On a framework for the free flow of non-personal data in the European Union

Regulation 2018/1807 of the European Parliament and of the Council aims to ensure the free flow of non-personal data in the Union, by laying down rules on localization requirements, the ability of competent authorities to access data and the transfer of data for professional users.

Under par. 5 of article 3 of the Regulation, a data localization requirement is defined as “any obligation, prohibition, condition, limit or other requirement provided for in the laws, regulations or administrative provisions of a Member State or resulting from general and consistent administrative practices in a Member State and in bodies governed by public law, including in the field of public procurement, without prejudice to Directive 2014/24/EU, which imposes the processing of data in the territory of a specific Member State or hinders the processing of data in any other Member State”

The regulation aims, inter alia, to overcome two types of barriers to data mobility and the internal market:

1.    data localization requirements set by Member State authorities, and
2.    vendor lock-in practices to a specific provider in the private sector.

At  stake is the elimination of obstacles to the free flow of information and (non-personal) data within the  Union. In short, data localization requirements are prohibited unless justified for reasons of public security in accordance with the principle of proportionality.

This website has been created according to the relevant provision of Article 4 of the Regulation on the development of a single online information point and is under development. For further documentation please see here as well the regulation guidelines. You can reach the national single point of contact for the implementation of the regulation at ffd@mindigital.gr