keyboard_tab Digital Governance Act 2022/0868 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- 1 Art. 34 Penalties
CHAPTER I
General provisions
CHAPTER II
Re-use of certain categories of protected data held by public sector bodies
CHAPTER III
Requirements applicable to data intermediation services
CHAPTER IV
Data altruism
CHAPTER V
Competent authorities and procedural provisions
CHAPTER VI
European Data Innovation Board
CHAPTER VII
International access and transfer
CHAPTER VIII
Delegation and committee procedure
CHAPTER IX
Final and transitional provisions
- data
- re-use
- personal data
- non-personal data
- consent
- permission
- data subject
- data holder
- data user
- data sharing
- data intermediation service
- processing
- access
- main establishment
- services of data cooperatives
- data altruism
- public sector body
- bodies governed by public law
- public undertaking
- secure processing environment
- legal representative
- data 13
- shall 7
- services 6
- intermediation 6
- article 5
- altruism 5
- recognised 5
- penalties 5
- pursuant 4
- organisation 4
- infringements 3
- provider 3
- infringement 3
- take 3
- rules 3
- account 2
- into 2
- losses 2
- measures 2
- notify 2
- member states 2
- benefits 2
- conditions 2
- providers 2
- member states 2
- applicable 2
- mitigating 1
- criteria 1
- imposition 1
- organisations 1
- regulation 1
- appropriate: 1
- nature 1
- gravity 1
- circumstances 1
- scale 1
- duration 1
- factors 1
- action 1
- aggravating 1
- gained 1
- taken 1
- established 1
- mitigate 1
- remedy 1
- damage 1
- caused 1
- previous 1
- reliably 1
- such 1
Article 34
Penalties
1. Member States shall lay down the rules on penalties applicable to infringements of the obligations regarding transfers of non-personal data to third countries pursuant to Article 5(14) and Article 31, the notification obligation of data intermediation services providers pursuant to Article 11, the conditions for providing data intermediation services pursuant to Article 12 and the conditions for the registration as a recognised data altruism organisation pursuant to Articles 18, 20, 21 and 22, and shall take all measures necessary to ensure that they are implemented. The penalties provided for shall be effective, proportionate and dissuasive. In their rules on penalties, Member States shall take into account the recommendations of the European Data Innovation Board. Member States shall, by 24 September 2023, notify the Commission of those rules and of those measures and shall notify it, without delay, of any subsequent amendment affecting them.
2. Member States shall take into account the following non-exhaustive and indicative criteria for the imposition of penalties on data intermediation services providers and recognised data altruism organisations for infringements of this Regulation, where appropriate:
(a) | the nature, gravity, scale and duration of the infringement; |
(b) | any action taken by the data intermediation services provider or recognised data altruism organisation to mitigate or remedy the damage caused by the infringement; |
(c) | any previous infringements by the data intermediation services provider or recognised data altruism organisation; |
(d) | the financial benefits gained or losses avoided by the data intermediation services provider or recognised data altruism organisation due to the infringement, insofar as such benefits or losses can be reliably established; |
(e) | any other aggravating or mitigating factors applicable to the circumstances of the case. |
whereas