Search every question across sub-FAQs

The Data Act context is the starting point for this answer. For a public-emergency request under Article 15(1)(a), data holders other than microenterprises and small enterprises must make the necessary data available free of charge. If the data holder asks, the receiving public sector body, Commission, European Central Bank, or Union body must provide public acknowledgement.

The emergency route is narrow. The requester must show that the requested data is necessary to respond to the public emergency and cannot be obtained by alternative means in a timely and effective manner under equivalent conditions. A data holder should therefore classify the request before discussing any fee.

The Data Act context is the starting point for this answer. For non-emergency exceptional-need requests under Article 15(1)(b), a data holder is entitled to fair compensation for making data available. That route applies only to non-personal data and only where the requesting body acts on a legal public-interest task, identifies specific missing data, and has exhausted other means to obtain it.

The request should not be treated as a shortcut around normal procurement. The Data Act text lists prior market purchase at market rates, existing data-availability obligations, and new legislative measures as examples of means that may need to be exhausted before Article 15(1)(b) is used.

The Data Act context is the starting point for this answer. Article 20 says fair compensation covers the technical and organisational costs incurred to comply with the request and a reasonable margin. The text specifically mentions costs of anonymisation, pseudonymisation, aggregation, and technical adaptation where they apply.

The cost file should therefore show the request-specific work needed to make the data available, not a general price list for the value of the dataset. If the public body asks, the data holder must provide information on the basis for the calculation of costs and the reasonable margin.

The Data Act context is the starting point for this answer. Yes. Article 20(1) says data holders other than microenterprises and small enterprises must make public-emergency data available free of charge, while Article 20(3) says the fair-compensation rule also applies where a microenterprise or small enterprise claims compensation.

For non-emergency requests, Article 15(2) removes the Chapter V obligation for microenterprises and small enterprises entirely. A request file should therefore record the holder's size status before any compensation discussion.

The Data Act context is the starting point for this answer. Article 20(4) says data holders are not entitled to compensation for an Article 15(1)(b) request where the specific task is producing official statistics and national law does not allow the purchase of the data.

That carveout is narrow. The request file should show both the official-statistics purpose and the national-law position on purchase before the compensation answer is closed.

The Data Act context is the starting point for this answer. The request must respect the data holder's legitimate aims, including trade-secret protection and the cost and effort required to make data available. If trade secrets must be disclosed, Article 19 limits disclosure to what is strictly necessary and requires the data holder or trade-secret holder to identify protected data, including relevant metadata.

Confidentiality and data-protection work can affect the cost calculation when it is needed to comply with a non-emergency request. For example, Article 20 expressly allows costs for anonymisation, pseudonymisation, aggregation, and technical adaptation where applicable. The same controls should also be documented for emergency requests even where the response is free of charge.

The Data Act context is the starting point for this answer. Keep a request file that lets a later reviewer reconstruct the classification and calculation without relying on chat history. The file should include the written request, the Article 15 route, requester identity, data scope, purpose, duration, erasure expectation, sharing recipients, delivery deadline, the data holder's response, and the compensation calculation or free-of-charge rationale.

Article 18 allows a data holder to decline or seek modification without undue delay, with a five-working-day outside limit for public-emergency requests and a 30-working-day outside limit for other exceptional-need requests. Article 20 also gives the receiving body a complaint route to the competent authority if it disagrees with the compensation level.

The Data Act context is the starting point for this answer. The main mistake is quoting a fee before classifying the request. The compensation answer changes depending on whether the request is for public-emergency response, another non-emergency exceptional need, official statistics, or a micro or small enterprise scenario.

A useful response letter should state the request type, the data scope, whether compensation is unavailable or claimed, the cost basis if compensation is claimed, the confidentiality and personal-data safeguards, and the records the data holder will retain. It should not include unsupported penalty amounts or invented fee thresholds.

The Data Act source evidence should make the decision auditable later. Keep the legal basis for the request, the route under Article 15, the cost basis under Article 20, any confidentiality measures under Article 19, and the complaint route under Articles 18 and 20 together with the final decision.

That record should be specific enough that a reviewer can see why the response was free, why compensation was limited to technical and organisational costs, or why a request was declined or modified.

The team should assign one accountable owner who can coordinate legal, procurement, security, and data teams for a Chapter V request. The Data Act asks the request to be handled in a specific, transparent, and proportionate way, so someone has to own the file from intake to closure.

That owner should be responsible for ensuring the request is logged, the compensation route is checked against Article 20, and any competence issues are escalated to the competent authority or data coordinator where needed.

For Data Act B2G compensation and costs, the most useful evidence is the material that shows why the request met Chapter V and how the compensation number was built. That includes the written request, the Article 15 classification, the Article 20 cost breakdown, and any confidentiality or anonymisation steps.

The file should also preserve the public body's acknowledgement request, any modification or decline notice, and any complaint or authority correspondence, so a later reviewer can understand the full decision path.

The Data Act answer should be reviewed whenever the request route changes, the team learns new facts about the data holder's size or control over the data, or the public body starts asking for a different data scope or purpose. The same applies if national law changes the ability to purchase data for official statistics or if the request involves new confidentiality or personal-data constraints.

The team should also revisit the answer after any actual Chapter V request, because the Data Act requires the file to be specific to the request, the compensable work, and the applicable deadline and complaint path.

The EU Data Act allows a Chapter V request only where the requesting public body or EU institution demonstrates an exceptional need to use certain data, including metadata needed to interpret and use it, for a statutory public-interest task. The need must be limited in time and scope.

There are two routes. For a public emergency, the requested data must be necessary to respond to that emergency and unavailable by alternative means in a timely and effective way under equivalent conditions. Outside a public emergency, the request is limited to non-personal data, must support a specific public-interest task explicitly provided by law, and can be used only after other means to obtain the data have been exhausted.

The Data Act context is the starting point for this answer. The request side is limited to public-sector bodies of Member States, the Commission, the European Central Bank, and Union bodies. The receiving side is a data holder that is a legal person, other than a public-sector body, and that holds the requested data.

A public-sector body from one Member State can request data from a data holder in another Member State, but cross-border requests have an extra protection step: the competent authority in the data holder's Member State examines the request under the Article 22 procedure.

The Data Act context is the starting point for this answer. A valid request must be written in clear, concise, plain language and must be specific about the data requested, the data holder chosen, the public-interest task, the purpose and intended use, the duration of use, any planned onward sharing, and the deadlines for making data available and for declining or seeking modification.

The request must also justify why the exceptional-need conditions are met, be proportionate in data type, volume, granularity, and frequency of access, respect the data holder's legitimate aims and trade-secret protection, and state the legal provision allocating the relevant public-interest task to the requesting body.

The Data Act context is the starting point for this answer. A data holder should keep the written request, the basis for accepting or challenging it, the response deadline, the data disclosed or withheld, and the safeguards applied to the transfer. The record should also show any cross-border notification and any competent-authority contact.

If the data holder relies on a refusal or a request for modification, it should record the reason and the relevant Article 18 ground. If the request is fulfilled, the record should include the purpose limitation, security measures, any trade-secret identification, and later erasure or onward-sharing notices.

The Data Act context is the starting point for this answer. For non-emergency requests, only non-personal data may be requested. For public-emergency requests, the request should concern non-personal data first, and personal data may only be included if non-personal data is insufficient to respond to the need. In that case, the data holder must anonymise the data where possible, or pseudonymise it where disclosure of personal data is strictly necessary.

Where personal data is involved, the request must identify the technical and organisational safeguards needed to protect data-protection principles, and the relevant supervisory authority must be notified.

The Data Act context is the starting point for this answer. A data holder may decline or seek modification without undue delay, and in any event within five working days for data necessary to respond to a public emergency or within 30 working days for other exceptional-need requests.

The Data Act gives three listed grounds: the data holder does not control the requested data; a similar request for the same purpose was previously submitted by another eligible public body or EU institution and the data holder has not been notified that the earlier data was erased; or the request does not meet the Article 17 requirements.

The Data Act context is the starting point for this answer. Data received under Chapter V does not become open public-sector information for general reuse. It must be used only for the purpose stated in the request, protected with technical and organisational measures, and erased once no longer necessary for that stated purpose unless archiving is required under transparency rules.

Trade secrets may be disclosed only to the extent strictly necessary for the Article 15 purpose. The data holder or trade-secret holder must identify the protected data, including relevant metadata, and the requesting body must take necessary and appropriate measures to preserve confidentiality before disclosure.

The Data Act context is the starting point for this answer. For a public-emergency request, data holders other than microenterprises and small enterprises must make the necessary data available free of charge, but may request public acknowledgement. The Commission's explanation states that micro and small companies may ask for reasonable remuneration not exceeding incurred technical and organisational costs, plus public acknowledgement upon request.

For non-emergency exceptional-need requests under Article 15(1)(b), the data holder is entitled to fair compensation covering technical and organisational costs, including anonymisation, pseudonymisation, aggregation, and technical adaptation where applicable, plus a reasonable margin. There is an exception where the task is official statistics and national law does not allow purchase of the data.