Article 2 – Definitions

For the purposes of this Regulation, the following definitions apply:

1. ‘data’ means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording;
2. ‘metadata’ means a structured description of the contents or the use of data facilitating the discovery or use of that data;
3. ‘personal data’ means personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679;
4. ‘non-personal data’ means data other than personal data;
5. ‘connected product’ means an item that obtains, generates or collects data concerning its use or environment and that is able to communicate product data via an servizio di comunicazione elettronicaServizio di comunicazione elettronica Si intende un servizio normalmente fornito a titolo oneroso tramite reti di comunicazione elettronica, che comprende, ad eccezione dei servizi che forniscono o esercitano un controllo editoriale su contenuti trasmessi mediante reti e servizi di comunicazione elettronica, i seguenti tipi di servizi: a) "servizio di accesso a Internet", come definito all'articolo 2, secondo comma, punto (2), del regolamento (UE) 2015/2120; b) servizio di comunicazione interpersonale; e c) servizi consistenti interamente o principalmente nella trasmissione di segnali, quali i servizi di trasmissione utilizzati per la fornitura di servizi da macchina a macchina e per la radiodiffusione. - Definizione ai sensi dell'articolo 2, punto (4), della Direttiva (UE) 2018/1972., physical connection or on-device access, and whose primary function is not the storing, processing or transmission of data on behalf of any party other than the user;
6. ‘related service’ means a servizio digitaleServizio digitale si intende qualsiasi servizio della società dell'informazione, vale a dire qualsiasi servizio normalmente fornito a pagamento, a distanza, per via elettronica e su richiesta individuale di un destinatario di servizi. Ai fini della presente definizione: i) per "a distanza" si intende che il servizio è prestato senza che le parti siano simultaneamente presenti; ii) per "per via elettronica" si intende che il servizio è inviato inizialmente e ricevuto a destinazione per mezzo di apparecchiature elettroniche per il trattamento (compresa la compressione digitale) e la memorizzazione di dati, e che è interamente trasmesso, inoltrato e ricevuto via filo, via radio, con mezzi ottici o con altri mezzi elettromagnetici; iii) per "a richiesta individuale di un destinatario di servizi" si intende che il servizio è fornito attraverso la trasmissione di dati su richiesta individuale. - Definizione ai sensi dell'articolo 1, paragrafo 1, lettera b), della direttiva (UE) 2015/1535 del Parlamento europeo e del Consiglio., other than an electronic communications service, including software, which is connected with the product at the time of the purchase, rent or lease in such a way that its absence would prevent the connected product from performing one or more of its functions, or which is subsequently connected to the product by the manufacturer or a third party to add to, update or adapt the functions of the connected product;
7. ‘processing’ means any operation or set of operations which is performed on data or on sets of data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or other means of making them available, alignment or combination, restriction, erasure or destruction;
8. ‘data processing service’ means a digital service that is provided to a customer and that enables ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources of a centralised, distributed or highly distributed nature that can be rapidly provisioned and released with minimal management effort or service provider interaction;
9. ‘same service type’ means a set of data processing services that share the same primary objective, data processing service model and main functionalities;
10. ‘data intermediation service’ means data intermediation service as defined in Article 2, point (11), of Regulation (EU) 2022/868;
11. ‘data subject’ means data subject as referred to in Article 4, point (1), of Regulation (EU) 2016/679;
12. ‘user’ means a natural or legal person that owns a connected product or to whom temporary rights to use that connected product have been contractually transferred, or that receives related services;
13. ‘data holder’ means a natural or legal person that has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation adopted in accordance with Union law, to use and make available data, including, where contractually agreed, product data or related service data which it has retrieved or generated during the provision of a related service;
14. ‘data recipient’ means a natural or legal person, acting for purposes which are related to that person’s trade, business, craft or profession, other than the user of a connected product or related service, to whom the data holder makes data available, including a third party following a request by the user to the data holder or in accordance with a legal obligation under Union law or national legislation adopted in accordance with Union law;
15. ‘product data’ means data generated by the use of a connected product that the manufacturer designed to be retrievable, via an electronic communications service, physical connection or on-device access, by a user, data holder or a third party, including, where relevant, the manufacturer;
16. ‘related service data’ means data representing the digitisation of user actions or of events related to the connected product, recorded intentionally by the user or generated as a by-product of the user’s action during the provision of a related service by the provider;
17. ‘readily available data’ means product data and related service data that a data holder lawfully obtains or can lawfully obtain from the connected product or related service, without disproportionate effort going beyond a simple operation;
18. ‘trade secret’ means trade secret as defined in Article 2, point (1), of Directive (EU) 2016/943;
19. ‘trade secret holder’ means a trade secret holder as defined in Article 2, point (2), of Directive (EU) 2016/943;
20. ‘profiling’ means profiling as defined in Article 4, point (4), of Regulation (EU) 2016/679;
21. ‘making available on the market’ means any supply of a connected product for distribution, consumption or use on the Union market in the course of a commercial activity, whether in return for payment or free of charge;
22. ‘placing on the market’ means the first making available of a connected product on the Union market;
23. ‘consumer’ means any natural person who is acting for purposes which are outside that person’s trade, business, craft or profession;
24. ‘enterprise’ means a natural or legal person that, in relation to contracts and practices covered by this Regulation, is acting for purposes which are related to that person’s trade, business, craft or profession;
25. ‘small enterprise’ means a small enterprise as defined in Article 2(2) of the Annex to Recommendation 2003/361/EC;
26. ‘microenterprise’ means a microenterprise as defined in Article 2(3) of the Annex to Recommendation 2003/361/EC;
27. ‘Union bodies’ means the Union bodies, offices and agencies set up by or pursuant to acts adopted on the basis of the Treaty on European Union, the TFEU or the Treaty establishing the European Atomic Energy Community;
28. ‘public sector body’ means national, regional or local authorities of the Member States and bodies governed by public law of the Member States, or associations formed by one or more such authorities or one or more such bodies;
29. ‘public emergency’ means an exceptional situation, limited in time, such as a public health emergency, an emergency resulting from natural disasters, a human-induced major disaster, including a major sicurezza informaticaSicurezza informatica per "cibersicurezza" si intende la cibersicurezza quale definita all'articolo 2, punto 1, del regolamento (UE) 2019/881; - Definizione ai sensi dell'articolo 6 della direttiva (UE) 2022/2555 (direttiva NIS2) per "sicurezza informatica" si intendono le attività necessarie per proteggere i sistemi di rete e di informazione, gli utenti di tali sistemi e le altre persone interessate dalle minacce informatiche; - definizione ai sensi dell'articolo 2, punto (1), del regolamento (UE) 2019/881; incidenteIncidente Si intende un evento che compromette la disponibilità, l'autenticità, l'integrità o la riservatezza dei dati memorizzati, trasmessi o elaborati o dei servizi offerti o accessibili tramite i sistemi di rete e di informazione -. Definizione ai sensi dell'articolo 6 della direttiva (UE) 2022/2555 (direttiva NIS2), negatively affecting the population of the Union or the whole or part of a Member State, with a rischioIl rischio Si intende il potenziale di perdita o di perturbazione causato da un incidente e deve essere espresso come una combinazione dell'entità di tale perdita o perturbazione e della probabilità che l'incidente si verifichi -. Definizione ai sensi dell'articolo 6 della direttiva (UE) 2022/2555 (direttiva NIS2) of serious and lasting repercussions for living conditions or economic stability, financial stability, or the substantial and immediate degradation of economic assets in the Union or the relevant Member State and which is determined or officially declared in accordance with the relevant procedures under Union or national law;
30. (30) ‘customer’ means a natural or legal person that has entered into a contractual relationship with a provider of data processing services with the objective of using one or more data processing services;
31. ‘virtual assistants’ means software that can process demands, tasks or questions including those based on audio, written input, gestures or motions, and that, based on those demands, tasks or questions, provides access to other services or controls the functions of connected products;
32. ‘digital assets’ means elements in digital form, including applications, for which the customer has the right of use, independently from the contractual relationship with the data processing service it intends to switch from;
33. ‘on-premises ICT infrastructure’ means ICT infrastructure and computing resources owned, rented or leased by the customer, located in the data centre of the customer itself and operated by the customer or by a third-party;
34. ‘switching’ means the process involving a source provider of data processing services, a customer of a data processing service and, where relevant, a destination provider of data processing services, whereby the customer of a data processing service changes from using one data processing service to using another data processing service of the same service type, or other service, offered by a different provider of data processing services, or to an on-premises ICT infrastructure, including through extracting, transforming and uploading the data;
35. ‘data egress charges’ means data transfer fees charged to customers for extracting their data through the network from the ICT infrastructure of a provider of data processing services to the system of a different provider or to on-premises ICT infrastructure;
36. ‘switching charges’ means charges, other than standardStandard Per "norma" si intende una specifica tecnica, adottata da un organismo di normalizzazione riconosciuto, per applicazione ripetuta o continua, la cui osservanza non è obbligatoria e che è una delle seguenti: (a) "norma internazionale": una norma adottata da un organismo internazionale di normalizzazione; (b) "norma europea": una norma adottata da un organismo europeo di normalizzazione; (c) "norma armonizzata": una norma europea adottata sulla base di una richiesta presentata dalla Commissione per l'applicazione della normativa di armonizzazione dell'Unione; (d) "norma nazionale": una norma adottata da un organismo nazionale di normalizzazione - Definizione ai sensi dell'articolo 2, punto (1), del regolamento (UE) n. 1025/2012 del Parlamento europeo e del Consiglio. service fees or early termination penalties, imposed by a provider of data processing services on a customer for the actions mandated by this Regulation for switching to the system of a different provider or to on-premises ICT infrastructure, including data egress charges;
37. ‘functional equivalence’ means re-establishing on the basis of the customer’s exportable data and digital assets, a minimum level of functionality in the environment of a new data processing service of the same service type after the switching process, where the destination data processing service delivers a materially comparable outcome in response to the same input for shared features supplied to the customer under the contract;
38. ‘exportable data’, for the purpose of Articles 23 to 31 and Article 35, means the input and output data, including metadata, directly or indirectly generated, or cogenerated, by the customer’s use of the data processing service, excluding any assets or data protected by intellectual property rights, or constituting a trade secret, of providers of data processing services or third parties;
39. ‘smart contract’ means a computer program used for the automated execution of an agreement or part thereof, using a sequence of electronic data records and ensuring their integrity and the accuracy of their chronological ordering;
40. ‘interoperability’ means the ability of two or more data spaces or communication networks, systems, connected products, applications, data processing services or components to exchange and use data in order to perform their functions;
41. open interoperability specification’ means a Specifiche tecnicheSpecifiche tecniche Un documento che prescrive i requisiti tecnici che un prodotto, un processo, un servizio o un sistema deve soddisfare e che stabilisce uno o più dei seguenti elementi: a) le caratteristiche richieste di un prodotto, compresi i livelli di qualità, le prestazioni, l'interoperabilità, la protezione dell'ambiente, la salute, la sicurezza o le dimensioni, e compresi i requisiti applicabili al prodotto per quanto riguarda la denominazione di vendita, la terminologia, i simboli, le prove e i metodi di prova, l'imballaggio, la marcatura o l'etichettatura e le procedure di valutazione della conformità; b) i metodi e i processi di produzione utilizzati per i prodotti agricoli quali definiti all'articolo 38, paragrafo 1, del TFUE, per i prodotti destinati all'alimentazione umana e animale e per i medicinali, nonché i metodi e i processi di produzione relativi ad altri prodotti, qualora abbiano un effetto sulle loro caratteristiche; (c) le caratteristiche richieste di un servizio, compresi i livelli di qualità, prestazione, interoperabilità, protezione dell'ambiente, salute o sicurezza, e compresi i requisiti applicabili al prestatore per quanto riguarda le informazioni da mettere a disposizione del destinatario, come specificato all'articolo 22, paragrafi da 1 a 3, della direttiva 2006/123/CE; (d) i metodi e i criteri di valutazione della prestazione dei prodotti da costruzione, definiti all'articolo 2, punto 1, del regolamento (UE) n. 305/2011 del Parlamento europeo e del Consiglio, del 9 marzo 2011, che fissa condizioni armonizzate per la commercializzazione dei prodotti da costruzione, in relazione alle loro caratteristiche essenziali; - definizione ai sensi dell'articolo 2, punto 1, del regolamento (UE) n. 1025/2012 del Parlamento europeo e del Consiglio. in the field of information and communication technologies which is performance oriented towards achieving interoperability between data processing services;
42. ‘common specifications’ means a document, other than a standard, containing technical solutions providing a means to comply with certain requirements and obligations established under this Regulation;
43. ‘harmonised standard’ means a harmonised standard as defined in Article 2, point (1)(c), of Regulation (EU) No 1025/2012.