keyboard_tab Digital Governance Act 2022/0868 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- Art. 1 Subject matter and scope
- Art. 2 Definitions
- Art. 3 Categories of data
- Art. 4 Prohibition of exclusive arrangements
- Art. 5 Conditions for re-use
- Art. 6 Fees
- Art. 7 Competent bodies
- Art. 8 Single information points
- Art. 9 Procedure for requests for re-use
- Art. 10 Data intermediation services
- Art. 11 Notification by data intermediation services providers
- Art. 12 Conditions for providing data intermediation services
- Art. 13 Competent authorities for data intermediation services
- Art. 14 Monitoring of compliance
- Art. 15 Exceptions
- Art. 16 National arrangements for data altruism
- Art. 17 Public registers of recognised data altruism organisations
- Art. 18 General requirements for registration
- Art. 19 Registration of recognised data altruism organisations
- Art. 20 Transparency requirements
- Art. 21 Specific requirements to safeguard rights and interests of data subjects and data holders with regard to their data
- Art. 22 Rulebook
- Art. 23 Competent authorities for the registration of data altruism organisations
- Art. 24 Monitoring of compliance
- Art. 25 European data altruism consent form
- Art. 26 Requirements relating to competent authorities
- Art. 27 Right to lodge a complaint
- Art. 28 Right to an effective judicial remedy
- Art. 29 European Data Innovation Board
- Art. 30 Tasks of the European Data Innovation Board
- Art. 31 International access and transfer
- Art. 32 Exercise of the delegation
- Art. 33 Committee procedure
- Art. 34 Penalties
- Art. 35 Evaluation and review
- Art. 36 Amendment to Regulation (EU) 2018/1724
- Art. 37 Transitional arrangements
- Article 38 Entry into force and application
CHAPTER I
General provisions
CHAPTER II
Re-use of certain categories of protected data held by public sector bodies
CHAPTER III
Requirements applicable to data intermediation services
CHAPTER IV
Data altruism
CHAPTER V
Competent authorities and procedural provisions
CHAPTER VI
European Data Innovation Board
CHAPTER VII
International access and transfer
CHAPTER VIII
Delegation and committee procedure
CHAPTER IX
Final and transitional provisions
- data
- re-use
- personal data
- non-personal data
- consent
- permission
- data subject
- data holder
- data user
- data sharing
- data intermediation service
- processing
- access
- main establishment
- services of data cooperatives
- data altruism
- public sector body
- bodies governed by public law
- public undertaking
- secure processing environment
- legal representative
- data 34
- altruism 10
- organisation 9
- recognised 9
- shall 8
- processing 7
- which 5
- holders 5
- the 4
- subjects 4
- general 3
- tools 3
- interest 3
- consent 3
- objectives 3
- take 2
- permits 2
- non-personal 2
- available 2
- provide 2
- carried 2
- from 2
- made 2
- third 2
- inform 2
- obtaining 2
- process 2
- permissions 2
- storage 1
- security 1
- or 1
- level 1
- permission 1
- ensure 1
- measures 1
- such 1
- appropriate 1
- article 1
- collected 1
- parties 1
- intended 1
- jurisdiction 1
- third-country 1
- specify 1
- relevant 1
- providing 1
- including 1
- facilitates 1
- based 1
- where 1
Article 21
Specific requirements to safeguard rights and interests of data subjects and data holders with regard to their data
1. A recognised data altruism organisation shall inform data subjects or data holders prior to any processing of their data in a clear and easily comprehensible manner of:
(a) | the objectives of general interest and, if applicable, the specified, explicit and legitimate purpose for which personal data is to be processed, and for which it permits the processing of their data by a data user; |
(b) | the location of and the objectives of general interest for which it permits any processing carried out in a third country, where the processing is carried out by the recognised data altruism organisation. |
2. The recognised data altruism organisation shall not use the data for other objectives than those of general interest for which the data subject or data holder allows the processing. The recognised data altruism organisation shall not use misleading marketing practices to solicit the provision of data.
3. The recognised data altruism organisation shall provide tools for obtaining consent from data subjects or permissions to process data made available by data holders. The recognised data altruism organisation shall also provide tools for easy withdrawal of such consent or permission.
4. The recognised data altruism organisation shall take measures to ensure an appropriate level of security for the storage and processing of non-personal data that it has collected based on data altruism.
5. The recognised data altruism organisation shall, without delay, inform data holders in the event of any unauthorised transfer, access or use of the non-personal data that it has shared.
6. Where the recognised data altruism organisation facilitates data processing by third parties, including by providing tools for obtaining consent from data subjects or permissions to process data made available by data holders, it shall, where relevant, specify the third-country jurisdiction in which the data use is intended to take place.
whereas