The WP29 adopted guidelines on the right to data portability established by Article 20 of the GDPR. These guidelines specified:
- What are the main elements of data portability?
- When does data portability apply?
- Which processing activities are covered by the right to data portability?
- Which personal data must be included?
- How do the general rules on the exercise of the data subject’s rights apply to the data portability?
Thus, the WP29 stated that portability must apply to the processing of personal data carried out by automated means, pursuant to a contract or for which the data subject has provided his prior consent.
The personal data referred to are the data that the person has himself provided to the data controller or generated by his activity.