ABSTRACT – The paper aims to examine the main changes to the GDPR envisaged in the Digital Omnibus, the package of legislative proposals presented by the Commission on 19 November 2025. This package aims to simplify the legal framework governing the digital sector in order to promote competitiveness and technological innovation at the European Union level. Despite these premises, the proposal addresses some fundamental aspects of the digital acquis, affecting the scope of the data protection obligations established by the GDPR. In this regard, the analysis focuses on three aspects of the Digital Omnibus that are considered to be of particular interest: the new definition of “personal data” in Article 4(1); the rules on data processing in the context of the development and operation of artificial intelligence systems; and the limitations on the exercise of the right of access to personal data enshrined in Article 15.
