from EEA securities regulators to the SC (“data subject”) has the right to request access to his or her personal data, subject to certain exemptions. A data subject may also request that his or her personal data be corrected if the individual believes that it contains an error or omission.
The SC will handle the personal data received from EEA securities regulators in accordance with the safeguards set out in the Administrative Arrangement. However, given the often sensitive nature of the SC’s work, and the risk of prejudice to the discharge of our regulatory functions, in some cases the data subject’s safeguards might be restricted, such as the SC’s obligation not to disclose confidential information pursuant to professional secrecy or other legal obligations, or to prevent prejudice or harm to its supervisory or enforcement functions.
Questions or concerns
If you have any questions or concerns about the collection, use, processing, protection, disclosure, or transfer of your personal data by the SC, you may contact:
International Affairs Department
Securities Commission Malaysia
[email protected]
Complaints
If you wish to make a complaint with respect to how your personal data is handled, you may contact:
Office of the General Counsel
Securities Commission Malaysia
[email protected]