Abstract

The Data Governance Act, which has been directly applicable since 24 September 2023, provides for intermediary services between data subjects intending to share their data and potential data users to enable them exercise their data subjects’ rights laid down in the GDPR. The article analyses the provisions of the Data Governance Act and its relationship with the GDPR in the context of the obligation imposed on data intermediaries to facilitate data subjects’ exercise of their rights under the GDPR. The presented analysis shows that both pieces of legislation apply in parallel. The Data Governance Act merely complements the GDPR as regards the obligations of data intermediaries to facilitate the exercise of their rights by data subjects, imposing on them a fiduciary duty to act in the best interests of data subjects.