keyboard_tab Data Act 2023/2854 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- 2 Article 2 Definitions
- 1 Article 23 Removing obstacles to effective switching
- 6 Article 25 Contractual terms concerning switching
- 1 Article 26 Information obligation of providers of data processing services
- 1 Article 30 Technical aspects of switching
CHAPTER I
GENERAL PROVISIONS
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARING
CHAPTER III
OBLIGATIONS FOR DATA HOLDERS OBLIGED TO MAKE DATA AVAILABLE PURSUANT TO UNION LAW
CHAPTER IV
UNFAIR CONTRACTUAL TERMS RELATED TO DATA ACCESS AND USE BETWEEN ENTERPRISES
CHAPTER V
MAKING DATA AVAILABLE TO PUBLIC SECTOR BODIES, THE COMMISSION, THE EUROPEAN CENTRAL BANK AND UNION BODIES ON THE BASIS OF AN EXCEPTIONAL NEED
CHAPTER VI
SWITCHING BETWEEN DATA PROCESSING SERVICES
CHAPTER VII
UNLAWFUL INTERNATIONAL GOVERNMENTAL ACCESS AND TRANSFER OF NON-PERSONAL DATA
CHAPTER VIII
INTEROPERABILITY
CHAPTER IX
IMPLEMENTATION AND ENFORCEMENT
CHAPTER X
SUI GENERIS RIGHT UNDER DIRECTIVE 96/9/EC
CHAPTER XI
FINAL PROVISIONS
- data
- metadata
- personal data
- non-personal data
- connected product
- related service
- processing
- data processing service
- same service type
- data intermediation service
- data subject
- user
- data holder
- data recipient
- product data
- related service data
- readily available data
- trade secret
- trade secret holder
- profiling
- making available on the market
- placing on the market
- consumer
- enterprise
- small enterprise
- microenterprise
- Union bodies
- public sector body
- public emergency
- customer
- virtual assistants
- digital assets
- on-premises ICT infrastructure
- switching
- data egress charges
- switching charges
- functional equivalence
- exportable data
- smart contract
- interoperability
- common specifications
- harmonised standard
- data 188
- means 92
- processing 89
- services 70
- service 49
- provider 43
- customer 38
- article 36
- which 30
- including 26
- switching 26
- shall 25
- union 24
- point 22
- connected_product 20
- accordance 20
- regulation 20
- referred 17
- from 17
- period 17
- defined 16
- paragraph 16
- process 16
- data’ 16
- than 16
- available 15
- such 15
- related_service 14
- natural 14
- eu / 13
- business 13
- different 13
- contract 13
- information 13
- relevant 12
- user 12
- more 12
- interoperability 12
- person 12
- legal 12
- on-premises_ict_infrastructure 11
- under 11
- exportable 11
- after 11
- functions 10
- product 10
- purposes 10
- providers 10
- holder 10
- digital_assets 9
Article 2
Definitions
For the purposes of this Regulation, the following definitions apply:
(1) | ‘ data’ means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording; |
(2) | ‘meta data’ means a structured description of the contents or the use of data facilitating the discovery or use of that data; |
(3) | ‘personal data’ means personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679; |
(4) | ‘non-personal data’ means data other than personal data; |
(5) | ‘ connected_product’ means an item that obtains, generates or collects data concerning its use or environment and that is able to communicate product data via an electronic communications service, physical connection or on-device access, and whose primary function is not the storing, processing or transmission of data on behalf of any party other than the user; |
(6) | ‘ related_service’ means a digital service, other than an electronic communications service, including software, which is connected with the product at the time of the purchase, rent or lease in such a way that its absence would prevent the connected_product from performing one or more of its functions, or which is subsequently connected to the product by the manufacturer or a third party to add to, update or adapt the functions of the connected_product; |
(7) | ‘ processing’ means any operation or set of operations which is performed on data or on sets of data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or other means of making them available, alignment or combination, restriction, erasure or destruction; |
(8) | ‘ data processing service’ means a digital service that is provided to a customer and that enables ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources of a centralised, distributed or highly distributed nature that can be rapidly provisioned and released with minimal management effort or service provider interaction; |
(9) | ‘ same_service_type’ means a set of data processing services that share the same primary objective, data processing service model and main functionalities; |
(10) | ‘ data intermediation service’ means data intermediation service as defined in Article 2, point (11), of Regulation (EU) 2022/868; |
(11) | ‘ data subject’ means data subject as referred to in Article 4, point (1), of Regulation (EU) 2016/679; |
(12) | ‘ user’ means a natural or legal person that owns a connected_product or to whom temporary rights to use that connected_product have been contractually transferred, or that receives related_services; |
(13) | ‘ data holder’ means a natural or legal person that has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation adopted in accordance with Union law, to use and make available data, including, where contractually agreed, product data or related_service data which it has retrieved or generated during the provision of a related_service; |
(14) | ‘ data recipient’ means a natural or legal person, acting for purposes which are related to that person’s trade, business, craft or profession, other than the user of a connected_product or related_service, to whom the data holder makes data available, including a third party following a request by the user to the data holder or in accordance with a legal obligation under Union law or national legislation adopted in accordance with Union law; |
(15) | ‘product data’ means data generated by the use of a connected_product that the manufacturer designed to be retrievable, via an electronic communications service, physical connection or on-device access, by a user, data holder or a third party, including, where relevant, the manufacturer; |
(16) | ‘ related_service data’ means data representing the digitisation of user actions or of events related to the connected_product, recorded intentionally by the user or generated as a by-product of the user’s action during the provision of a related_service by the provider; |
(17) | ‘readily available data’ means product data and related_service data that a data holder lawfully obtains or can lawfully obtain from the connected_product or related_service, without disproportionate effort going beyond a simple operation; |
(18) | ‘ trade_secret’ means trade_secret as defined in Article 2, point (1), of Directive (EU) 2016/943; |
(19) | ‘ trade_secret holder’ means a trade_secret holder as defined in Article 2, point (2), of Directive (EU) 2016/943; |
(20) | ‘ profiling’ means profiling as defined in Article 4, point (4), of Regulation (EU) 2016/679; |
(21) | ‘ making_available_on_the_market’ means any supply of a connected_product for distribution, consumption or use on the Union market in the course of a commercial activity, whether in return for payment or free of charge; |
(22) | ‘ placing_on_the_market’ means the first making available of a connected_product on the Union market; |
(23) | ‘ consumer’ means any natural person who is acting for purposes which are outside that person’s trade, business, craft or profession; |
(24) | ‘ enterprise’ means a natural or legal person that, in relation to contracts and practices covered by this Regulation, is acting for purposes which are related to that person’s trade, business, craft or profession; |
(25) | ‘small enterprise’ means a small enterprise as defined in Article 2(2) of the Annex to Recommendation 2003/361/EC; |
(26) | ‘micro enterprise’ means a micro enterprise as defined in Article 2(3) of the Annex to Recommendation 2003/361/EC; |
(27) | ‘ Union_bodies’ means the Union_bodies, offices and agencies set up by or pursuant to acts adopted on the basis of the Treaty on European Union, the TFEU or the Treaty establishing the European Atomic Energy Community; |
(28) | ‘ public_sector_body’ means national, regional or local authorities of the Member States and bodies governed by public law of the Member States, or associations formed by one or more such authorities or one or more such bodies; |
(29) | ‘ public_emergency’ means an exceptional situation, limited in time, such as a public health emergency, an emergency resulting from natural disasters, a human-induced major disaster, including a major cybersecurity incident, negatively affecting the population of the Union or the whole or part of a Member State, with a risk of serious and lasting repercussions for living conditions or economic stability, financial stability, or the substantial and immediate degradation of economic assets in the Union or the relevant Member State and which is determined or officially declared in accordance with the relevant procedures under Union or national law; |
(30) | ‘ customer’ means a natural or legal person that has entered into a contractual relationship with a provider of data processing services with the objective of using one or more data processing services; |
(31) | ‘ virtual_assistants’ means software that can process demands, tasks or questions including those based on audio, written input, gestures or motions, and that, based on those demands, tasks or questions, provides access to other services or controls the functions of connected_products; |
(32) | ‘ digital_assets’ means elements in digital form, including applications, for which the customer has the right of use, independently from the contractual relationship with the data processing service it intends to switch from; |
(33) | ‘ on-premises_ICT_infrastructure’ means ICT infrastructure and computing resources owned, rented or leased by the customer, located in the data centre of the customer itself and operated by the customer or by a third-party; |
(34) | ‘ switching’ means the process involving a source provider of data processing services, a customer of a data processing service and, where relevant, a destination provider of data processing services, whereby the customer of a data processing service changes from using one data processing service to using another data processing service of the same_service_type, or other service, offered by a different provider of data processing services, or to an on-premises_ICT_infrastructure, including through extracting, transforming and uploading the data; |
(35) | ‘ data egress charges’ means data transfer fees charged to customers for extracting their data through the network from the ICT infrastructure of a provider of data processing services to the system of a different provider or to on-premises_ICT_infrastructure; |
(36) | ‘ switching charges’ means charges, other than standard service fees or early termination penalties, imposed by a provider of data processing services on a customer for the actions mandated by this Regulation for switching to the system of a different provider or to on-premises_ICT_infrastructure, including data egress charges; |
(37) | ‘ functional_equivalence’ means re-establishing on the basis of the customer’s exportable data and digital_assets, a minimum level of functionality in the environment of a new data processing service of the same_service_type after the switching process, where the destination data processing service delivers a materially comparable outcome in response to the same input for shared features supplied to the customer under the contract; |
(38) | ‘exportable data’, for the purpose of Articles 23 to 31 and Article 35, means the input and output data, including meta data, directly or indirectly generated, or cogenerated, by the customer’s use of the data processing service, excluding any assets or data protected by intellectual property rights, or constituting a trade_secret, of providers of data processing services or third parties; |
(39) | ‘ smart_contract’ means a computer program used for the automated execution of an agreement or part thereof, using a sequence of electronic data records and ensuring their integrity and the accuracy of their chronological ordering; |
(40) | ‘ interoperability’ means the ability of two or more data spaces or communication networks, systems, connected_products, applications, data processing services or components to exchange and use data in order to perform their functions; |
(41) | open interoperability specification’ means a technical specification in the field of information and communication technologies which is performance oriented towards achieving interoperability between data processing services; |
(42) | ‘ common_specifications’ means a document, other than a standard, containing technical solutions providing a means to comply with certain requirements and obligations established under this Regulation; |
(43) | ‘ harmonised_standard’ means a harmonised_standard as defined in Article 2, point (1)(c), of Regulation (EU) No 1025/2012. |
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARING
Article 2
Definitions
For the purposes of this Regulation, the following definitions apply:
(1) | ‘ data’ means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording; |
(2) | ‘meta data’ means a structured description of the contents or the use of data facilitating the discovery or use of that data; |
(3) | ‘personal data’ means personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679; |
(4) | ‘non-personal data’ means data other than personal data; |
(5) | ‘ connected_product’ means an item that obtains, generates or collects data concerning its use or environment and that is able to communicate product data via an electronic communications service, physical connection or on-device access, and whose primary function is not the storing, processing or transmission of data on behalf of any party other than the user; |
(6) | ‘ related_service’ means a digital service, other than an electronic communications service, including software, which is connected with the product at the time of the purchase, rent or lease in such a way that its absence would prevent the connected_product from performing one or more of its functions, or which is subsequently connected to the product by the manufacturer or a third party to add to, update or adapt the functions of the connected_product; |
(7) | ‘ processing’ means any operation or set of operations which is performed on data or on sets of data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or other means of making them available, alignment or combination, restriction, erasure or destruction; |
(8) | ‘ data processing service’ means a digital service that is provided to a customer and that enables ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources of a centralised, distributed or highly distributed nature that can be rapidly provisioned and released with minimal management effort or service provider interaction; |
(9) | ‘ same_service_type’ means a set of data processing services that share the same primary objective, data processing service model and main functionalities; |
(10) | ‘ data intermediation service’ means data intermediation service as defined in Article 2, point (11), of Regulation (EU) 2022/868; |
(11) | ‘ data subject’ means data subject as referred to in Article 4, point (1), of Regulation (EU) 2016/679; |
(12) | ‘ user’ means a natural or legal person that owns a connected_product or to whom temporary rights to use that connected_product have been contractually transferred, or that receives related_services; |
(13) | ‘ data holder’ means a natural or legal person that has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation adopted in accordance with Union law, to use and make available data, including, where contractually agreed, product data or related_service data which it has retrieved or generated during the provision of a related_service; |
(14) | ‘ data recipient’ means a natural or legal person, acting for purposes which are related to that person’s trade, business, craft or profession, other than the user of a connected_product or related_service, to whom the data holder makes data available, including a third party following a request by the user to the data holder or in accordance with a legal obligation under Union law or national legislation adopted in accordance with Union law; |
(15) | ‘product data’ means data generated by the use of a connected_product that the manufacturer designed to be retrievable, via an electronic communications service, physical connection or on-device access, by a user, data holder or a third party, including, where relevant, the manufacturer; |
(16) | ‘ related_service data’ means data representing the digitisation of user actions or of events related to the connected_product, recorded intentionally by the user or generated as a by-product of the user’s action during the provision of a related_service by the provider; |
(17) | ‘readily available data’ means product data and related_service data that a data holder lawfully obtains or can lawfully obtain from the connected_product or related_service, without disproportionate effort going beyond a simple operation; |
(18) | ‘ trade_secret’ means trade_secret as defined in Article 2, point (1), of Directive (EU) 2016/943; |
(19) | ‘ trade_secret holder’ means a trade_secret holder as defined in Article 2, point (2), of Directive (EU) 2016/943; |
(20) | ‘ profiling’ means profiling as defined in Article 4, point (4), of Regulation (EU) 2016/679; |
(21) | ‘ making_available_on_the_market’ means any supply of a connected_product for distribution, consumption or use on the Union market in the course of a commercial activity, whether in return for payment or free of charge; |
(22) | ‘ placing_on_the_market’ means the first making available of a connected_product on the Union market; |
(23) | ‘ consumer’ means any natural person who is acting for purposes which are outside that person’s trade, business, craft or profession; |
(24) | ‘ enterprise’ means a natural or legal person that, in relation to contracts and practices covered by this Regulation, is acting for purposes which are related to that person’s trade, business, craft or profession; |
(25) | ‘small enterprise’ means a small enterprise as defined in Article 2(2) of the Annex to Recommendation 2003/361/EC; |
(26) | ‘micro enterprise’ means a micro enterprise as defined in Article 2(3) of the Annex to Recommendation 2003/361/EC; |
(27) | ‘ Union_bodies’ means the Union_bodies, offices and agencies set up by or pursuant to acts adopted on the basis of the Treaty on European Union, the TFEU or the Treaty establishing the European Atomic Energy Community; |
(28) | ‘ public_sector_body’ means national, regional or local authorities of the Member States and bodies governed by public law of the Member States, or associations formed by one or more such authorities or one or more such bodies; |
(29) | ‘ public_emergency’ means an exceptional situation, limited in time, such as a public health emergency, an emergency resulting from natural disasters, a human-induced major disaster, including a major cybersecurity incident, negatively affecting the population of the Union or the whole or part of a Member State, with a risk of serious and lasting repercussions for living conditions or economic stability, financial stability, or the substantial and immediate degradation of economic assets in the Union or the relevant Member State and which is determined or officially declared in accordance with the relevant procedures under Union or national law; |
(30) | ‘ customer’ means a natural or legal person that has entered into a contractual relationship with a provider of data processing services with the objective of using one or more data processing services; |
(31) | ‘ virtual_assistants’ means software that can process demands, tasks or questions including those based on audio, written input, gestures or motions, and that, based on those demands, tasks or questions, provides access to other services or controls the functions of connected_products; |
(32) | ‘ digital_assets’ means elements in digital form, including applications, for which the customer has the right of use, independently from the contractual relationship with the data processing service it intends to switch from; |
(33) | ‘ on-premises_ICT_infrastructure’ means ICT infrastructure and computing resources owned, rented or leased by the customer, located in the data centre of the customer itself and operated by the customer or by a third-party; |
(34) | ‘ switching’ means the process involving a source provider of data processing services, a customer of a data processing service and, where relevant, a destination provider of data processing services, whereby the customer of a data processing service changes from using one data processing service to using another data processing service of the same_service_type, or other service, offered by a different provider of data processing services, or to an on-premises_ICT_infrastructure, including through extracting, transforming and uploading the data; |
(35) | ‘ data egress charges’ means data transfer fees charged to customers for extracting their data through the network from the ICT infrastructure of a provider of data processing services to the system of a different provider or to on-premises_ICT_infrastructure; |
(36) | ‘ switching charges’ means charges, other than standard service fees or early termination penalties, imposed by a provider of data processing services on a customer for the actions mandated by this Regulation for switching to the system of a different provider or to on-premises_ICT_infrastructure, including data egress charges; |
(37) | ‘ functional_equivalence’ means re-establishing on the basis of the customer’s exportable data and digital_assets, a minimum level of functionality in the environment of a new data processing service of the same_service_type after the switching process, where the destination data processing service delivers a materially comparable outcome in response to the same input for shared features supplied to the customer under the contract; |
(38) | ‘exportable data’, for the purpose of Articles 23 to 31 and Article 35, means the input and output data, including meta data, directly or indirectly generated, or cogenerated, by the customer’s use of the data processing service, excluding any assets or data protected by intellectual property rights, or constituting a trade_secret, of providers of data processing services or third parties; |
(39) | ‘ smart_contract’ means a computer program used for the automated execution of an agreement or part thereof, using a sequence of electronic data records and ensuring their integrity and the accuracy of their chronological ordering; |
(40) | ‘ interoperability’ means the ability of two or more data spaces or communication networks, systems, connected_products, applications, data processing services or components to exchange and use data in order to perform their functions; |
(41) | open interoperability specification’ means a technical specification in the field of information and communication technologies which is performance oriented towards achieving interoperability between data processing services; |
(42) | ‘ common_specifications’ means a document, other than a standard, containing technical solutions providing a means to comply with certain requirements and obligations established under this Regulation; |
(43) | ‘ harmonised_standard’ means a harmonised_standard as defined in Article 2, point (1)(c), of Regulation (EU) No 1025/2012. |
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARING
Article 23
Removing obstacles to effective switching
Providers of data processing services shall take the measures provided for in Articles 25, 26, 27, 29 and 30 to enable customers to switch to a data processing service, covering the same_service_type, which is provided by a different provider of data processing services, or to on-premises_ICT_infrastructure, or, where relevant, to use several providers of data processing services at the same time. In particular, providers of data processing services shall not impose and shall remove pre-commercial, commercial, technical, contractual and organisational obstacles, which inhibit customers from:
(a) | terminating, after the maximum notice period and the successful completion of the switching process, in accordance with Article 25, the contract of the data processing service; |
(b) | concluding new contracts with a different provider of data processing services covering the same_service_type; |
(c) | porting the customer’s exportable data and digital_assets, to a different provider of data processing services or to an on-premises_ICT_infrastructure, including after having benefited from a free-tier offering; |
(d) | in accordance with Article 24, achieving functional_equivalence in the use of the new data processing service in the ICT environment of a different provider of data processing services covering the same_service_type; |
(e) | unbundling, where technically feasible, data processing services referred to in Article 30(1) from other data processing services provided by the provider of data processing services. |
Article 25
Contractual terms concerning switching
1. The rights of the customer and the obligations of the provider of data processing services in relation to switching between providers of such services or, where applicable, to an on-premises_ICT_infrastructure shall be clearly set out in a written contract. The provider of data processing services shall make that contract available to the customer prior to signing the contract in a way that allows the customer to store and reproduce the contract.
2. Without prejudice to Directive (EU) 2019/770, the contract referred to in paragraph 1 of this Article shall include at least the following:
(a) | clauses allowing the customer, upon request, to switch to a data processing service offered by a different provider of data processing services or to port all exportable data and digital_assets to an on-premises_ICT_infrastructure, without undue delay and in any event not after the mandatory maximum transitional period of 30 calendar days, to be initiated after the maximum notice period referred to in point (d), during which the service contract remains applicable and during which the provider of data processing services shall:
|
(b) | an obligation of the provider of data processing services to support the customer’s exit strategy relevant to the contracted services, including by providing all relevant information; |
(c) | a clause specifying that the contract shall be considered to be terminated and the customer shall be notified of the termination, in one of the following cases:
|
(d) | a maximum notice period for initiation of the switching process, which shall not exceed two months; |
(e) | an exhaustive specification of all categories of data and digital_assets that can be ported during the switching process, including, at a minimum, all exportable data; |
(f) | an exhaustive specification of categories of data specific to the internal functioning of the provider’s data processing service that are to be exempted from the exportable data under point (e) of this paragraph where a risk of breach of trade_secrets of the provider exists, provided that such exemptions do not impede or delay the switching process provided for in Article 23; |
(g) | a minimum period for data retrieval of at least 30 calendar days, starting after the termination of the transitional period that was agreed between the customer and the provider of data processing services, in accordance with point (a) of this paragraph and paragraph 4; |
(h) | a clause guaranteeing full erasure of all exportable data and digital_assets generated directly by the customer, or relating to the customer directly, after the expiry of the retrieval period referred to in point (g) or after the expiry of an alternative agreed period at a date later than the date of expiry of the retrieval period referred to in point (g), provided that the switching process has been completed successfully; |
(i) | switching charges, that may be imposed by providers of data processing services in accordance with Article 29. |
3. The contract referred to in paragraph 1 shall include clauses providing that the customer may notify the provider of data processing services of its decision to perform one or more of the following actions upon termination of the maximum notice period referred to in paragraph 2, point (d):
(a) | switch to a different provider of data processing services, in which case the customer shall provide the necessary details of that provider; |
(b) | switch to an on-premises_ICT_infrastructure; |
(c) | erase its exportable data and digital_assets. |
4. Where the mandatory maximum transitional period as provided for in paragraph 2, point (a) is technically unfeasible, the provider of data processing services shall notify the customer within 14 working days of the making of the switching request, and shall duly justify the technical unfeasibility and indicate an alternative transitional period, which shall not exceed seven months. In accordance with paragraph 1, service continuity shall be ensured throughout the alternative transitional period.
5. Without prejudice to paragraph 4, the contract referred to in paragraph 1 shall include clauses providing the customer with the right to extend the transitional period once for a period that the customer considers more appropriate for its own purposes.
Article 26
Information obligation of providers of data processing services
The provider of data processing services shall provide the customer with:
(a) | information on available procedures for switching and porting to the data processing service, including information on available switching and porting methods and formats as well as restrictions and technical limitations which are known to the provider of data processing services; |
(b) | a reference to an up-to-date online register hosted by the provider of data processing services, with details of all the data structures and data formats as well as the relevant standards and open interoperability specifications, in which the exportable data referred to in Article 25(2), point (e), are available. |
Article 30
Technical aspects of switching
1. Providers of data processing services that concern scalable and elastic computing resources limited to infrastructural elements such as servers, networks and the virtual resources necessary for operating the infrastructure, but that do not provide access to the operating services, software and applications that are stored, otherwise processed, or deployed on those infrastructural elements, shall, in accordance with Article 27, take all reasonable measures in their power to facilitate that the customer, after switching to a service covering the same_service_type, achieves functional_equivalence in the use of the destination data processing service. The source provider of data processing services shall facilitate the switching process by providing capabilities, adequate information, documentation, technical support and, where appropriate, the necessary tools.
2. Providers of data processing services, other than those referred to in paragraph 1, shall make open interfaces available to an equal extent to all their customers and the concerned destination providers of data processing services free of charge to facilitate the switching process. Those interfaces shall include sufficient information on the service concerned to enable the development of software to communicate with the services, for the purposes of data portability and interoperability.
3. For data processing services other than those referred to in paragraph 1 of this Article, providers of data processing services shall ensure compatibility with common_specifications based on open interoperability specifications or harmonised_standards for interoperability at least 12 months after the references to those common_specifications or harmonised_standards for interoperability of data processing services were published in the central Union standards repository for the interoperability of data processing services following the publication of the underlying implementing acts in the Official Journal of the European Union in accordance with Article 35(8).
4. Providers of data processing services other than those referred to in paragraph 1 of this Article shall update the online register referred to in Article 26, point (b) in accordance with their obligations under paragraph 3 of this Article.
5. In the case of switching between services of the same_service_type, for which common_specifications or the harmonised_standards for interoperability referred to in paragraph 3 of this Article have not been published in the central Union standards repository for the interoperability of data processing services in accordance with Article 35(8), the provider of data processing services shall, at the request of the customer, export all exportable data in a structured, commonly used and machine-readable format.
6. Providers of data processing services shall not be required to develop new technologies or services, or disclose or transfer digital_assets that are protected by intellectual property rights or that constitute a trade_secret, to a customer or to a different provider of data processing services or compromise the customer’s or provider’s security and integrity of service.
whereas