What is the EU Data Act?
The EU Data Act (Regulation (EU) 2023/2854) establishes a harmonised legal framework within the European Union governing access to and use of data generated by connected products and related services.
The Regulation aims, inter alia, to:
- ensure that users of connected products can access data generated through their use of such products and services;
- enable users, under certain conditions, to make such data available to third parties;
- promote fairness in data-driven markets;
- enhance transparency with respect to the categories, formats, and availability of product data.
The EU Data Act imposes specific obligations on manufacturers and providers of related services to make certain data available to users and, where applicable, to third parties designated by users, subject to the conditions and limitations set out in the Regulation.
Requests under the EU Data Act
Users may submit requests pursuant to the EU Data Act, including requests for access to, provision of, or transmission of product data.
Requests and related inquiries can be submitted to: SQC@priva.com
Upon receipt of a request, a structured assessment process will be followed, which generally includes:
1. Acknowledgement of receipt
Confirmation that the request has been received.
2. Verification
Assessment of the identity, authority, and standing of the requesting party, and determination whether the request falls within the material scope of the EU Data Act.
3. Substantive review
Identification of the relevant data and evaluation of any applicable statutory limitations, exemptions, or safeguards (including protection of trade secrets and personal data).
4. Response and implementation
Provision of the requested data or a reasoned explanation where the request cannot be fulfilled in whole or in part.
The above contact channel may also be used for general questions, clarifications, or formal submissions relating to the EU Data Act.
Complaints
If a user considers that its rights under the EU Data Act have not been appropriately respected, a complaint may be lodged with the competent supervisory authority.
In the Netherlands, the competent authority is the Autoriteit Consument & Markt (ACM), which is responsible for the enforcement of, inter alia, the EU Data Act. The ACM provides mechanisms for the submission of formal complaints via its official website.
Product Information and Required Disclosures under the EU Data Act
In accordance with the transparency obligations under the EU Data Act, the following information may be consulted per product.
| Required information | Priva One | Priva PDS |
| Type of product data | Climate data (temperature, humidity, CO₂, light intensity, radiation, etc.), process data (ventilation, heating, lighting, irrigation), sensor measurements, actuator statuses, and system logs. Labor registration data. | Climate data from connected Priva systems (temperature, humidity, CO₂, light intensity, motion detection), process data (ventilation, heating, energy generation, meters, actuator statuses, setpoints and other control values), system events (alarms/events/changes). |
| Format of product data | Structured time-series data (numerical measurements with timestamp), stored in a relational database. Data can be accessed via the Priva One user interface and, when using cloud services, via API. | Structured time-series data (numerical measurements with timestamp), stored in a relational database. |
| Estimated volume of product data | Depends on the size of the greenhouse and the number of measurement points. Indicatively several tens to hundreds of MB per day per location for a medium-sized operation. | Depends on the size of the installation and system settings. Indicatively several tens of MB per day for an average system. Users/technicians have control over which data is stored in Priva PDS via management within the service itself and in the underlying engineering application. |
| Ability for continuous and real-time data generation | Yes. Priva One continuously generates real-time measurement data from connected sensors and actuators. | Yes. The underlying control system continuously generates real-time data, which can be stored in PDS. |
| Data storage capability and retention period | Data is stored locally on the Priva system (on-premises). When using Priva cloud services, data is also stored on external servers. The default retention period in the cloud has, in principle, no end date. The partner has the option to disable cloud storage. | Data is stored in the controller for a short period. When using PDS cloud services, data is buffered on-premises and stored on external servers. The default retention period in the cloud has, in principle, no end date; the usable retention period can be determined via subscription choice. The user/technician has the option to enable or disable cloud storage per data point. |
| Ability to access, retrieve, or delete data | Data is accessible via the Priva One user interface. Users can export historical data via the application. Deletion of data is possible via system administration functions or upon request via Priva support. Technical access via API is available for users with an active cloud subscription. | Data is accessible to authorized users via applications within PDS. Export of data is possible for authorized users within PDS applications or via available APIs. Deletion of data is possible upon request via Priva support. |