Menu
A close-up of a laptop keyboard with a unique blue key featuring the European Union flag, replacing the enter key. A finger is pressing this key. The keyboard includes black keys with white lettering and a silver casing, with part of the speaker grille visible on the right.

EDPB and European Commission Publish Joint Guidelines on DMA and GDPR

, , , , , , , ,

The European Data Protection Board (EDPB) and the European Commission have published joint guidelines clarifying how the Digital Markets Act (DMA) and the General Data Protection Regulation (GDPR) should be applied together. These guidelines explain how gatekeepers — large digital platforms offering core services such as search engines, app stores and messaging — must consider GDPR requirements when implementing DMA obligations. The document addresses practical issues including valid consent and specific choices under Article 5(2) DMA and GDPR, lawful combination and cross‑use of personal data, distribution of third‑party apps and stores, data portability, data access requests and messaging interoperability.

The guidelines aim to reduce legal uncertainty for gatekeepers, business users, beneficiaries and individuals by aligning the two regulatory frameworks where they intersect. By referencing GDPR concepts and definitions within DMA provisions, the guidance offers gatekeepers concrete elements to assess when processing personal data under DMA duties. The EDPB and the Commission emphasize consistent, complementary application of EU data protection law alongside market fairness and contestability goals pursued by the DMA.

A public consultation on the first version of the guidelines runs until 4 December 2025, inviting stakeholders to submit comments that will be published on the DMA website after the consultation closes. Feedback received will be taken into account in a jointly prepared final text, to be adopted by both the EDPB and the European Commission, with the aim of producing coherent and practical guidance for regulated entities and affected parties.

Further collaborative guidance is planned to address interactions between EU data protection law and other regulatory instruments. The EDPB and the Commission are already working with the AI Office on joint guidelines concerning the interplay between the AI Act and EU data protection rules, continuing efforts to ensure consistent safeguards for personal data across the evolving EU regulatory landscape.

  • Save

Related Posts

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Copy link
CopyCopied