Kommisjonens gjennomføringsforordning (EU) 2025/1572 av 29. juli 2025 om fastsettelse av regler for anvendelse av europaparlaments- og rådsforordning (EU) nr. 910/2014 med hensyn til format og prosedyrer for notifisering om intensjon og verifisering ved igangsetting av kvalifiserte tillitstjenester
eIDAS-forordningen: intensjon og verifisering av kvalifiserte tillitstjenester
Commission Implementing Regulation (EU) .2025/1572 of 29 July 2025 laying down rules for the application of Regulation (EU) No 910/2014 of the European Parliament and of the Council as regards the format and procedures for notification of intention and verification with regard to the initiation of qualified trust services
Kommisjonsforordning publisert i EU-tidende 30.7.2025
Tidligere
- Utkast til forordning lagt fram av Kommisjonen 15.4.2025 med tilbakemeldingsfrist 13.5.2025
Bakgrunn
(fra kommisjonsforordningen)
(1) Where trust service providers intend to start providing a qualified trust service, they are to notify the supervisory body of their intention together with a conformity assessment report issued by a conformity assessment body confirming the fulfilment of the requirements laid down in Regulation (EU) No 910/2014. The supervisory body is to verify whether the trust service provider and the trust services provided by it comply with the requirements laid down in that Regulation. Where the supervisory body concludes that the trust service provider and the trust services provided by it comply with those requirements, the supervisory body is to grant qualified status to the trust service provider and the trust services it provides. To that end, supervisory bodies should make publicly available information about how trust service providers are to notify their intention of becoming a qualified trust service provider. To ensure that qualified trust service providers operate on equal terms in the Union, it is necessary that supervisory bodies verify the same type of information about trust service providers and in the same way.
(2) Supervisory bodies should be transparent about how they process the information that trust service providers include in their notifications. The supervisory bodies should therefore draw up and make publicly available a description outlining how they verify whether the trust service provider complies with the relevant requirements.
(3) The Regulation should apply from 12 months after its entry into force to ensure an adequate transitional period for Member States to be able to comply with the requirements of this Regulation by making the necessary adjustments as regards notifications to the supervisory bodies. Such adjustments may include updating national laws, organisational guidelines, and national information systems.
(4) Regulation (EU) 2016/679 of the European Parliament and of the Council (2) and, where relevant, Directive 2002/58/EC of the European Parliament and of the Council (3) apply to the personal data processing activities under this Regulation.
(5) The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council (4) and delivered its opinion on 6 June 2025.
(6) The measures provided for in this Regulation are in accordance with the opinion of the committee established by Article 48 of Regulation (EU) No 910/2014,