Data & Privacy
- Data Act
- Data Governance Act
- ePrivacy Directive
- GDPR
AI & Trust
- Artificial Intelligence Act
Cybersecurity
- Cybersecurity Act
- DORA
- NIS2
Digital Services & Media
- Digital Markets Act
- Digital Services Act
- European Media Freedom Act
Data Act
- Recitals
CHAPTER I
GENERAL PROVISIONSArticles 1 — 2
CHAPTER II
BUSINESS TO CONSUMER AND BUSINESS TO BUSINESS DATA SHARINGArticles 3 — 7
CHAPTER III
OBLIGATIONS FOR DATA HOLDERS OBLIGED TO MAKE DATA AVAILABLE PURSUANT TO UNION LAWArticles 8 — 12
CHAPTER IV
UNFAIR CONTRACTUAL TERMS RELATED TO DATA ACCESS AND USE BETWEEN ENTERPRISESArticles 13 — 13
CHAPTER V
MAKING DATA AVAILABLE TO PUBLIC SECTOR BODIES, THE COMMISSION, THE EUROPEAN CENTRAL BANK AND UNION BODIES ON THE BASIS OF AN EXCEPTIONAL NEEDArticles 14 — 22
CHAPTER VI
SWITCHING BETWEEN DATA PROCESSING SERVICESArticles 23 — 31
CHAPTER VII
UNLAWFUL INTERNATIONAL GOVERNMENTAL ACCESS AND TRANSFER OF NON-PERSONAL DATAArticles 32 — 32
CHAPTER VIII
INTEROPERABILITYArticles 33 — 36
CHAPTER IX
IMPLEMENTATION AND ENFORCEMENTArticles 37 — 42
CHAPTER X
SUI GENERIS RIGHT UNDER DIRECTIVE 96/9/ECArticles 43 — 43
CHAPTER XI
FINAL PROVISIONSArticles 44 — 50
DA Article 22. Mutual assistance and cross-border cooperation
- 1.Public sector bodies, the Commission, the European Central Bank and Union bodies shall cooperate and assist one another, to implement this Chapter in a consistent manner.
- 2.Any data exchanged in the context of assistance requested and provided pursuant to paragraph 1 shall not be used in a manner incompatible with the purpose for which they were requested.
- 3.Where a public sector body intends to request data from a data holder established in another Member State, it shall first notify the competent authority designated pursuant to Article 37 in that Member State of that intention. This requirement shall also apply to requests by the Commission, the European Central Bank and Union bodies. The request shall be examined by the competent authority of the Member State where the data holder is established.
- 4.After having examined the request in light of the requirements laid down in Article 17, the relevant competent authority shall, without undue delay, take one of the following actions:
- (a)transmit the request to the data holder and, if applicable, advise the requesting public sector body, the Commission, the European Central Bank or the Union body of the need, if any, to cooperate with public sector bodies of the Member State in which the data holder is established with the aim of reducing the administrative burden on the data holder in complying with the request;
- (b)reject the request on duly substantiated grounds in accordance with this Chapter.
The requesting public sector body, the Commission, the European Central Bank and the Union body shall take into account the advice of and the grounds provided by the relevant competent authority pursuant to the first subparagraph before taking any further action such as resubmitting the request, if applicable.
Relevant Recitals for this Article
In order to handle a cross-border public emergency or another exceptional need, data requests may be addressed to data holders in Member States other than that of the requesting public sector body. In such a case, the requesting public sector body should notify the competent authority of the Member State where the data holder is established in order to allow it to examine the request against the criteria established in this Regulation. The same should apply to requests made by the Commission, the European Central Bank or a Union body. Where personal data are requested, the public sector body should notify the supervisory authority responsible for monitoring the application of Regulation (EU) 2016/679 in the Member State where the public sector body is established. The competent authority concerned should be entitled to advise the public sector body, the Commission, the European Central Bank or the Union body to cooperate with the public sector bodies of the Member State in which the data holder is established on the need to ensure a minimised administrative burden on the data holder. When the competent authority has substantiated objections as regards the compliance of the request with this Regulation, it should reject the request of the public sector body, the Commission, the European Central Bank or the Union body, which should take those objections into account before taking any further action, including resubmitting the request.