Responsible Reuse of Data
For business customers
REsponsible: ethical data marketplace meeting all compliance and security needs
REuse: let’s make sensitive data eligible for commercialization so that monetization and secondary use can be created with the consent of the users
Then ethical personal data market
Secondary usage of data is in interest of all parties. The reData.me platform enables all stakeholders in a personal data market to engage in ethical data trading that is built around the consent of the data subjects.
Many companies collect a lot of data that would be suitable for other purposes than their original purpose. But due to the personal nature of the data, they are usually not able to be monetized, despite the lost opportunity on both ends. The reData.me platform creates the opportunity for the organization to offer the data generated in the company for sale in data packages, so that the request for the final transfer of the data always comes from the data owner.
We often cause unnecessy inconvenience to our customers by requesting data, as they would be available elsewhere. We could even offer new services building on the secondary usage of data available at partners that we could never have offered on data collected on our own. The reData.me platform enables the development of new services based on the retrieval of data from it’s original space driven by a user consent.
Three-sided transaction - four-sided interest
The reData.me platform connects the actors with the data (data holder), the actors intending to use the data (data user) and the persons about whom the data are about (data owner). We believe that if all parties are interested in the transaction, new data values can be offered that provide a better customer experience, new services, or new research. That is why we have developed a business model that is profitable and transparent to all parties while complying with the legal and security requirements.
Data holder side
We allow data holders to define data packages, for which they can define a price for a third-party access. The description and price of the data packages will be displayed in the reData.me data marketplace where data users can browse. If data users launch a service in which the data owner gives permission to transfer the data, the data holder receives an access fee for transfering the data. In this way, the accumulated data capital can indeed be converted into assets with a turnover value.
Data user side
we allow data users to create data request forms containing offers to data owners (end users) and the data they intend to request. his gives data users an accurate view of what data they can use for what purpose and, if there is user consent, how much the transaction will cost them. This allows them to make a clear business calculation of whether it’s worth starting a data-based service and requesting valuable data.
Data owner side
Data owners are the main beneficiaries of the reData.me platform, as they can control the secondary use of their data and enjoy the added value services, while for them the use of the system is free of charge. Moreover, in some cases it is possible for them to receive compensation directly for the use of their data for special purposes, of which they are not the direct beneficiaries.
The business model of the reData.me is based on transaction fees. Of the data access fees paid to data holders , 10% is spent on the operation and development of the reData.me. With this model, reData.me is also interested in having the most transactions possible on it’s platform thus making as much money as possible for data owners and generating as much value as possible from the data transfer.
ue to the well-chosen business model, integrating to the reData platform is free of charge, you only have to pay for the transactions that was delivered.
One integration - many connections
By integrating once with the reData.me platform, your organization can join many organizations that are willing to engage in ethical data trading. Joining is easy and free.
During technical integration, we install a Local Redata Gateway (LRG) to create a node for your organization to participate in encrypted data transfers or requests for data. In doing so, we ensure the management of private and public keys, integration with databases and connection to the necessary customer authentication procedures.
Define data supply and/or demand
On the data supply page, it is possible to define data packages, which can be issued about each user based on their consents. Metadata about the defined data packages is displayed in the reData.me data market.
On a data request page , you can define data requester form for each business case the company has , in which you can specify which data packages your organization would request for a specific business process should there be a customer need. The trigger of your data requester form can be connected to your organization’s own page so that customers can be reached.
When a user triggers a data requester form on the organization’s side, the reData.me collects the user’s consent and redirects the user to the owner of the selected data package, and then performs the transfer of the encrypted data.
On the basis of the transactions carried out and the prices defined in the data market space, a settlement and a monthly payment will be made between the actors involved in the data trading.
Safe, Secure and compliant.
The reData.me platform pays particular attention to ensuring that the framework it provides meets all safety and security standards. Ensuring both security and compliance is of paramount importance in this.
Our system is designed technologically to eliminate potential misuses.
The reData.me system is designed in such a way that even the operators of the reData.me cannot see into the data transmitted by the platform. The transferred data is encrypted on the data holder’s server with the data user’s public key, which can only be unlocked with the data user’s private key. Because of this, if anywhere, anyone would be able to access a data package during the transfer, they would only see an encrypted file. This is the reason, why even reData.me do not have access to personal data at all.
Data holder side authentication
When a user wants to request the transfer of his or her data, after identifying the scope of the data, the user is redirected by the reData.me to the data holder’s page, where he or she must authenticate themselves. This is how the data holder can verify that it is a legitimate request and who is the user to whom it is required to disclose its data. With this technology, we can ensure that the reData.me platform does not even know who the user is. All we need to know is that he had the ability to authenticate him- or herself at the data holder.
It is important that the reData.me platform keeps track of the consents upon which it has provided data based on what requests it has fulfilled. This information is stored using an inadvertable loging technique (SAML protocol),which allows us to have a clear and verifiable status of the legal basis for the transactions we have made. The same secure log encryption technology is also used to perform citizen authentications across Europe.
The use, especially secondary use, of data in Europe is determined by the GDPR framework. In addition, a number of European policies are now being developed that will frame the movement of data. In addition, a number of European policies are now being developed that will frame the movement of data. When designing reData.me,one of our basic principles was that the companies using our system for data trading could easily comply with the live and upcoming regulations.
In the structure of the system, the use of data should clarify exactly for what purpose the requester will use it and what benefit the end-user will derive from it. This is read and approved by the user, so the requirement for purposeful, understanding consent is fully met. (GDPR Article 6.7)
Purpose bound data usage
Releasing data is always a delicate operation from a legal point of view. In the system of reData.me, when a user accepts that a data package can be used for a specific purpose, a data transfer request is made to the data holder. Thus, the data-giving party has a clear legal basis for the release of the requested data on the grounds of the right to data portability. (Article 20 GDPR).
Data sharing service provider
Since reData.me cannot look into the data it transfers it certainly cannot provide data analytics services. This makes us a perfect partner in the value-chain of creating value from data as the data sharing service provider. The primary objective of the Data Governance Act, which is still under negotiation, is to define neutral actors in the trading of data from the point of view of such data analysis, which requirement is also met by reData.me.