> For the complete documentation index, see [llms.txt](https://frameworks.greendealdata.eu/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://frameworks.greendealdata.eu/governnace-frameworks/gdds-rulebook/data-sovereignty-and-technical-governance/6.-participant-responsibilities.md).

# 6. Participant responsibilities

## Rule&#x20;

[Participants are responsible for ensuring that their internal data governance practices align with the GDDS governance framework. Internal governance processes should address: ](#user-content-fn-1)[^1]

* management of data rights and permissions;&#x20;
* data quality assurance;&#x20;
* monitoring and observability of data transactions;&#x20;
* traceability and provenance of shared data;&#x20;
* semantic declaration of data offerings in accordance with GDDS requirements;&#x20;
* regulatory compliance.&#x20;

By combining governance rules with interoperable technical infrastructure, the GDDS enables secure data sharing while preserving data sovereignty and operational flexibility for participants.&#x20;

Participants that operate shared trust services (Certified roles — Participant Registry, Identity Provider, Authorisation Registry) additionally meet the federated-infrastructure security baseline identified by Working Group 3: incident response under Sirtfi, an Acceptable Use Policy based on the WISE Baseline AUP, and the AARC-G084 Security Operational Baseline (including log retention and secure operation). All participants accept the Acceptable Use Policy at onboarding. These obligations are stated in the Technical Framework (see Data Sovereignty and Trust — “Baseline security and data-protection obligations”) and are assessed under the Conformity Framework & Governance Enforcement.&#x20;

Source: D3.1 GDDS first version report (WP3), §2.3.3–2.3.4 (Working Group 3).&#x20;

{% hint style="warning" %}
*Note: The technical specifications, standards, and implementation requirements supporting this governance layer, including data exchange protocols, semantic interoperability mechanisms, provenance models, and identity & access policy enforcement, are described in the Technical Framework (see* [*Data Interoperability;*](/11-data-interoperability.md) [*Data Sovereignty & Trust)*](/12-data-sovereignty-and-trust.md)*.*&#x20;
{% endhint %}

[^1]: to confirm
