FantasticSearch

1. Data that constitute personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679 of the European Parliament and of the Council () shall be processed pursuant to this Directive only insofar as such processing is necessary for the performance of ITS applications, services and actions identified in Annex I of this Directive with a view to ensuring road safety or security, and enhanced traffic, mobility or incident management.

2. Where specifications adopted pursuant to Article 6 concern the processing of data that are personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679, they shall lay down the categories of those data and provide for appropriate personal data protection safeguards pursuant to Regulation (EU) 2016/679 and Directive 2002/58/EC. In such cases, the impact assessment referred to in Article 6(7) of this Directive shall include an analysis of the impact of such processing on the protection of natural persons with regard to the processing of personal data.

3. Where anonymisation is technically feasible, and the purposes of data processing can be achieved with anonymised data, anonymised data shall be used.

4. Where anonymisation is not technically feasible, or the purposes of data processing cannot be achieved with anonymised data, data shall be pseudonymised, provided that pseudonymisation is technically feasible and the purposes of data processing can be achieved with the use of pseudonymised data.