IDC Names Securiti a Worldwide Leader in Data Privacy


European Union DMA

Operationalize DMA compliance with the most comprehensive PrivacyOps platform

Last Updated on November 14, 2023

Privacy Center
Fully Functional In Minutes

Elegant Consumer Frontend, Fully Automated Backend, Privacy Regulation Intelligent Everywhere.


The EU Digital Markets Act (DMA) is part of the EU Digital Services Package that aims to create a safer online space along with the EU Digital Services Act (DSA). The DMA aims to ensure a contestable, fair, and competitive digital market and to ban unfair business practices by large online platforms.

The DMA regulates designated gatekeeper organizations that provide core platform services (CPS) in at least three member states of the EU. Core platform services that can fall under the scope of the DMA includes online intermediation services, online search engines, online social networking services, video-sharing platform services, number-independent interpersonal communications services, operating systems, web browsers, virtual assistants, cloud computing services, and online advertising services.

For an organization to come under the scope of the Act, it must meet one of the following thresholds:

  • It has an annual EEA turnover equal to or above EUR 7.5 billion in the last three financial years, or the equivalent fair market value of the undertaking to which it belongs amounts to at least EUR 75 billion in the last financial years and provides a CPS in at least three member states.
  • It has more than 45 million monthly active end users established or located in the EU and more than 10,000 yearly active business users established in the EU in the last financial year.

The DMA was published in the Official Journal of the European Union on 12 October 2022. It enters into force on 1 November 2022, and the notification process by which the European Commission designates companies as “gatekeepers” under the Act starts six months later, i.e., on 1 May 2023. Once an organization has received notification by the European Commission that it has been designated as a gatekeeper, it will have six months to comply with the requirements of the DMA at the latest by 6 March 2024.

All designated gatekeepers must comply with DMA's list of dos and don'ts. The DMA is one of the first measures to thoroughly restrict the power of the biggest internet businesses as gatekeepers.

Once put into effect, it will create a set of requirements for chosen gatekeepers and enforce penalties, including fines of up to 10% of the global turnover, in the event of non-compliance.

The Solution

Securiti enables organizations to comply with the EU’s Digital Markets Act (DMA) through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

Securiti supports enterprises in their journey toward compliance with the EU’s Digital Markets Act (DMA) through automation, enhanced data visibility, and identity linking.

See how our comprehensive PrivacyOps platform helps you comply with various sections of the EU’s Digital Markets Act (DMA).

EU Digital Markets Act Compliance Solution

With its state-of-the-art artificial intelligence and machine-learning-based tools, Securiti is a market leader in providing data governance and compliance solutions.

Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.

Map Data Flows

DMA Article 5(1)(a), DMA Recital 46

Securiti allows organizations to discover and protect large datasets via automated data mapping. Effective and automated data mapping helps match personal data with its correct owners in all structured and unstructured data systems. This ultimately allows gatekeeper organizations to ensure purpose limitation in relation to aggregated and non-aggregated data.

Data Flow Mapping
Universal Cookie Consent Management Dashboard

Monitor and Track Consent

DMA Article 5(2), DMA Recital 36, Recital 37, Recital 60

Securiti's Consent Management Platform enables organizations to obtain end-user's consent for data access, retrieval, and advertising purposes. It allows consent management as per the requirements of the GDPR and e-Privacy Directive. Moreover, accurate consent status is recorded to demonstrate compliance.

Privacy Notice Creation & Management

DMA Recital 72

Securiti's Privacy Notice Creation and Management Solution allows organizations to transparently inform their users about any access or use of their personal data. Gatekeeper organizations can describe the basis upon which profiling is performed, including whether personal data is relied on and the purposes for which the profile is prepared.

Privacy Notice Management
Data Security Configuration Dashboard

Implement Security Controls

DMA Recital 9, Recital 10

Securiti's Data Intelligence enables organizations to identify emerging risk areas and implement security controls. This ultimately enables gatekeeper organizations to facilitate access to data in real-time utilizing appropriate technical measures.

Key Obligations for Gatekeepers Under Digital Markets Act

  • To refrain from combining personal data gained through the CPS with personal data from any other service of the gatekeeper or with personal data from third-party services.
  • To refrain from automatically signing in end-users to other services of the gatekeeper in order to combine personal data unless the user has consented as per the requirements of the GDPR.
  • To allow end-users effective data portability.
  • To refrain from preventing business users to offer different terms (lower prices) through different channels.
  • To allow end users to easily uninstall pre-installed apps or change default settings on operating systems.
  • To allow end users to unsubscribe from core platform services of the gatekeeper as easily as they subscribe to them.

Quick Facts about Digital Markets Act


Gatekeeper organizations that are subject to the DMA include online intermediation services, search engines, social networking services, video-sharing platforms, advertising services, and cloud computing services.


The DMA aims to guarantee that the European Digital Markets are more competitive by allowing new competitors to enter the market and prohibiting big businesses from misusing their market dominance.


The largest digital platforms operating in the European Union that have strong economic positions and significant impact on the internal market are DMA’s focus.


The DMA complements the GDPR’s right to data portability in relation to the obligation of the CSP to ensure effective portability and continuous and real-time access to data provided or generated by end-users.


The DMA deals with both personal and non-personal data. Personal data must be protected as per the requirements of the GDPR.


A gatekeeper risks a fine of up to 10% of its annual global turnover if it violates the DMA. A fine of up to 20% of its global turnover may be applied for a repeat offense.


Those who are harmed by the conduct of non-complying gatekeepers have the right to direct action for damages (through collective actions) in national courts.

IDC MarketScape

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Read the Report