With whom do we share your data?

The FSMA may share your data:

  • with service providers with which the FSMA works (for example IT service providers, the platform the FSMA uses for managing newsletters, the platform used by the FSMA for the exchange of documents, lawyers or other service providers necessary for the exercise of the FSMA’s tasks). Access by these providers to your Data will be limited to what is strictly necessary for their tasks;
  • in the cases provided for by Article 74 of the Law of 2 August 2002 (and even if the Data in question are not covered by the professional secrecy referred to in the said Article):
    • in cases where the communication of such information is provided for or authorized by or pursuant to the said Law and laws governing the tasks entrusted to the FSMA (including the cases referred to in Article 75 of the same Law). This includes (but is not limited to) situations in which the FSMA transfers data to other national authorities such as the National Bank of Belgium, the Belgian Audit Oversight College, the Federal Public Service for the Economy, SMEs and Energy or the Belgian Financial Intelligence Processing Unit (CTIF-CFI), or to foreign authorities that hold one or more comparable powers to those of the FSMA and with which the latter has entered into a cooperation agreement;
    • during testimony in a criminal case;
    • to report criminal offences to the judicial authorities (in the knowledge that in such a case the FSMA may publish its decision to report criminal offences to the judicial authorities);
    • as part of administrative or judicial appeals against acts or decisions of the FSMA and in all other cases in which the FSMA is a party;
    • in summary or aggregate form, in such a way that you are unable to be identified.
  • where the FSMA transfers public information to third parties.

Where the Data have been provided by a whistleblower, the FSMA may only transmit these data to third parties under the conditions provided for by the FSMA Regulation laying down procedural rules for the receipt and treatment of reports of infringements, enacted by the Royal Decree of 24 September 2017 (for more information, see