Skip to main content
Shaping Europe’s digital future

Free flow of non-personal data

The EU wants to ensure a free flow of data in Europe, allowing companies and public administrations to store and process non-personal data wherever they choose.

    evocation of data clouds

© image by Rick_Jo - Getty Images/iStock

Our economy depends more and more on data: data can create significantly added value to existing services and facilitate entirely new business models. To fully unleash the benefits of the data economy the Commission needs to ensure the free-flow of non-personal data.

The Regulation on the free flow of non-personal data

The Regulation on a framework for the free flow of non-personal data in the EU aims at removing obstacles to the free movement of non-personal data between different EU countries and IT systems in Europe.

The Regulation ensures:

  • Free movement of non-personal data across borders: every organisation should be able to store and process data anywhere in the EU.
  • The availability of data for regulatory control: public authorities will retain access to data, even when it is located in another EU country or when it is stored or processed in the cloud.
  • Easier switching between cloud service providers for professional users. The Commission has started facilitating self-regulation in this area, encouraging providers to develop codes of conduct regarding the conditions under which users can move data between cloud service providers and back into their own IT environments.
  • Full consistency and synergies with the cybersecurity package, and clarification that any security requirements that already apply to businesses storing and processing data will continue to do so when they store or process data across borders in the EU or in the cloud.

The General Data Protection Regulation (GDPR) already provides for the free movement of personal data within the EU. This Regulation will therefore ensure a comprehensive and coherent approach to the free movement of all data in the EU. To provide more clarity to businesses on how to handle data across borders the Commission has published informative guidance.


The Commission is continuing its engagement with stakeholders, for instance by organising structured dialogues with EU countries and workshops with different stakeholders. And, the Commission is closely monitoring the work done by the self-regulatory cloud stakeholder groups on codes of conduct for easier switching of cloud providers, a European cloud security certification scheme, and more.

Relevant Studies

Latest News

Digital Europe Programme: Commission opens calls to invest €200 million in digital tech

The Commission has opened the third set of calls for proposals of the Digital Europe Programme, worth €200 million, under the 2021-2022 Work Programmes.

Related Content

Big Picture

A European Strategy for data

The strategy for data focuses on putting people first in developing technology, and defending and promoting European values and rights in the digital world.


Cloud computing

The Commission aims to enable access to secure, sustainable, and interoperable cloud infrastructures...