Transparency rules in2 Aug 2026
Help center / The compliance documents

The Data Governance Procedure

Where you control the data a high-risk system runs on, that data has to be good enough for the job. The Data Governance Procedure documents how you keep it that way.

Updated May 2026

What it is

A per-system procedure covering where a high-risk system's input data comes from and how you keep it relevant and fit for purpose, to the extent that data is under your control. It sits under the deployer duties in Article 26.

When it applies

Once per confirmed high-risk system where you control the input data. If a high-risk system also processes personal data, a data protection impact assessment may be needed too. See when you need a DPIA.

How to generate it

Generate it from Documents for the relevant high-risk system, then review it against where your data actually comes from and how you check its quality.

app.veillo.eu/app/documents
Data Governance Procedure
Article 26 · Per system
Select a high-risk systemGenerate
Data Governance Procedure, on the Documents screen. Per system.
A starting point, not final legal text
The template wording is a lawyer-authored input and is marked pending counsel review until signed off. Treat the generated document as a strong draft to review with your own lawyer. See what "pending counsel review" means.

Veillo is compliance tooling, not a law firm. Even counsel-reviewed content is general reference, not legal advice on your specific situation.

Was this helpful?

Still need help?

Get in touch and a human will answer, or book a short walkthrough.

A note on cookies

We use strictly necessary cookies to run the site and keep it secure. With your OK, we also use privacy-respecting, EU-hosted analytics to see how Veillo is used. No advertising, no third-party trackers. Read our cookie policy.