Menu
undefined undefined
My dashboard
My Content
My products (0) My insights (0) My events (0) My contacts (0)

EU Data Act

What is the EU Data Act and why do companies need to consider it

Key contacts

What is the EU Data Act?

The EU Data Act regulates access to and use of product data generated by connected products or related services by individuals or companies that own the connected product or to whom temporary rights to use that connected product have been contractually transferred, or that receives related services (“users”).

This includes data generated by the use of connected products or provision of related services (with or without user interaction) (“product data”). This also includes pre-processed data. In scope is, amongst others, data generated by sensors, data recorded by embedded applications and result or by-product of user’s action (“diagnostics data”).

Not in scope of the EU Data Act: Content itself / data created by user, data transmitted to the connected product for storage purposes (servers / cloud), derivative data (outcome of additional investments), testing of new products.

The EU Data Act sets out obligations of data holders to make data available to public sector bodies and EU institutions, agencies or bodies based on “exceptional need”.

The EU Data Act regulates switching between cloud service providers that process data. Since such a requirement means that existing data processing services must be compatible with each other, the EU Data Act finally regulates requirements for the interoperability of data.

Schematic Overview of the EU Data Act

Key dates

  • 11 January 2024: The EU Data Act entered into force
  • 12 September 2025: The EU Data Act becomes applicable
  • 12 September 2026: The obligation to make connected products and related services data readily available to the user applies as of 12 September

Countdown to the date the EU Data Act becomes applicable

0

Days

0

Hours

0

Minutes

Why companies need to consider this now and what they need to do

Manufacturers and Data Holders need to:

  • Implement design requirements in time (Manufacturer / Provider)
  • Get to know your data
  • Start developing price book for data
  • Classify non-personal – personal data (tricky in large data sets / machine data)
  • Draft proper data license terms
  • Take into account FRAND as far as pricing is concerned
  • Prepare for B2G data access requests

Data Recipients must:

  • Assess where / whether your company may profit as Data Recipient (aftermarket services!)
  • Negotiate proper data license agreement

Users need to:

  • Assess where your company may profit from access to data
  • Check whether you wish to involve a third-party as data recipient
  • Put in place proper agreement with data recipient

Cloud Providers / Cloud Switching must:

  • Structure contracts appropriately
  • Be aware of international data flows and interoperability requirements

To find out how Simmons & Simmons can support you in becoming compliant with the Act, get in touch.

This document (and any information accessed through links in this document) is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.

Key contacts

If you have any questions, contact a member of the EU Data Act team for assistance:

This website uses cookies and other similar technologies to ensure you get the best experience on our website. Please review our cookie policy and our data protection privacy notice for more information on how the data that is collected is used.