1. Gatekeepers shall comply with this Article in respect of each of its core platform services listed in the designation decision pursuant to Article 3(9).

2. The gatekeeper shall not:

(a) process, for the purpose of providing online advertising services, personal data of end users using services of third-parties that make use of core platform services of the gatekeeper;

(b) combine personal data from the relevant core platform service with personal data from other core platform services or from any other services provided by the gatekeeper or with personal data from third-party services;

(c) cross-use personal data from the relevant core platform service in other services provided separately by the gatekeeper, including other core platform services, and vice-versa; and

(d) sign in end users to other services of the gatekeeper in order to combine personal data,

However, the first subparagraph of this paragraph shall not apply where the end user has been presented with the specific choice and has given consent in the sense of Article 4, point (11), and Article 7 of Regulation (EU) 2016/679.

Where the consent under the first subparagraph has been refused or withdrawn by the end user, the gatekeeper shall not repeat its request for consent for the same purpose more than once within a period of one year.

This paragraph is without prejudice to the possibility for the gatekeeper to rely on Article 6(1), points (c), (d) and (e) of Regulation (EU) 2016/679, where applicable.

3. The gatekeeper shall not apply obligations that prevent business users from offering the same products or services to end users through third party online intermediation services or through their own direct online sales channel at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper.

4. The gatekeeper shall allow business users, free of charge, to communicate and promote offers, including under different conditions, to end users acquired via its core platform service or through other channels, and to conclude contracts with those end users, regardless of whether, for that purpose, they use the core platform services of the gatekeeper.

5. The gatekeeper shall allow end users to access and use, through its core platform services, content, subscriptions, features or other items, by using the software application of a business user, including where those end users acquired such items from the relevant business user without using the core platform services of the gatekeeper.

6. The gatekeeper shall not directly or indirectly prevent or restrict business users or end users from raising any issue of non-compliance with the relevant Union or national law by the gatekeeper with any relevant public authority, including national courts, related to any practice of the gatekeeper. This is without prejudice to the right of business users and gatekeepers to lay down in their agreements the terms of use of complaint-handling mechanisms, provided that those terms of use are permitted under Union or national law.

7. The gatekeeper shall not require end users to use, or business users to use, to offer, or to interoperate with, an identification service, a web browser engine, a payment service or a technical service of that gatekeeper that supports payment services, such as payment systems for in-app purchases, in the context of services provided by the business users using that gatekeeper’s core platform services.

8. The gatekeeper shall not require business users or end users to subscribe to, or register with, any other core platform services listed in the designation decision pursuant to Article 3(9) or which meet the thresholds in Article 3(2), point (b), as a condition for being able to use, access, sign up for or registering with any of that gatekeeper’s core platform services listed pursuant to that Article.

9. The gatekeeper shall provide each advertiser to which it supplies online advertising services, or third parties authorised by advertisers, upon the advertiser’s request, with information on a daily basis free of charge, concerning each advertisement placed by the advertiser, regarding:

(a) the price and fees paid by that advertiser, including any deductions and surcharges, for each of the relevant online advertising services provided by the gatekeeper,

(b) the remuneration received by the publisher, including any deductions and surcharges, subject to the publisher’s consent; and

(c) the metrics on which each of the prices, fees and remunerations are calculated.

In the event that a publisher does not consent to the sharing of information regarding the remuneration received, as referred to in point (b) of the first subparagraph, the gatekeeper shall provide each advertiser free of charge with information concerning the daily average remuneration received by that publisher, including any deductions and surcharges, for the relevant advertisements.

10. The gatekeeper shall provide each publisher to which it supplies online advertising services, or third parties authorised by publishers, upon the publisher’s request, with free of charge information on a daily basis, concerning each advertisement displayed on the publisher’s inventory, regarding:

(a) the remuneration received and the fees paid by that publisher, including any deductions and surcharges, for each of the relevant online advertising services provided by the gatekeeper,

(b) the price paid by the advertiser, including any deductions and surcharges, subject to the advertiser’s consent; and

(c) the measure on which each of the prices and remunerations are calculated.

In the event an advertiser does not consent to the sharing of information, the gatekeeper shall provide each publisher free of charge with information concerning the daily average price paid by that advertiser, including any deductions and surcharges, for the relevant advertisements.

1. Gatekeepers shall comply with this Article in respect of each of its core platform services listed in the designation decision pursuant to Article 3(9).2. The gatekeeper shall not use, in competition with business users, any data that is not publicly available that is generated or provided by those business users in the context of their use of the relevant core platform services or of the services provided together with, or in support of, the relevant core platform services, including data generated or provided by the end users of those business users.

For the purposes of the first subparagraph, the data that isnot publicly available shall include any aggregated and non-aggregated data generated by business users that can be inferred from, or collected through, the commercial activities of business users or their end users, including click, search, view and voice data, on the relevant core platform services or on services provided together with, or in support of, the relevant core platform services of the gatekeeper.

3. The gatekeeper shall allow and technically enable end users to easily un-install any software applications on its operating system, without prejudice to the possibility for that gatekeeper to restrict such un-installation in relation to software applications that are essential for the functioning of the operating system or of the device and which cannot technically be offered on a standalone basis by third-parties.

The gatekeeper shall allow and technically enable end users to easily change default settings on its operating system, virtual assistant and web browser that direct or steer end users to products or services provided by the gatekeeper. That includes prompting end users, at the moment of the end users’ first use of an online search engine, virtual assistant or web browser listed in the designation decision pursuant to Article 3(9), to choose, from a list of the main available service providers, the online search engine, virtual assistant or web browser to which the operating system of the gatekeeper directs or steers users by default, and the online search engine to which the virtual assistant and the web browser of the gatekeeper directs or steers users by default.

4. The gatekeeper shall allow and technically enable the installation and effective use of third party software applications or software application stores using, or interoperating with, its operating system and allow those software applications or software application stores to be accessed by means other than the relevant core platform services of that gatekeeper. The gatekeeper shall, where applicable, not prevent the downloaded third party software applications or software application stores from prompting end users to decide whether they want to set that downloaded software application or software application store as their default. The gatekeeper shall technically enable end users who decide to set that downloaded software application or software application store as their default to carry out that change easily.

The gatekeeper shall not be prevented from taking measures to ensure that third party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper, provided that such measures go no further than is strictly necessary and proportionate and are duly justified by the gatekeeper.

Furthermore, the gatekeeper shall not be prevented from applying measures and settings other than default settings, enabling end users to effectively protect security in relation to third party software applications or software application stores, provided that such measures and settings go no further than is strictly necessary and proportionate and are duly justified by the gatekeeper.

5. The gatekeeper shall not treat more favourably, in ranking and related indexing and crawling, services and products offered by the gatekeeper itself than similar services or products of a third party. The gatekeeper shall apply transparent, fair and non-discriminatory conditions to such ranking and related indexing and crawling.

6. The gatekeeper shall not restrict technically or otherwise the ability of end users to switch between, and subscribe to, different software applications and services that are accessed using the core platform services of the gatekeeper, including as regards the choice of Internet access services for end users.

7. The gatekeeper shall allow providers of services and providers of hardware, free of charge, effective interoperability with, and access for the purposes of interoperability to, the same hardware and software features accessed or controlled via the operating system or virtual assistant listed in the designation decision pursuant to Article 3(9) as are available to services or hardware provided by the gatekeeper. Furthermore, the gatekeeper shall allow business users and alternative providers of services provided together with, or in support of, core platform services, free of charge, effective interoperability with, and access for the purposes of interoperability to, the same operating system, hardware or software features, regardless of whether those features are part of the operating system, as are available to, or used by, that gatekeeper when providing such services.

The gatekeeper shall not be prevented from taking strictly necessary and proportionate measures to ensure that interoperability does not compromise the integrity of the operating system, virtual assistant, hardware or software features provided by the gatekeeper, provided that such measures are duly justified by the gatekeeper.

8. The gatekeeper shall provide advertisers and publishers, as well as third parties authorised by advertisers and publishers, upon their request and free of charge, with access to the performance measuring tools of the gatekeeper and the data necessary for advertisers and publishers to carry out their own independent verification of the advertisements inventory, including aggregated and non-aggregated data. Such data shall be provided in a manner that enables advertisers and publishers to run their own verification and measurement tools to assess the performance of the core platform services provided for by the gatekeepers;

9. The gatekeeper shall provide end users and third parties authorised by an end user, at their request and free of charge, with effective portability of data provided by the end user or generated through the activity of the end user in the context of the relevant core platform service, including by providing, free of charge, tools to facilitate the effective exercise of such data portability, and including by the provision of continuous and real-time access to such data;

10. The gatekeeper shall provide business users and third parties authorised by a business user, at their request, free of charge, with effective, high-quality, continuous and real-time access to, and use of, aggregated and non-aggregated data, including personal data, that is provided for or generated in the context of the use of the relevant core platform services or services provided together with, or in support of, the relevant core platform services by those business users and the end users engaging with the products or services provided by those business users. With regard to personal data, the gatekeeper shall provide access to data and use them only where they are directly connected with the use effectuated by the end user in respect of the products or services offered by the relevant business user through the relevant core platform service, and when the end user opts in to such sharing by giving their consent.

11. The gatekeeper shall provide to any third party undertaking providing online search engines, at their request, with access on fair, reasonable and non-discriminatory terms to ranking, query, click and view data in relation to free and paid search generated by end users on its online search enginesAny such query, click and view data that constitutes personal data shall be anonymised.

12. The gatekeeper shall apply fair, reasonable, and non-discriminatory general conditions of access for business users to its software application stores, online search engines and online social networking services listed in the designation decision pursuant to Article 3(9).

For that purpose, the gatekeeper shall publish general conditions of access, including an alternative dispute settlement mechanism.

The Commission shall assess whether the published general conditions of access comply with this paragraph.

13. The gatekeeper shall not have general conditions for terminating the provision of a core platform service that are disproportionate. The gatekeeper shall ensure that such conditions of termination can be exercised without undue difficulty.

1. Where a gatekeeper provides number-independent interpersonal communications services that are listed in the designation decision pursuant to Article 3(9), it shall make the basic functionalities of its number-independent interpersonal communications services interoperable with the number-independent interpersonal communications services of another provider offering or intending to offer such services in the Union, by providing the necessary technical interfaces or similar solutions that facilitate interoperability, upon request, and free of charge.2. The gatekeeper shall make at least the following basic functionalities referred to in paragraph 1 interoperable where the gatekeeper itself provides those functionalities to its own end users:

(a) following the listing in the designation decision pursuant to Article 3(9):

(i) end-to-end text messaging between two individual end users;

(ii) sharing of images, voice messages, videos and other attached files in end-to-end communication between two individual end users.

(b) within 2 years from the designation:

(i) end-to-end text messaging within groups of individual end users;

(ii) sharing of images, voice messages, videos and other attached files in end-to-end communication between a group chat and an individual end user;

(c) within 4 years from the designation:

(i) end-to-end voice calls between two individual end users;

(ii) end-to-end video calls between two individual end users;

(iii) end-to-end voice calls between a group chat and an individual end user;

(iv) end-to-end video calls between a group chat and an individual end user.

3. The level of security, including the end-to-end encryption, where applicable, that the gatekeeper provides to its own end users shall be preserved across the interoperable services.

4. The gatekeeper shall publish a reference offer laying down the technical details and general terms and conditions of interoperability with its number-independent interpersonal communications services, including the necessary details on the level of security and end-to-end encryption. The gatekeeper shall publish that reference offer within the period laid down in Article 3(10) and update it where necessary.

5. Following the publication of the reference offer pursuant paragraph 3, any provider of number-independent interpersonal communications services offering or intending to offer such services in the Union may request interoperability with the number-independent interpersonal communications services provided by the gatekeeper. Such a request may cover some or all of the basic functionalities listed in paragraph 2. The gatekeeper shall comply with any reasonable request for interoperability within 3 months after receiving that request by rendering the requested basic functionalities operational.

6. The Commission may, exceptionally, upon a reasoned request by the gatekeeper, extend the time limits for compliance under paragraph 2 or 5 where the gatekeeper demonstrates that this is necessary to ensure effective interoperability and to maintain the necessary level of security, including end-to-end encryption, where applicable.

7. The end users of the number-independent interpersonal communications services of the gatekeeper and of the requesting provider of number-independent interpersonal communications services shall remain free to decide whether to make use of the interoperable basic functionalities that may be provided by the gatekeeper pursuant to paragraph 1.

8. The gatekeeper shall collect and exchange with the provider of number-independent interpersonal communications services that makes a request for interoperability only the personal data of end users that is strictly necessary to provide effective interoperability. Any such collection and exchange of the personal data of end users shall fully comply with Regulation (EU) 2016/679 and Directive 2002/58/EC.

9. The gatekeeper shall not be prevented from taking measures to ensure that third-party providers of number-independent interpersonal communications services requesting interoperability do not endanger the integrity, security and privacy of its services, provided that such measures are strictly necessary and proportionate and are duly justified by the gatekeeper.

1. The gatekeeper shall ensure and be able to demonstrate compliance with the obligations laid down in Articles 5, 6 and 7 of this Regulation. The measures implemented by the gatekeeper to ensure compliance with those Articles shall be effective in achieving the objectives of this Regulation and of the relevant obligation. The gatekeeper shall ensure that the implementation of those measures complies with applicable law, in particular Regulation (EU) 2016/679, Directive 2002/58/EC, legislation on cyber security, consumer protection, product safety, as well as with the accessibility requirements.

2. The Commission may, on its own initiative or at the request of a gatekeeper pursuant to paragraph 3 of this Article, open proceedings pursuant to Article 20.

Within 6 months from the opening of proceedings pursuant to Article 20, the Commission shall adopt implementing acts, specifying the measures that the gatekeeper concerned is to implement in order to effectively comply with the obligations laid down in Article 6. Those implementing acts shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

.When opening proceedings on its own initiative, for circumvention, pursuant to Article 13, such measures may concern the obligations laid down in Articles 5, 6 and 7.

3. A gatekeeper may request the Commission to engage in a process to determine whether the measures that that gatekeeper intends to implement or has implemented to ensure compliance with Article 6 and 7 are effective in achieving the objective of the relevant obligation in the specific circumstances of the gatekeeper.

The Commission shall have discretion in deciding whether to engage in such a process, respecting the principles of equal treatment, proportionality and good administration.

In its request, the gatekeeper shall provide a reasoned submission to explain the measures that it intends to implement or has implemented. The gatekeeper shall furthermore provide a non-confidential version of its reasoned submission that may be shared with third parties pursuant to paragraph 6.

4. Paragraphs 2 and 3 of this Article are without prejudice to the powers of the Commission under Articles 29, 30 and 31.

5. With a view of adopting the decision under paragraph 2, the Commission shall communicate its preliminary findings to the gatekeeper within 3 months from the opening of the proceedings under Article 20. In the preliminary findings, the Commission shall explain the measures that it is considering taking or that it considers the gatekeeper concerned should take in order to effectively address the preliminary findings.

6. In order to effectively enable interested third parties to provide comments, the Commission shall, when communicating its preliminary findings to the gatekeeper pursuant to paragraph 5 or as soon as possible thereafter, publish a non-confidential summary of the case and the measures that it is considering taking or that it considers the gatekeeper concerned should take. The Commission shall specify a reasonable timeframe within which such comments are to be provided.

7. In specifying the measures under paragraph 2, the Commission shall ensure that the measures are effective in achieving the objectives of this Regulation and the relevant obligation, and proportionate in the specific circumstances of the gatekeeper and the relevant service.

8. For the purposes of specifying the obligations under Article 6(1), points (j) and (k), the Commission shall also assess whether the intended or implemented measures ensure that there is no remaining imbalance of rights and obligations on business users and that the measures do not themselves confer an advantage on the gatekeeper which is disproportionate to the service provided by the gatekeeper to business users.

9. In respect of proceedings pursuant to paragraph 2, the Commission may, upon request or on its own initiative, decide to reopen them where:

(a) there has been a material change in any of the facts on which the decision was based; or

(b) the decision was based on incomplete, incorrect or misleading information; or

(c) the measures as specified in the decision are not effective.

1. Where the gatekeeper demonstrates in a reasoned request that compliance with a specific obligation laid down in Articles 5, 6 or7 for a core platform service listed in the designation decision pursuant to Article 3(9) would endanger, due to exceptional circumstances beyond the gatekeeper’s control, the economic viability of its operation in the Union, the Commission mayadopt implementing acts setting out its decision to exceptionally suspend, in whole or in part, the specific obligation referred to in that reasoned request (‘the suspension decision’). In those implementing acts, the Commission shall substantiate its suspension decision by identifying the exceptional circumstances justifying the suspension. Those implementing acts shall be limited to the extent and the duration necessary to address such threat to its viability. The Commission shall aim to adopt those implementing acts without delay and at the latest 3 months following receipt of a complete reasoned request. Those implementing acts shall be adopted in accordance with the advisory procedure referred to in Article 50(2).

2. Where suspension is granted pursuant to paragraph 1, the Commission shall review its suspension decision every year, unless a shorter interval is specified in that decision. Following such a review the Commission shall either wholly or partly lift the suspension, or decide that the conditions in paragraph 1 continue to be met.

3. In cases of urgency, the Commission may, acting on a reasoned request by a gatekeeper, provisionally suspend the application of a specific obligation referred to in paragraph 1 to one or more individual core platform services already prior to the decision pursuant to that paragraph. Such a request may be made and granted at any time pending the assessment of the Commission pursuant to paragraph 1.

4. In assessing the request referred to in paragraphs 1 and 3, the Commission shall take into account, in particular, the impact of the compliance with the specific obligation on the economic viability of the operation of the gatekeeper in the Union as well as on third parties, in particular SMEs and consumers. The suspension may be made subject to conditions and obligations to be defined by the Commission in order to ensure a fair balance between those interests and the objectives of this Regulation.

1. Within 6 months after its designation pursuant to Article 3, and in accordance with Article 3(10), the gatekeeper shall provide the Commission with a report describing in a detailed and transparent manner the measures it has implemented to ensure compliance with the obligations laid down in Articles 5, 6 and 7.

2. Within the deadline referred to in paragraph 1, the gatekeeper shall publish and provide the Commission with a non-confidential summary of that report.

The gatekeeper shall update that report and that non-confidential summary at least annually.

The Commission shall make a link to that non-confidential summary available on its website.

1. The Commission is empowered to adopt delegated acts in accordance with Article 49 to supplement this Regulation with regard to the obligations laid down in Articles 5 and 6. Those delegated acts shall be based on a market investigation pursuant to Article 19 that has identified the need to keep those obligations up to date in order to address practices that limit the contestability of core platform services or that are unfair in the same way as the practices addressed by the obligations laid down in Articles 5 and 6.

2. The scope of a delegated act adopted in accordance with paragraph 1 shall be limited to:

(a) extending an obligation that applies only in relation to certain core platform services, to other core platform services listed in Article 2, point (2);

(b) extending an obligation that benefits certain business users or end users so that it benefits other business users or end users;

(c) specifying the manner in which the obligations laid down in Articles 5 and 6 are to be performed by gatekeepers in order to ensure effective compliance with those obligations;

(d) extending an obligation that applies only in relation to certain services provided together with, or in support of, core platform services to other services provided together with, or in support of, core platform services;

(e) extending an obligation that applies only in relation to certain types of data to apply in relation to other types of data;

(f) adding further conditions where an obligation imposes certain conditions on the behaviour of a gatekeeper; or

(g) applying an obligation that governs the relationship between several core platform services of the gatekeeper to the relationship between a core platform service and other services of the gatekeeper.

3. The Commission is empowered to adopt delegated acts in accordance with Article 49 to amend this Regulation with regard to the list of basic functionalities identified in Article 7(2), (3) and (4), by adding or removing functionalities of number-independent interpersonal communications services. Those delegated acts shall be based on a market investigation pursuant to Article 19 that has identified the need to keep those obligations up to date in order to address practices that limit the contestability of core platform services or that are unfair in the same way as the practices addressed by the obligations laid down in Article 7.

4. The Commission is empowered to adopt delegated acts in accordance with Article 49 to supplement this Regulation in respect of the obligations in Article 7 by specifying the manner in which those obligations are to be performed in order to ensure effective compliance with those obligations. Those delegated acts shall be based on a market investigation pursuant to Article 19, which has identified the need to keep those obligations up to date in order to address practices that limit the contestability of core platform services or that are unfair in the same way as the practices addressed by the obligations laid down in Article 7.

5. A practice as referred to in paragraphs 1, 3 and 4 shall be considered to limit the contestability of core platform services or to be unfair where:

(a) there is an imbalance between the rights and obligations of business users and the gatekeeper obtains an advantage from business users that is disproportionate to the service provided by that gatekeeper to those business users; or

(b) that practice is engaged in by gatekeepers and is capable of impeding innovation and limiting choice for business users and end users because it:

(i) affects or risks affecting the contestability of a core platform service or other services in the digital sector on a lasting basis due to the creation or strengthening of barriers for other undertakings to enter the market or expand as suppliers of a core platform service or other services in the digital sector; or

(ii) prevents other operators from having the same access to a key input as the gatekeeper.

1. An undertaking providing core platform services shall not segment, divide, subdivide, fragment or split those services through contractual, commercial, technical or any other means in order to circumvent the quantitative thresholds laid down in Article 3(2). No such practice of an undertaking shall prevent the Commission from designating it as a gatekeeper pursuant to Article 3(4).

-2. The Commission may, when it suspects that an undertaking providing core platform services is engaged in a practice laid down in paragraph 1, require from that undertaking any information that it deems necessary to determine whether that undertaking has engaged in such a practice.

3. The gatekeeper shall ensure that the obligations of Articles 5, 6 and 7 are fully and effectively complied with.

4 The gatekeeper shall not engage in any behaviour that undermines effective compliance with the obligations of Articles 5, 6 and 7 regardless of whether that behaviour is of a contractual, commercial or technical nature, or of any other nature, or consists in the use of behavioural techniques or interface design.

5. Where consent for collecting, processing, cross-using and sharing of personal data is required to ensure compliance with this Regulation, a gatekeeper shall take the necessary steps either to enable business users to directly obtain the required consent to their processing, where that consent is required under Regulation (EU) 2016/679 and Directive 2002/58/EC, or to comply with Union data protection and privacy rules and principles in other ways, including by providing business users with duly anonymised data where appropriate. The gatekeeper shall not make the obtaining of that consent by the business user more burdensome than for its own services.

6. The gatekeeper shall not degrade the conditions or quality of any of the core platform services provided to business users or end users who avail themselves of the rights or choices laid down in Articles 5, 6 and 7, or make the exercise of those rights or choices unduly difficult, including by offering choices to the end-user in a non-neutral manner, or by subverting end users and business user's autonomy, decision-making, or free choice via the structure, design, function or manner of operation of a user interface or a part thereof.

7. Where the gatekeeper circumvents or attempts to circumvent any of the obligations in Article 5, 6, or 7 in a manner described in paragraphs 4, 5 and 6 of this Article, the Commission may open proceedings pursuant to Article 20 and adopt an implementing act referred to in Article 8(2) in order to specify the measures that the gatekeeper is to implement.

8. Paragraph 6 of this Article is without prejudice to the powers of the Commission under Articles 29, 30 and 31.

1. A gatekeeper shall inform the Commission of any intended concentration within the meaning of Article 3 of Regulation (EC) No 139/2004, where the merging entities or the target of concentration provide core platform services or any other services in the digital sector or enable the collection of data, irrespective of whether it is notifiable to a Union competition authority under Regulation (EC) No 139/2004 or to a competent national competition authority under national merger rules.

A gatekeeper shall inform the Commission of such a concentration prior to its implementation and following the conclusion of the agreement, the announcement of the public bid, or the acquisition of a controlling interest.

2. The information provided by the gatekeeper pursuant to paragraph 1 shall at least describe the undertakings concerned by the concentration, their Union and worldwide annual turnovers, their fields of activity, including activities directly related to the concentration, and their transaction values or an estimation thereof, along with a summary of the concentration, including its nature and rationale and a list of the Member States concerned by the concentration.

The information provided by the gatekeeper shall also describe, for any relevant core platform services, their Union annual turnovers, their numbers of yearly active business users and their numbers of monthly active end users, respectively.

3. If, following any concentration referred to in paragraph 1 of this Article, additional core platform services individually meets the thresholds in Article 3(2), point (b), the gatekeeper concerned shall inform the Commission thereof within 2 months from the implementation of the concentration and provide the Commission with the information referred to in Article 3(2).

4. The Commission shall inform the competent authorities of the Member States of any information received pursuant to paragraph 1 and publish annually the list of acquisitions of which it has been informed by gatekeepers pursuant to that paragraph.

The Commission shall take account of the legitimate interest of undertakings in the protection of their business secrets.

5. The competent authorities of the Member States may use the information received under paragraph 1 of this Article to request the Commission to examine the concentration pursuant to Article 22 of Regulation (EC) No 139/2004.

1. Within 6 months after its designation pursuant to Article 3, a gatekeeper shall submit to the Commission an independently audited description of any techniques for profiling of consumers that the gatekeeper applies to or across its core platform services listed in the designation decision pursuant to Article 3(9). The Commission shall transmit that audited description to the European Data Protection Board.

2. The Commission may adopt implementing acts referred to in Article 46(1), point (g), to develop the methodology and procedure of the audit.

2. The gatekeeper shall make publicly available an overview of the audited description referred to in the first paragraph. In doing do, the gatekeeper shall be entited to take account of the need to respect its business secrets. The gatekeeper shall update that description and that overview at least annually.