The final text of the Data Governance Act (DGA)



Article 36, Amendment to Regulation (EU) 2018/1724


In the table in Annex II to Regulation (EU) 2018/1724, the entry ‘Starting, running and closing a business’ is replaced by the following:


Life events: Starting, running and closing a business.

Procedures: Notification of business activity, permission for exercising a business activity, changes of business activity and the termination of a business activity not involving insolvency or liquidation procedures, excluding the initial registration of a business activity with the business register and excluding procedures concerning the constitution of or any subsequent filing by companies or firms within the meaning of the second paragraph of Article 54 TFEU.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of the receipt of notification or change, or of the request for permission for business activity.


Procedures: Registration of an employer (a natural person) with compulsory pension and insurance schemes.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of registration or social security registration number.


Procedures: Registration of employees with compulsory pension and insurance schemes.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of registration or social security registration number.


Procedures: Submitting a corporate tax declaration.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of the receipt of the declaration.


Procedures: Notification to the social security schemes of the end of contract with an employee, excluding procedures for the collective termination of employee contracts.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of the receipt of the notification.


Procedures: Payment of social contributions for employees.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Receipt or other form of confirmation of payment of social contributions for employees.


Procedures: Registration as a data altruism organisation recognised in the Union.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of the registration.


Procedures: Notification of a data intermediation services provider.

Expected output subject to an assessment of the application by the competent authority in accordance with national law, where relevant: Confirmation of the receipt of notification.



Understanding Cybersecurity in the European Union.

1. The NIS 2 Directive

2. The European Cyber Resilience Act

3. The Digital Operational Resilience Act (DORA)

4. The Critical Entities Resilience Directive (CER)

5. The Digital Services Act (DSA)

6. The Digital Markets Act (DMA)

7. The European Health Data Space (EHDS)

8. The European Chips Act

9. The European Data Act

10. European Data Governance Act (DGA)

11. The Artificial Intelligence Act

12. The European ePrivacy Regulation

13. The European Cyber Defence Policy

14. The Strategic Compass of the European Union

15. The EU Cyber Diplomacy Toolbox