Go to content


The General Data Protection Regulation (GDPR) applies to every organization that processes personal data, including the AFM. The regulation has been in effect since May 25, 2018. All member states of the European Union will apply the same policy for the protection of personal data.

Privacy statement

The Privacy statement (pdf, 500 kB)  explains the personal data AFM processes, how AFM processes it, and for what purposes.

Personal data

Personal data is any information that relates to an identified of identifiable living individual. For example, your name, home address, or email address. We consider it important to handle your personal data with utmost care. You can find more information about personal data on the website of the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).


As a supervisory authority, we process a lot of personal data. For example, when conducting investigations, imposing measures, and during the recruitment and selection of staff. The AFM is allowed to process personal data when necessary for the proper fulfilment of the AFM’s supervisory tasks. We comply with the GDPR (in Dutch: AVG) in these processes.