A Compliant Data Exchange technology

Providing organizations with a comprehensive set of features to be in compliance with data regulations and data exchange frameworks.

Data regulations such as the Data Governance Act (DGA) and the future Data Act (DA) have been designed to facilitate and accelerate secure & trusted data exchanges. These regulations define the conditions to exchange data in trusted environments, and open a whole new world of possibilities for organizations to develop new & innovative Data Exchange services.

Compliance to data exchange regulations

Data regulations are constantly evolving, Europe being in lead with the General Data Protection Regulation (GDPR) in application since 2018, the DGA entering into effect in September 2023, the future Data Act sometime in 2024 and several other data regulations in preparation.

These regulations place specific responsibilities on the orchestrators and participants of Data Exchange ecosystems regarding personal data, B2B data, IoT data, altruistic or public sector data.

Regulations are not always consistent worldwide, bringing additional complexity to organizations seeking to exchange data products across regions.

Dawex Data Exchange technology enables your organization to be in conformity with the current data regulations, across regions. Dawex technology constantly evolves to prepare and ensure readiness to future data regulations.

Compliance with personal data regulations

The Dawex solution Data Exchange Platform provides frameworks and processes to identify data products containing personal data, and treat the data transaction & the licensing accordingly. By providing API access to consent managers, Dawex solutions allow orchestrators and data providers to make sure the consent is actually given before a data exchange takes place.

The Data Exchange Platform provides full compliance with GDPR to the orchestrator and the participants. The platform encompasses the required features to adapt to non-European personal data regulations such as the Act on Protection of Personal Information (APPI) in Japan, the California Consumer Privacy Act (CCPA), or the Lei Geral de Proteção de Dados (LGPD) in Brazil.

det-compliance -personal-data-regulations

Compliance with European Data Governance Act and the future Data Act

Europe is at the forefront of data regulations, and demonstrates once again its leadership position with the Data Governance Act (DGA) and the future Data Act (DA). These regulations will also set reference for the rest of the world as GDPR did.

  • The European Data Governance Act, entering in application in all EU countries on September 24, 2023, aims at facilitating access to data and accelerating data exchange across organizations by establishing trust between data exchange ecosystems participants.
  • The DGA extends its scope to all types of data, particularly to non-personal or industrial data.
  • The DGA defines the new role of “Data Intermediation Services Provider”, whose obligations will be, among others, to strictly separate data exchange activities from potentially conflicting activities such as data processing, on a legal and commercial level.
  • By using the Data Exchange Platform solutions from Dawex, the orchestrator natively complies with the DGA. Recognized as “Data Intermediation Service Provider” by the designated authority, the orchestrator will therefore greatly increase the level of trust provided through its data exchange services.
  • Dawex follows and contributes to the design of new data regulations. Its technology is developed to ensure that data providers will also comply with the future EU Data Act.

Gaia-X Trust Framework

Dawex is day-1 member of Gaia-X, leading the Data Exchange Services Specification working group. Dawex Data Exchange technology natively complies with the latest Gaia-X Trust Framework, ensuring interoperability with Gaia-X compatible data spaces:


Compliance with Data Free Flow with Trust

The Data Free Flow with Trust (DFFT) concept was introduced at the World Economic Forum Annual Meeting in Davos in 2019, placing trust in the center of the global data governance model.

DFFT aims to reconcile two related and compatible policy objectives: 

  • Promoting free data flows across borders to foster economic growth
  • Protecting individual privacy, national security, and IP through trusted regulations. 

2023 is the year of the operationalization of DFFT, with the endorsement by G7 Digital and Tech Ministers of the establishment of the Institutional Arrangement for Partnership (IAP) on DFFT.

Dawex has been actively involved in the DFFT workgroup of the World Economic Forum, co-authored the Briefing Paper “Data Free Flow wit Thrust: How to overcome barriers in cross-borders data flows” and has been a contributor to the white paper “From Fragmentation to Coordination: The Case for an Institutional Mechanism for Cross-Border Data Flows” which was released at the World Economic Forum Digital Transformation Summit in April 2023.

Dawex also actively participated in the DFFT workgroup of the Data Society Alliance which issued and presented in Japan a set of 12 recommendations for advancing the operationalization of DFFT.


Security, a constant priority

Security and confidentiality are of paramount importance at Dawex. Technology, procedures and processes are regularly reviewed and constantly monitored & audited to deliver maximum security to our customers.