EU Regulation 2018/1807 · Non-Personal Data · Access

Regulation 2018/1807. Non-Personal Data, Access & Portability.

Data holders must enable access to and portability of non-personal data. IgeraIndustria guides on scope, data holder obligations, request procedures, and compliance requirements.

Regulation 2018/1807 indexed Data access procedures <3s response

Non-Personal Data Regulation 2018/1807: data access and portability obligations

Data holders must facilitate access to sensor data, machine logs, and production statistics. Request processing, format interoperability, and exemption determination are compliance challenges.

30 days

Response timeline for data access requests. Processing procedures must be documented and trackable.

Portability

Users can request data transfer to other providers in standard formats. Technical barriers must be overcome.

Exemptions

Trade secrets, IP, personal data, security interests exempted. Exemption determination complex in practice.

Interoperability

Data must be provided in formats enabling use by others. Format selection disputes common.

Instant guidance on Regulation 2018/1807 compliance

Non-personal data scope determination

Guidance on data access obligations.

Data holder obligations

Guidance on data access obligations.

Access request procedures

Guidance on data access obligations.

Data portability requirements

Guidance on data access obligations.

Interoperability standards

Guidance on data access obligations.

Exemption documentation

Guidance on data access obligations.

Response timelines

Guidance on data access obligations.

Fee determination

Guidance on data access obligations.

Frequently asked questions

What is non-personal data under Regulation 2018/1807?+

Data not subject to GDPR (not identifying individuals). Includes sensor data, machine logs, production statistics, usage patterns, financial records. Scope excludes trade secrets, intellectual property, personal data mixed with non-personal.

What are data holder obligations?+

Provide access to non-personal data upon request. Facilitate switching between cloud providers via standardized formats. Respond within 30 days. No discrimination between data users. Reasonable fees permitted for large requests.

How do users request non-personal data access?+

Submit written request specifying data scope. Data holder must confirm receipt, specify response timeline, indicate any feasibility barriers. Users can request data in interoperable format. Requests must be technically and logically identifiable.

What is data portability under Regulation 2018/1807?+

Users can request data transfer to another provider in structured, commonly used format. Data holders must facilitate switching between services. No additional charges for portability (except reasonable costs for large-scale requests).

What are exemptions to data access obligations?+

Trade secrets, intellectual property, commercial confidentiality, personal data, national security interests, third-party rights. Data holders must document exemptions and provide partial access where possible.

How should data holders comply with requests?+

Implement access and portability procedures. Document request processing. Maintain audit trail. Provide clear refusal reasons if applicable. Ensure format interoperability. Regular compliance testing recommended.

Manage data access compliance. Start today.

  • Free trial 14 days
  • Regulation 2018/1807 indexed
  • Procedures and checklists
Start free trial