--- title: "EU Digital Services Act FAQ: DSA scope, platform duties, VLOPs, reports, and penalties" canonical_url: "https://www.sorena.io/artifacts/eu/digital-services-act/faq" source_url: "https://www.sorena.io/artifacts/eu/digital-services-act/faq/items" author: "Sorena AI" description: "Concise EU Digital Services Act FAQ covering intermediary-service scope, active-recipient thresholds, illegal-content notices, statements of reasons, trader traceability, recommender transparency, systemic-risk duties, reporting, penalties, and complaints." published_at: "2026-05-09" updated_at: "2026-05-09" keywords: - "EU Digital Services Act" - "DSA FAQ" - "online platform duties" - "VLOP threshold" - "statements of reasons" - "online platforms" - "VLOPs" - "content moderation" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # EU Digital Services Act FAQ: DSA scope, platform duties, VLOPs, reports, and penalties Concise EU Digital Services Act FAQ covering intermediary-service scope, active-recipient thresholds, illegal-content notices, statements of reasons, trader traceability, recommender transparency, systemic-risk duties, reporting, penalties, and complaints. *Artifact Guide* *EU* ## EU Digital Services Act FAQ Direct answers to recurring DSA questions about service scope, online platform duties, VLOP and VLOSE designation, content moderation notices, statements of reasons, trader traceability, recommenders, risk assessments, transparency reports, penalties, and complaints. Use the cited EU sources to separate baseline intermediary duties from extra obligations for hosting services, online platforms, marketplaces, and designated very large services. This EU Digital Services Act FAQ explains the main DSA duties a website visitor is likely to search for: which services are covered, when platform-specific rules apply, what VLOP and VLOSE status changes, how illegal-content notices and statements of reasons work, what marketplaces must collect from traders, what recommender disclosures must say, what designated very large services must assess and report, how penalties are capped, and how users can complain. ## Browse sub-FAQ modules ### [DSA average monthly active recipients: what platforms must publish](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md) A grounded FAQ on average monthly active recipients under the EU Digital Services Act, including publication, EU recipient scope, the 45 million VLOP/VLOSE threshold, and evidence records. - 4 items ### [DSA illegal content notices: what must be included?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md) A grounded FAQ on EU Digital Services Act illegal-content notices: Article 16 notice elements, acknowledgement, decision notices, trusted flagger priority, statements of reasons, and records. - 3 items ### [DSA Marketplace Trader Traceability FAQ](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md) Answer to what EU Digital Services Act Article 30 requires online marketplaces to collect, verify, display, retain, and evidence for trader traceability. - 5 items ### [DSA recommender transparency FAQ: Article 27 and VLOP options](/artifacts/eu/digital-services-act/faq/recommender-transparency.md) What EU Digital Services Act recommender transparency requires: main parameters, user options, VLOP/VLOSE non-profiling choices, and evidence to keep. - 4 items ### [DSA statement of reasons FAQ](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md) When DSA statements of reasons are required, what they must contain, when online platforms submit them to the DSA Transparency Database, and what appeal records to keep. - 4 items ### [DSA VLOP Risk Assessment FAQ: Article 34, Mitigation, Audits](/artifacts/eu/digital-services-act/faq/vlop-risk-assessment.md) What VLOPs and VLOSEs must assess under the EU Digital Services Act, when to reassess, how Article 35 mitigation and annual audit evidence fit together, and what records to keep. - 4 items Browse all indexed questions: [/artifacts/eu/digital-services-act/faq/items](/artifacts/eu/digital-services-act/faq/items.md) ## All FAQ items *Page 1 of 2. Showing 20 of 24 items.* ### [What does average monthly active recipients mean under the DSA?](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md#what-does-average-monthly-active-recipients-mean-under-the-dsa) *Module: [DSA average monthly active recipients: what platforms must publish](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md)* For this FAQ, average monthly active recipients means the Article 24(2) user-number publication for an online platform or online search engine: information on the average monthly active recipients of the service in the Union, calculated as an average over the past six months. - Measure and publish per online platform or online search engine, not as a single corporate group total. - Keep the service boundary clear where one product contains multiple platform, search, retail, marketplace, or third-party-content surfaces. - Do not treat a public figure as final proof of non-designation; Article 33 allows the Commission to assess reported data, requested information, or other information available to it. - Do not publish personal data as part of the Article 24 calculation support; Article 24(3) says requested calculation substantiation must not include personal data. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Article 24(2) sets the publication duty for average monthly active recipients in the Union and Article 24(3) addresses authority requests for calculation explanations and substantiation. - [European Commission - DSA guidance on publishing user numbers](https://digital-strategy.ec.europa.eu/en/library/dsa-guidance-requirement-publish-user-numbers?ref=sorena.io) - Commission guidance identifies Article 24(2), Recital 77, Article 3 definitions, and Article 33 as the main DSA provisions for identifying and counting active recipients. ### [When and where must the number be published?](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md#when-and-where-must-the-number-be-published) *Module: [DSA average monthly active recipients: what platforms must publish](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md)* Article 24(2) required providers to publish the first information by 17 February 2023 and to update it at least once every six months thereafter. The publication must be in a publicly available section of the online interface for each online platform or online search engine. - Retain the public URL or interface location where the number was published. - Record the six-month measurement period used for the average. - Record when the figure was published or updated. - Keep a response pack that can be sent without undue delay if the Digital Services Coordinator of establishment or the Commission asks for updated information or substantiation. - Separate the public number from non-public calculation support, especially where that support contains sensitive operational data. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Article 24(2) supports the six-month publication cadence and Article 24(3) supports the authority-request response expectation. - [European Commission - DSA guidance on publishing user numbers](https://digital-strategy.ec.europa.eu/en/library/dsa-guidance-requirement-publish-user-numbers?ref=sorena.io) - Commission guidance explains the first publication deadline and the practical questions raised by providers about counting active recipients. ### [How does the number affect VLOP and VLOSE designation?](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md#how-does-the-number-affect-vlop-and-vlose-designation) *Module: [DSA average monthly active recipients: what platforms must publish](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md)* Article 33 applies the very large online platform and very large online search engine regime to online platforms and online search engines with average monthly active recipients in the Union equal to or higher than 45 million, once designated by the Commission. - Treat 45 million as the Article 33 threshold for average monthly active recipients in the Union, not as a global user threshold. - Escalate services that are near, at, or above the threshold before publication so legal, data, and platform leads can review the basis for the figure. - Keep a record of any Commission or Digital Services Coordinator correspondence about the number. - For designated services, connect the figure to VLOP/VLOSE obligations such as systemic risk assessment, independent audit, data access, recommender-system choices, and advertisement repository obligations. - For designated services, Article 42 also requires transparency reports to include average monthly recipients of the service for each Member State. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Article 33 provides the 45 million threshold, the Commission designation process, the one-year below-threshold termination rule, and the four-month application timing after notification. - [European Commission - Very large online platforms and search engines](https://digital-strategy.ec.europa.eu/en/policies/dsa-vlops?ref=sorena.io) - Commission overview explains that platforms and search engines with more than 45 million monthly EU users are in scope for the DSA's most stringent rules once designated. - [European Commission - Supervision of designated VLOPs and VLOSEs under the DSA](https://digital-strategy.ec.europa.eu/en/policies/list-designated-vlops-and-vloses?ref=sorena.io) - Commission list shows that reported average monthly active-user figures are published with a caveat that they remain without prejudice to Commission assessment of the calculation methodology. ### [What evidence should support the published number?](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md#what-evidence-should-support-the-published-number) *Module: [DSA average monthly active recipients: what platforms must publish](/artifacts/eu/digital-services-act/faq/average-monthly-active-recipients.md)* The DSA does not require teams to publish their full internal calculation workbook on the public page. It does, however, let the Digital Services Coordinator of establishment and the Commission ask for explanations and substantiation about the calculation and the data used, without personal data. - Service name, provider entity, and whether the service is an online platform, online search engine, or both. - Union-recipient inclusion rule used by the data team and any known country or Member State limitations in the dataset. - Six-month period used for the average and the date the figure was generated. - Source systems, query versions, data-quality checks, and reviewers who approved the number. - Known exclusions, deduplication assumptions, or split-service assumptions, stated without inventing a universal DSA formula. - Public interface URL, publication date, update history, and copies of any authority requests or responses. - Confirmation that substantiation prepared for authorities does not include personal data. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Article 24(3) supports keeping explanations and substantiation for the calculation while excluding personal data from the information supplied. - [European Commission - Supervision of designated VLOPs and VLOSEs under the DSA](https://digital-strategy.ec.europa.eu/en/policies/list-designated-vlops-and-vloses?ref=sorena.io) - Commission designation table illustrates why providers should retain methodology records: listed user numbers are described as provider-reported and without prejudice to Commission methodology assessment. ### [What must a DSA illegal-content notice contain?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md#what-must-a-dsa-illegal-content-notice-contain) *Module: [DSA illegal content notices: what must be included?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md)* Article 16 requires providers of hosting services to offer easy-to-access, user-friendly electronic mechanisms for notices about specific items of information that a person or entity considers illegal content. - Capture the reasoned explanation of why the notifier alleges the information is illegal content. - Capture the exact electronic location, such as the URL or URLs, plus any content-type-specific details needed to identify the item. - Capture the notifier's name and email address unless the Article 16 exception for certain child sexual abuse or exploitation offences applies. - Capture the notifier's statement that they believe, in good faith, that the information and allegations are accurate and complete. - Record whether the notice is sufficiently precise and adequately substantiated, because only sufficiently specific notices can create actual knowledge or awareness for the specific item. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 16 sets the electronic notice mechanism and the required elements for sufficiently precise and adequately substantiated illegal-content notices. ### [What must happen after the notice is submitted?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md#what-must-happen-after-the-notice-is-submitted) *Module: [DSA illegal content notices: what must be included?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md)* If the notice contains the notifier's electronic contact information, the hosting service must confirm receipt without undue delay and later notify the notifier of the decision on the reported information, including available redress routes. - Send a receipt acknowledgement without undue delay when electronic contact details are available. - Decide the notice in a timely, diligent, non-arbitrary, and objective manner. - Tell the notifier the decision and redress possibilities without undue delay. - Tell the notifier when automated means were used for processing or decision-making. - When restricting content, prepare the Article 17 statement of reasons for the affected recipient, including restriction type, facts and circumstances, legal or contractual ground, automation use where applicable, and redress information. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Articles 16, 17, and 20 support the acknowledgement, decision communication, statement-of-reasons, automation disclosure, and internal complaint-handling points. - [European Commission - DSA Transparency Database Q&A](https://digital-strategy.ec.europa.eu/en/faqs/dsa-transparency-database-questions-and-answers?ref=sorena.io) - Explains that Article 17 statements of reasons help users understand and challenge content moderation decisions, and that online platforms submit statements of reasons to the Commission database. ### [How do trusted flaggers and records change the workflow?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md#how-do-trusted-flaggers-and-records-change-the-workflow) *Module: [DSA illegal content notices: what must be included?](/artifacts/eu/digital-services-act/faq/illegal-content-notice.md)* A trusted flagger notice is still submitted through the Article 16 mechanism, but Article 22 requires online platforms to give priority to notices from trusted flaggers acting within their designated area of expertise and to process and decide them without undue delay. - Tag whether the notifier is a designated trusted flagger and whether the notice falls within the flagger's area of expertise. - Route qualifying trusted flagger notices for priority processing and decision without undue delay. - Keep support for any escalation to the awarding Digital Services Coordinator when a trusted flagger submits a significant number of insufficiently precise, inaccurate, or inadequately substantiated notices. - For transparency reporting, preserve counts of Article 16 notices by type of alleged illegal content, trusted flagger notices, actions taken under law versus terms, automated processing, and median action time. - For online platforms, preserve statement-of-reasons submission status and ensure submissions to the Commission database do not contain personal data. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Articles 15 and 22 support notice metrics, trusted flagger priority handling, annual trusted flagger reporting, and misuse escalation to the awarding Digital Services Coordinator. - [European Commission - Trusted flaggers under the Digital Services Act](https://digital-strategy.ec.europa.eu/en/policies/trusted-flaggers-under-dsa?ref=sorena.io) - Commission explanation of trusted flagger role, designation by national Digital Services Coordinators, EU-wide validity, priority treatment, and provider responsibility for the final decision. ### [What does DSA marketplace trader traceability require?](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md#what-does-dsa-marketplace-trader-traceability-require) *Module: [DSA Marketplace Trader Traceability](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md)* For an online marketplace in scope of Article 30, a trader should not be able to promote messages about products or services, or offer products or services to consumers located in the Union, until the platform has obtained the required trader information. - Collect the trader's name, address, telephone number, and email address where applicable. - Collect a copy of the trader's identification document or qualifying electronic identification. - Collect payment account details and, where applicable, trade-register details and registration number or equivalent identifier. - Collect the trader's self-certification committing to offer only products or services that comply with applicable Union law. - Block marketplace use for EU consumer offers until the Article 30 information has been obtained and checked for reliability and completeness through best efforts. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 30 sets the trader traceability rule for online platforms that let consumers conclude distance contracts with traders. - [European Commission - The Digital Services Act](https://digital-strategy.ec.europa.eu/en/policies/digital-services-act?ref=sorena.io) - Commission overview identifies marketplaces as covered services and explains verified-seller transparency for consumers. - [European Board for Digital Services - Consumers and online marketplaces working group](https://digital-strategy.ec.europa.eu/en/library/working-group-5-european-board-digital-services-consumers-and-online-marketplaces?ref=sorena.io) - Commission page confirms that Working Group 5 covers consumers and online marketplaces, especially DSA Articles 30-32. ### [What must be visible to consumers?](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md#what-must-be-visible-to-consumers) *Module: [DSA Marketplace Trader Traceability](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md)* Article 30 separates internal collection from consumer-facing disclosure. The marketplace does not publish every collected item, but it must make the trader's name and contact information, trade-register information where applicable, and the trader's compliance self-certification available to recipients of the service in a clear, easily accessible, and comprehensible way. - Show the trader name, address, telephone number, and email address in the product or service flow where consumers can find it before buying. - Show the trade register and registration number or equivalent identifier when the trader is registered in such a register. - Show the trader's self-certification that products or services offered through the marketplace comply with applicable Union law. - Do not expose identification documents or payment account details to consumers unless another applicable law requires disclosure. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 30(7) specifies which trader information must be made available on the online platform interface. - [European Commission - The Digital Services Act](https://digital-strategy.ec.europa.eu/en/policies/digital-services-act?ref=sorena.io) - Commission overview explains that marketplaces must verify and display seller contact details for consumer transparency. ### [What should the marketplace do when information is missing or unreliable?](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md#what-should-the-marketplace-do-when-information-is-missing-or-unreliable) *Module: [DSA Marketplace Trader Traceability](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md)* If the marketplace has sufficient indications or reason to believe that Article 30 trader information is inaccurate, incomplete, or not up to date, it must ask the trader to remedy the problem without delay or within the period set by Union and national law. - Log the signal that made the trader data appear inaccurate, incomplete, or stale. - Send a remediation request that identifies the exact missing or defective Article 30 field. - Pause or prevent EU consumer offers where the required information is not supplied or corrected. - Keep evidence of the request, trader response, suspension decision, and any complaint handling. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 30(3) requires remediation requests and swift suspension when inaccurate, incomplete, or outdated trader information is not corrected. ### [How do Article 31 and Article 32 connect to traceability?](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md#how-do-article-31-and-article-32-connect-to-traceability) *Module: [DSA Marketplace Trader Traceability](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md)* Trader traceability should be implemented together with Article 31 marketplace interface controls. The interface must let traders provide required pre-contractual, compliance, and product safety information, including product or service identification, trader signs such as a trademark or logo, and applicable labelling and marking information. - Design listing forms so traders can provide product or service identification, economic-operator details, trader signs, and applicable labelling or marking information. - Before listing, make best efforts to assess whether traders have provided the Article 31 information. - After listing, make reasonable random checks against official accessible databases or interfaces for illegal products or services. - When an illegal product or service is identified, keep evidence of affected consumers, trader identity, notices sent, public notice if needed, and redress information. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Articles 31 and 32 set marketplace interface, random-check, and illegal product or service information duties related to traceability. - [European Board for Digital Services - Consumers and online marketplaces working group](https://digital-strategy.ec.europa.eu/en/library/working-group-5-european-board-digital-services-consumers-and-online-marketplaces?ref=sorena.io) - Commission page places Articles 30-32 in the consumer and online marketplace workstream. ### [What evidence should teams keep?](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md#what-evidence-should-teams-keep) *Module: [DSA Marketplace Trader Traceability](/artifacts/eu/digital-services-act/faq/marketplace-trader-traceability.md)* The useful evidence is the proof that the marketplace actually enforced Article 30 in seller onboarding and live seller maintenance. Keep the collected trader data securely, document how reliability and completeness were assessed, and tie each trader status change to the relevant product or service flow. - Seller onboarding record with each Article 30 field, collection timestamp, source, verifier, and result. - Reliability check evidence, such as official database lookup result, electronic identification check, or supporting document request and response. - Consumer-facing disclosure screenshot or rendered-page capture showing the trader information on the product or service interface. - Issue log for incomplete, inaccurate, or outdated trader information, including remediation request, deadline, suspension, reinstatement, and complaint handling. - Retention and deletion record showing secure storage through the trader relationship and deletion after the six-month post-relationship period. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 30(5) requires secure storage for six months after the trader relationship ends and subsequent deletion. ### [What does DSA Article 27 require for recommender system transparency?](/artifacts/eu/digital-services-act/faq/recommender-transparency.md#what-does-dsa-article-27-require-for-recommender-system-transparency) *Module: [DSA recommender transparency FAQ: Article 27 and VLOP options](/artifacts/eu/digital-services-act/faq/recommender-transparency.md)* Article 27 applies to providers of online platforms that use recommender systems. The DSA defines a recommender system as a fully or partly automated system that suggests information, prioritises it, or determines the relative order or prominence of information in the platform interface. - Identify every recommender surface: feed, search results, marketplace ordering, content suggestions, ranking modules, or other interface areas that suggest or prioritise information. - Describe the most significant criteria used to determine what information is suggested to a user. - Explain why those parameters have their relative importance; do not replace this with an unexplained formula, model name, or generic personalization statement. - List the user options that can modify or influence the main parameters, or state clearly when no such option is offered for that recommender surface. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 3 defines recommender systems, and Article 27 requires plain-language disclosure of main parameters and user options in terms and conditions. ### [What user controls must be available for DSA recommender choices?](/artifacts/eu/digital-services-act/faq/recommender-transparency.md#what-user-controls-must-be-available-for-dsa-recommender-choices) *Module: [DSA recommender transparency FAQ: Article 27 and VLOP options](/artifacts/eu/digital-services-act/faq/recommender-transparency.md)* Article 27 distinguishes between disclosure of options and in-product functionality. If several options are available for a recommender system that determines the relative order of information, the platform must let the recipient select and modify the preferred option at any time. - Map each terms-and-conditions option to the exact UI control where the recipient can select or change it. - Record whether the control changes ranking order, recommendation source, personalization settings, chronological ordering, popularity ordering, location, language, seller, or another main parameter. - Keep screenshots or product specs showing the control in the interface section where prioritised information appears. - Retest the disclosure after recommender releases, ranking-signal changes, UI redesigns, or changes to terms and conditions. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 27 explains when recipient choice functionality must be directly and easily accessible in the interface where information is prioritised. - [European Commission - How the Digital Services Act enhances transparency online](https://digital-strategy.ec.europa.eu/en/policies/dsa-brings-transparency?ref=sorena.io) - Commission transparency page describes DSA transparency obligations and the public terms-and-conditions database that tracks changes to platform terms. ### [What extra recommender choice applies to VLOPs and VLOSEs?](/artifacts/eu/digital-services-act/faq/recommender-transparency.md#what-extra-recommender-choice-applies-to-vlops-and-vloses) *Module: [DSA recommender transparency FAQ: Article 27 and VLOP options](/artifacts/eu/digital-services-act/faq/recommender-transparency.md)* Article 38 adds a separate requirement for providers of very large online platforms and very large online search engines that use recommender systems. In addition to Article 27, they must provide at least one option for each recommender system that is not based on profiling under the GDPR definition referenced by the DSA. - Confirm whether the service is designated as a VLOP or VLOSE before applying Article 38 as an extra obligation. - For each recommender system, identify the default option, any alternative options, and the option that is not based on profiling. - Check that the non-profiling choice is not limited to one surface if multiple recommender systems are used. - Keep product and legal sign-off that the option described as non-profiling is implemented consistently in the live ranking service. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Article 38 adds the non-profiling recommender option for VLOPs and VLOSEs that use recommender systems. - [European Commission - DSA: Very large online platforms and search engines](https://digital-strategy.ec.europa.eu/en/policies/dsa-vlops?ref=sorena.io) - Commission VLOP/VLOSE overview states the 45 million EU monthly user threshold and lists enhanced obligations, including non-profiling recommender options. ### [What evidence should teams keep for DSA recommender transparency?](/artifacts/eu/digital-services-act/faq/recommender-transparency.md#what-evidence-should-teams-keep-for-dsa-recommender-transparency) *Module: [DSA recommender transparency FAQ: Article 27 and VLOP options](/artifacts/eu/digital-services-act/faq/recommender-transparency.md)* Keep enough evidence to prove that the public disclosure, the live user interface, and the recommender implementation describe the same system. This is especially important for VLOPs and VLOSEs because DSA risk assessment, mitigation, audit, and data-access provisions can require explanations of algorithmic-system design, logic, functioning, and testing. - Recommender inventory with surface name, owner, recipient group, ranking objective, main criteria, and whether the surface determines relative order or prominence. - Terms-and-conditions extract showing the Article 27 main-parameter explanation and the options to modify or influence those parameters. - UI screenshots, design specs, or QA evidence showing where each choice is directly available to recipients. - For VLOPs and VLOSEs, evidence for the Article 38 non-profiling option for each recommender system and testing records for algorithmic changes. - Change log tying recommender releases, terms updates, and interface changes to legal, product, and data-science review. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj?ref=sorena.io) - Articles 34, 35, 38, 40, and 44 connect VLOP/VLOSE recommender systems to risk assessment, mitigation, data access, and choice-interface scrutiny. - [European Commission - How the Digital Services Act enhances transparency online](https://digital-strategy.ec.europa.eu/en/policies/dsa-brings-transparency?ref=sorena.io) - Commission transparency page describes transparency reports, risk assessment and audit reports, and official reporting channels for VLOP/VLOSE practices including recommender systems. ### [When is a DSA statement of reasons required?](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md#when-is-a-dsa-statement-of-reasons-required) *Module: [DSA statement of reasons](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md)* A statement of reasons is triggered by the moderation decision, not by the label a team gives the workflow. Article 17 applies to providers of hosting services when they impose one of the listed restrictions because information provided by a recipient of the service is considered illegal content or incompatible with the provider's terms and conditions. - Trigger: a hosting-service restriction based on illegal content or terms-and-conditions incompatibility. - Recipient: any affected recipient of the service whose relevant electronic contact details are known. - Timing: provide the statement at the latest when the restriction is imposed. - Exclusions to check: deceptive high-volume commercial content and Article 9 orders. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act), Article 17](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Defines when hosting-service providers must give affected recipients a statement of reasons and lists the restrictions covered by Article 17. ### [What must the statement contain?](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md#what-must-the-statement-contain) *Module: [DSA statement of reasons](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md)* Article 17 requires enough detail for the affected recipient to understand the decision and exercise available redress rights. The statement should identify the moderation measure, the territorial scope and duration where relevant, the facts and circumstances relied on, and whether the decision followed an Article 16 notice or voluntary own-initiative investigation. - Decision type: removal, disabling access, demotion, visibility restriction, payment restriction, service restriction, or account restriction. - Scope and duration: territory and time period where relevant. - Basis: facts, circumstances, notice source or own-initiative review, and legal or contractual ground. - Automation: whether automated means were used where applicable. - Redress: clear, user-friendly complaint, out-of-court dispute settlement, and court options where applicable. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act), Article 17](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Lists the minimum content of a statement of reasons, including measure, facts, automation, legal or contractual basis, and redress information. ### [What changes for online platforms and the Transparency Database?](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md#what-changes-for-online-platforms-and-the-transparency-database) *Module: [DSA statement of reasons](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md)* The DSA Transparency Database does not collect every hosting-service statement of reasons. The Commission FAQ explains that it collects statements of reasons from online platforms, which are a subset of hosting services that store user-provided information and disseminate it publicly, such as online marketplaces, app stores, or social networks. - Determine whether the service is an online platform, not only a hosting service. - Submit Article 17 decisions and statements of reasons to the Commission without undue delay where Article 24(5) applies. - Remove personal data from the database submission. - Do not rely on the public database record as the full recipient notice, because redress options are not published there. - Use the Commission onboarding, sandbox, API, webform, and batch API paths where applicable to the provider's submission volume. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act), Article 24(5)](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Requires online platforms to submit Article 17 decisions and statements of reasons to the Commission database without undue delay and without personal data. - [European Commission - DSA Transparency Database Q&A](https://digital-strategy.ec.europa.eu/en/faqs/dsa-transparency-database-questions-and-answers?ref=sorena.io) - Explains the database scope, submission methods, personal-data exclusion, redress-option exclusion, and retention behavior for statements of reasons. ### [What appeal, complaint, and record links should the workflow preserve?](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md#what-appeal-complaint-and-record-links-should-the-workflow-preserve) *Module: [DSA statement of reasons](/artifacts/eu/digital-services-act/faq/statement-of-reasons.md)* For online platforms, Article 20 requires an effective internal complaint-handling system for at least six months after the recipient is informed about covered moderation decisions. Complaints must be handled in a timely, non-discriminatory, diligent, and non-arbitrary manner, and complaint decisions must be supervised by appropriately qualified staff rather than made solely by automated means. - Store the delivered recipient statement and delivery timestamp. - Store the moderation action, legal or contractual basis, facts and circumstances, automation flag, scope, duration, and redress text. - For online platforms, store the database submission status, submission channel, payload version, personal-data removal check, and any submission errors. - Store internal complaint intake, review owner, reasoned outcome, reversal if any, and notice of out-of-court dispute settlement options. - Store out-of-court dispute settlement body, dispute scope, language, outcome, implementation decision, and related fee handling where relevant. Sources for this answer: - [Regulation (EU) 2022/2065 (Digital Services Act), Articles 20 and 21](https://eur-lex.europa.eu/eli/reg/2022/2065/oj/eng?ref=sorena.io) - Sets the internal complaint-handling and out-of-court dispute settlement routes linked to platform moderation decisions. - [European Commission - Out-of-court dispute settlement bodies under the DSA](https://digital-strategy.ec.europa.eu/en/policies/dsa-out-court-dispute-settlement?ref=sorena.io) - Explains how users can contest platform content moderation decisions through internal complaints, certified out-of-court bodies, or courts. - [European Commission - DSA Transparency Database Q&A](https://digital-strategy.ec.europa.eu/en/faqs/dsa-transparency-database-questions-and-answers?ref=sorena.io) - Provides public database retention details for search results, daily dumps, and dashboard aggregate statistics. ## FAQ Pagination - Canonical index (page 1): [/artifacts/eu/digital-services-act/faq/items](/artifacts/eu/digital-services-act/faq/items.md) - Page 1 rule: `/page/1` is intentionally not generated; use the canonical index markdown URL. - Current page: 1 of 2 Pages: [1](/artifacts/eu/digital-services-act/faq/items.md) | [2](/artifacts/eu/digital-services-act/faq/items/page/2.md) [Next page](/artifacts/eu/digital-services-act/faq/items/page/2.md) *Recommended next step for the EU Digital Services Act* *Placement: before sources* ## Turn DSA FAQ answers into implementation evidence Sorena can help translate DSA scope, notice handling, statement-of-reasons, marketplace, recommender, VLOP/VLOSE, reporting, complaint, and penalty questions into cited controls and review records. - [Open Research Copilot for the DSA](/solutions/research-copilot.md): Ask source-linked questions about DSA scope, platform obligations, VLOP/VLOSE duties, reports, complaints, and enforcement. - [Talk through DSA implementation](/contact.md): Review your DSA service classification, notice flows, statements of reasons, marketplace controls, recommender disclosures, and reporting evidence. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/digital-services-act/faq/items