Skip to main content

Data Agreement Vocab - Version 1.1

The Data Agreement Vocabulary provides terms to describe and represent information related to processing of personal data based on established requirements such as for the EU General Data Protection Regulation (GDPR).

context

Description: Defines the context of any this document. E.g. the link to the JSON-LD

@typeExample value(s)
https://schema.org/URLhttps://raw.githubusercontent.com/decentralised-dataexchange/automated-data-agreements/main/interface-specs/data-agreement-schema/v1/data-agreement-schema-context.jsonld

id

Description: Identifier to the data agreement instance addressed to a specific individual (Data Subject).

@typeExample value(s)
https://dictionary.mydata.org/prodserv/#uidb728d03e-c983-4322-8a46-2bf126b403de

version

Description: Version number of the data agreement

@typeExample value(s)
https://schema.org/versionv1.0.0

template_id

Description: Identifier to the template of the data agreement.

@typeExample value(s)
https://dictionary.mydata.org/prodserv/#uid91be609a-4acd-468f-b37a-0f379893b65c

template_version

Description: Version number of the data agreement template

@typeExample value(s)
https://schema.org/versionv1.0.0

data_controller_name

Description: An organisation constituted as a legally defined entity in any jurisdiction.

@typeExample value
https://w3c.github.io/dpv/dpv/#LegalEntityHappy Shopping AB

data_controller_url

Description: Organisation or data controller URL.

@typeExample value
https://schema.org/URLwww.happyshopping.com

Description: This is the legal ID to the data controller

@typeExample value
https://schema.org/leiCodeOrganisation number, e.g. Swedish org no. 559133-2720, DUNS number etc.

purpose

Description: Describes the purpose for which a data controller (Data Source or Data Using Service) uses personal data for. This is also the purpose for which the data agreeent is being formulated

@typeExample value(s)
http://www.w3.org/ns/dpv#PurposeMarketing and Campaign

purpose_description

Description: Provides description of the purpose for which the personal data us used, comprehensive to the individual whose data is being used by the data controller.

@typeExample value(s)
https://schema.org/TextCollecting user data for offering custom tailored shopping experience

lawful_basis

Description: An organization processing personal data to have a valid lawful basis for that personal data processing activity. GDPR, for e.g., provides six legal bases for processing personal data, consent being one.

Possible values as per GDPR are: consent, legal_obligation, contract, vital_interest, public_task and legitimate_interest.

@typeExample value
http://www.w3.org/ns/dpv#LegalBasisconsent

method_of_use

Description: This is used to describe whether controller is using personal data for internal purposes of for data exchange towards an external third party. Data exchange could be for exposing data (as a Data Source) or consuming data as a Data Using Service.

@typeExample value(s)
https://schema.org/Textnull/data-source/data-using-service

policy

Description: Encapsulate the data policies used in the use of personal data.

data_retention_period

Description: The amount of time that an organization holds onto any personal data, in days.

@typeExample value
https://schema.org/Number30

:::Note Example: GDPR does not specify retention periods for personal data. Instead, it states that personal data may only be kept in a form that permits identification of the individual for no longer than is necessary for the purposes for which it was processed. Typical limit is for 3 years. :::

geographic_restriction

Description: The geographic restrictions required or followed regarding storage of data.

@typeExample value
https://w3c.github.io/dpv/dpv/#StorageRestrictionEurope

industry_sector

Description: Indicate or restrict scope for interpretation and application of purpose in a domain.

@typeExample value
https://w3c.github.io/dpv/dpv/#SectorPublic

jurisdiction

Description: Indicates a legal jurisdiction, e.g. of some legislation, or where some government service is based.

@typeExample value
https://schema.org/jurisdictionSweden

policy_url

Description: A URL specifying the privacy policy that discloses some or all of the ways an organisation gathers, uses, discloses, and manages a customer or client's personal data.

@typeExample value
https://schema.org/URLhttps://happyshoping.com/privacy-policy/

storage_location

Description: The geographic location where the personal data is stored

@typeExample value
http://www.w3.org/ns/dpv#StorageLocationEurope

third_party_disclosure

Description: This is a boolean value to indicate that the DA is used for third party data disclosures. This indicates that some data disclosures will happen and is used to release personal data to DUS based on an agreement

@typeExample value
https://schema.org/BooleanTrue or False

code_of_conduct

Description: The data controller may follow a code of conduct which sets the proper application of privacy regulation taking into account specific features within a sector. The code of conduct shall reference the name of the code of conduct and with a public accessible reference.

@typeExample value
https://schema.org/URLhttps://happyshoping.com/code-of-conduct/

personal_data []

Description: Encapsulates the attributes used for the the usage purpose defined. Its an array of personal data attributes.

attribute_category

Description: A category of personal data.

@typeExample value(s)
http://www.w3.org/ns/dpv#PersonalDataCategoryPersoanl, Health

attribute_id

Description: Identifiery for the attribute.

@typeExample value(s)
https://dictionary.mydata.org/prodserv/#uidf216cb1-aedb-571e-46f7-2fef51dedb54

attribute_name

Description: Name of the attribute

@typeExample value(s)
https://schema.org/TextName

attribute_sensitive

Description: Indicates that personal data is sensitive or belongs to a special category as per a regulations, typically requiring additional measures of handling.

@typeExample value(s)
https://schema.org/Booleantrue

attribute_retrictions []

Description: [OPTIONAL] If provided, this can be used t restrict where the data is being consumed from. Its an array of attribute retrictions

@typeExample value(s)
https://schema.org/CollectionNIL

dpia

Description: Encapsulate the organisation performing the Data Protection Impact Assessment (DPIA).

date

Description: The date on which the DPIA report is generated after a DPIA.

@typeExample value
https://schema.org/DateTime2021-05-08T08:41:59+0000"

summary_url

Description: The URl providing the DPIA result reports, summary etc that can be verified by any interested parties.

@typeExample value
https://schema.org/URLhttps://org.com/dpia_results.html

event

Description: Encapsulates the data agreement lifecyle event data. For e.g. Data Agreement Offer, Accept, Reject, Terminate etc.

did

Description: The DID associated with the entity executing the event. E.g. An organisation (Data Controller) or an Individual (Data Subject).

@typeExample value
https://github.com/decentralised-dataexchange/automated-data-agreements/blob/main/docs/did-spec.md#2the-didmydata-formatdid:mydata:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp

id

Description: The identifier of the event.

@typeExample value
https://dictionary.mydata.org/prodserv/#uid3da6f76e-598c-11ec-bf63-0242ac130002

state

Description: The current state of the event during a data agreement lifecycle. E.g. Offer, Accept, Reject and Terminate

@typeExample value
https://schema.org/TextOffer

timestamp

Description: The time at which the event occurred.

@typeExample value
https://schema.org/DateTime2021-05-08T08:41:59+0000

data_subject_did

Description: Decentralised Identifier (DID) of the individual (Data Subject)

@typeExample value(s)
https://github.com/decentralised-dataexchange/automated-data-agreements/blob/main/docs/did-spec.md#2the-didmydata-formatdid:mydata:z6MkGskxnGjLrk3gKS2mesDpuwRBokeWcmrgHxUXfnncxiZP

proof

Description: Encapsulates the event signatures that allows anyone (e.g. an auditor) to verify the authencity and source of the data agreement. Its uses linked data proofs as per W3C and contains a set of attributes that represent a Linked Data digital proof and the parameters required to verify it.

id

Description: Identifier of the proof

@typeExample value(s)
https://github.com/decentralised-dataexchange/automated-data-agreements/blob/main/docs/did-spec.md#2the-didmydata-formatdid:mydata:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#1

type

Description: Type of the proof

@typeExample value(s)
https://github.com/decentralised-dataexchange/automated-data-agreements/blob/main/docs/did-spec.md#2the-didmydata-formatdid:mydata:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#1

created

Description: Creation time of the proof

@typeExample value(s)
http://www.w3.org/2001/XMLSchema#dateTime2021-05-08T08:41:59+0000

proofPurpose

Description: Purpose of the proof

@typeExample value(s)
https://w3id.org/security#proofPurposecontractAgreement

proofValue

Description: Value of the proof (Signature digest)

@typeExample value(s)
https://w3id.org/security#proofValuez6MkwW6aqMnjgrhJXFUko3NnZPGzVpkNzhYK7yEhnsibmLwLz6MkwW6aqMnjgrhJXFUko3NnZPGzVpkNzhYK7yEhnsibmLwL

verificationMethod

Description: Method of verification for the proof

@typeExample value(s)
https://github.com/decentralised-dataexchange/automated-data-agreements/blob/main/docs/did-spec.md#2the-didmydata-formatdid:mydata:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp

revocation_list

Description: Link to the storage location of the recocation list for the agreement

@typeExample value(s)
https://schema.org/URLhttps://www.org.com/revocation:list.crl

data_expiry

Description: Expiry for the agreement (in epoch time - seconds)

@typeExample value(s)
https://schema.org/DurationEpoc time in seconds