Skip to main content

Data Agreement Vocab - Version 1.1

The Data Agreement Vocabulary provides terms to describe and represent information related to processing of personal data based on established requirements such as for the EU General Data Protection Regulation (GDPR).


Description: Defines the context of any this document. E.g. the link to the JSON-LD

@typeExample value(s)


Description: Identifier to the data agreement instance addressed to a specific individual (Data Subject).

@typeExample value(s)


Description: Version number of the data agreement

@typeExample value(s)


Description: Identifier to the template of the data agreement.

@typeExample value(s)


Description: Version number of the data agreement template

@typeExample value(s)


Description: An organisation constituted as a legally defined entity in any jurisdiction.

@typeExample value Shopping AB


Description: Organisation or data controller URL.

@typeExample value

Description: This is the legal ID to the data controller

@typeExample value number, e.g. Swedish org no. 559133-2720, DUNS number etc.


Description: Describes the purpose for which a data controller (Data Source or Data Using Service) uses personal data for. This is also the purpose for which the data agreeent is being formulated

@typeExample value(s) and Campaign


Description: Provides description of the purpose for which the personal data us used, comprehensive to the individual whose data is being used by the data controller.

@typeExample value(s) user data for offering custom tailored shopping experience


Description: An organization processing personal data to have a valid legal basis for that personal data processing activity. GDPR, for e.g., provides six legal bases for processing personal data, consent being one.

Possible values as per GDPR are: consent, legal_obligation, contract, vital_interest, public_task and legitimate_interest.

@typeExample value


Description: This is used to describe whether controller is using personal data for internal purposes of for data exchange towards an external third party. Data exchange could be for exposing data (as a Data Source) or consuming data as a Data Using Service.

@typeExample value(s)


Description: Encapsulate the data policies used in the use of personal data.


Description: The amount of time that an organization holds onto any personal data, in days.

@typeExample value

:::Note Example: GDPR does not specify retention periods for personal data. Instead, it states that personal data may only be kept in a form that permits identification of the individual for no longer than is necessary for the purposes for which it was processed. Typical limit is for 3 years. :::


Description: The geographic restrictions required or followed regarding storage of data.

@typeExample value


Description: Indicate or restrict scope for interpretation and application of purpose in a domain.

@typeExample value


Description: Indicates a legal jurisdiction, e.g. of some legislation, or where some government service is based.

@typeExample value


Description: A URL specifying the privacy policy that discloses some or all of the ways an organisation gathers, uses, discloses, and manages a customer or client's personal data.

@typeExample value


Description: The geographic location where the personal data is stored

@typeExample value


Description: This is a boolean value to indicate that the DA is used for third party data disclosures. This indicates that some data disclosures will happen and is used to release personal data to DUS based on an agreement

@typeExample value or False


Description: The data controller may follow a code of conduct which sets the proper application of privacy regulation taking into account specific features within a sector. The code of conduct shall reference the name of the code of conduct and with a public accessible reference.

@typeExample value

personal_data []

Description: Encapsulates the attributes used for the the usage purpose defined. Its an array of personal data attributes.


Description: A category of personal data.

@typeExample value(s), Health


Description: Identifiery for the attribute.

@typeExample value(s)


Description: Name of the attribute

@typeExample value(s)


Description: Indicates that personal data is sensitive or belongs to a special category as per a regulations, typically requiring additional measures of handling.

@typeExample value(s)

attribute_retrictions []

Description: [OPTIONAL] If provided, this can be used t restrict where the data is being consumed from. Its an array of attribute retrictions

@typeExample value(s)


Description: Encapsulate the organisation performing the Data Protection Impact Assessment (DPIA).


Description: The date on which the DPIA report is generated after a DPIA.

@typeExample value"


Description: The URl providing the DPIA result reports, summary etc that can be verified by any interested parties.

@typeExample value


Description: Encapsulates the data agreement lifecyle event data. For e.g. Data Agreement Offer, Accept, Reject, Terminate etc.


Description: The DID associated with the entity executing the event. E.g. An organisation (Data Controller) or an Individual (Data Subject).

@typeExample value


Description: The identifier of the event.

@typeExample value


Description: The current state of the event during a data agreement lifecycle. E.g. Offer, Accept, Reject and Terminate

@typeExample value


Description: The time at which the event occurred.

@typeExample value


Description: Decentralised Identifier (DID) of the individual (Data Subject)

@typeExample value(s)


Description: Encapsulates the event signatures that allows anyone (e.g. an auditor) to verify the authencity and source of the data agreement. Its uses linked data proofs as per W3C and contains a set of attributes that represent a Linked Data digital proof and the parameters required to verify it.


Description: Identifier of the proof

@typeExample value(s)


Description: Type of the proof

@typeExample value(s)


Description: Creation time of the proof

@typeExample value(s)


Description: Purpose of the proof

@typeExample value(s)


Description: Value of the proof (Signature digest)

@typeExample value(s)


Description: Method of verification for the proof

@typeExample value(s)


Description: Link to the storage location of the recocation list for the agreement

@typeExample value(s)


Description: Expiry for the agreement (in epoch time - seconds)

@typeExample value(s) time in seconds