keyboard_tab Data Act 2023/2854 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- Article 1 Subject matter and scope
- Article 2 Definitions
- Article 3 Obligation to make product data and related service data accessible to the user
- Article 4 The rights and obligations of users and data holders with regard to access, use and making available product data and related service data
- Article 5 Right of the user to share data with third parties
- Article 6 Obligations of third parties receiving data at the request of the user
- Article 7 Scope of business-to-consumer and business-to-business data sharing obligations
- Article 8 Conditions under which data holders make data available to data recipients
- Article 9 Compensation for making data available
- Article 10 Dispute settlement
- Article 11 Technical protection measures on the unauthorised use or disclosure of data
- Article 12 Scope of obligations for data holders obliged pursuant to Union law to make data available
- Article 13 Unfair contractual terms unilaterally imposed on another enterprise
- Article 14 Obligation to make data available on the basis of an exceptional need
- Article 15 Exceptional need to use data
- Article 16 Relationship with other obligations to make data available to public sector bodies, the Commission, the European Central Bank and Union bodies
- Article 17 Requests for data to be made available
- Article 18 Compliance with requests for data
- Article 19 Obligations of public sector bodies, the Commission, the European Central Bank and Union bodies
- Article 20 Compensation in cases of an exceptional need
- Article 21 Sharing of data obtained in the context of an exceptional need with research organisations or statistical bodies
- Article 22 Mutual assistance and cross-border cooperation
- Article 23 Removing obstacles to effective switching
- Article 24 Scope of the technical obligations
- Article 25 Contractual terms concerning switching
- Article 26 Information obligation of providers of data processing services
- Article 27 Obligation of good faith
- Article 28 Contractual transparency obligations on international access and transfer
- Article 29 Gradual withdrawal of switching charges
- Article 30 Technical aspects of switching
- Article 31 Specific regime for certain data processing services
- Article 32 International governmental access and transfer
- Article 33 Essential requirements regarding interoperability of data, of data sharing mechanisms and services, as well as of common European data spaces
- Article 34 Interoperability for the purposes of in-parallel use of data processing services
- Article 35 Interoperability of data processing services
- Article 36 Essential requirements regarding smart contracts for executing data sharing agreements
- Article 37 Competent authorities and data coordinators
- Article 38 Right to lodge a complaint
- Article 39 Right to an effective judicial remedy
- Article 40 Penalties
- Article 41 Model contractual terms and standard contractual clauses
- Article 42 Role of the EDIB
- Article 43 Databases containing certain data
- Article 44 Other Union legal acts governing rights and obligations on data access and use
- Article 45 Exercise of the delegation
- Article 46 Committee procedure
- Article 47 Amendment to Regulation (EU) 2017/2394
- Article 48 Amendment to Directive (EU) 2020/1828
- Article 49 Evaluation and review
- Article 50 Entry into force and application
CHAPTER I
GENERAL PROVISIONS
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARING
CHAPTER III
OBLIGATIONS FOR DATA HOLDERS OBLIGED TO MAKE DATA AVAILABLE PURSUANT TO UNION LAW
CHAPTER IV
UNFAIR CONTRACTUAL TERMS RELATED TO DATA ACCESS AND USE BETWEEN ENTERPRISES
CHAPTER V
MAKING DATA AVAILABLE TO PUBLIC SECTOR BODIES, THE COMMISSION, THE EUROPEAN CENTRAL BANK AND UNION BODIES ON THE BASIS OF AN EXCEPTIONAL NEED
CHAPTER VI
SWITCHING BETWEEN DATA PROCESSING SERVICES
CHAPTER VII
UNLAWFUL INTERNATIONAL GOVERNMENTAL ACCESS AND TRANSFER OF NON-PERSONAL DATA
CHAPTER VIII
INTEROPERABILITY
CHAPTER IX
IMPLEMENTATION AND ENFORCEMENT
CHAPTER X
SUI GENERIS RIGHT UNDER DIRECTIVE 96/9/EC
CHAPTER XI
FINAL PROVISIONS
- data
- metadata
- personal data
- non-personal data
- connected product
- related service
- processing
- data processing service
- same service type
- data intermediation service
- data subject
- user
- data holder
- data recipient
- product data
- related service data
- readily available data
- trade secret
- trade secret holder
- profiling
- making available on the market
- placing on the market
- consumer
- enterprise
- small enterprise
- microenterprise
- Union bodies
- public sector body
- public emergency
- customer
- virtual assistants
- digital assets
- on-premises ICT infrastructure
- switching
- data egress charges
- switching charges
- functional equivalence
- exportable data
- smart contract
- interoperability
- common specifications
- harmonised standard
- data 25
- request 11
- holder 9
- union 6
- shall 5
- body 5
- bank 5
- central 5
- european 5
- commission 5
- public_sector_body 5
- article 4
- available 4
- make 4
- modification 3
- without 3
- undue 3
- delay 3
- requested 3
- such 2
- event 2
- later 2
- than 2
- working 2
- days 2
- after 2
- receipt 2
- personal 2
- purpose 2
- cases 2
- compliance 2
- where 2
- same 2
- pursuant 2
- seek 2
- submitted 2
- previously 2
- been 2
- does 2
- point 2
- decline 2
- chapter 2
- necessary 2
- wishes 2
- challenge 2
- matter 2
- under 2
- accordance 1
- competent 1
- decides 1
Article 18
Compliance with requests for data
1. A data holder receiving a request to make data available under this Chapter shall make the data available to the requesting public_sector_body, the Commission, the European Central Bank or a Union body without undue delay, taking into account necessary technical, organisational and legal measures.
2. Without prejudice to specific needs regarding the availability of data defined in Union or national law, a data holder may decline or seek the modification of a request to make data available under this Chapter without undue delay and, in any event, no later than five working days after the receipt of a request for the data necessary to respond to a public_emergency and without undue delay and, in any event, no later than 30 working days after the receipt of such a request in other cases of an exceptional need, on any of the following grounds:
| (a) | the data holder does not have control over the data requested; |
| (b) | a similar request for the same purpose has been previously submitted by another public_sector_body or the Commission, the European Central Bank or a Union body and the data holder has not been notified of the erasure of the data pursuant to Article 19(1), point (c); |
| (c) | the request does not meet the conditions laid down in Article 17(1) and (2). |
3. If the data holder decides to decline the request or to seek its modification in accordance with paragraph 2, point (b), it shall indicate the identity of the public_sector_body or the Commission, the European Central Bank or the Union body that previously submitted a request for the same purpose.
4. Where the data requested includes personal data, the data holder shall properly anonymise the data, unless the compliance with the request to make data available to a public_sector_body, the Commission, the European Central Bank or a Union body requires the disclosure of personal data. In such cases, the data holder shall pseudonymise the data.
5. Where the public_sector_body, the Commission, the European Central Bank or the Union body wishes to challenge a data holder’s refusal to provide the data requested, or where the data holder wishes to challenge the request and the matter cannot be resolved by an appropriate modification of the request, the matter shall be referred to the competent authority designated pursuant to Article 37 of the Member State where the data holder is established.
whereas