My Portal
My Portal
Global | EN

EU Data Act Compliance

Read what businesses need to know and implement to ensure fair data access and create new opportunities.
Pictogram in .SVG for Data Trust Center

Key Points at a Glance

  • Pictogram in .SVG for Calendar Plans

    Effective Date

    The EU Data Act is applicable in all EU Member States as of 12 September 2025.

  • Pictogram in .SVG for Target

    Objectives and Core Provisions

    The regulation governs data from connected products/services and sets B2B/B2G access, interoperability, cloud switching and protection from unfair terms.

  • Pictogram in .SVG for Computer User

    Who Qualifies as a 'User'?

    A user is any natural or legal person who owns, rents, or leases a connected product or receives related services.

  • Pictogram in .SVG for Cloud Hosting

    Cloud Switching

    Switching fees will be phased out by 12 January 2027. Until then, only cost-based, reduced fees are permitted.

  • Pictogram in .SVG for Save Costs

    Enforcement and Penalties

    The responsible national authorities enforce effective and proportionate sanctions for violations; penalties vary, with fines up to €5m or 4% of turnover.

What Is the EU Data Act?

The EU Data Act sets clear rules on who can access and use data from connected products and related services, and under what conditions. It strengthens user rights, promotes fair data sharing between businesses, and makes switching between cloud and other data processing services easier.

The regulation entered into force on 11 January 2024, and has applied across the EU since 12 September 2025. As part of the European strategy for data, it aims to create a fair and competitive data economy for businesses and users alike.


Why Is the EU Data Act Important for Businesses?

The EU Data Act affects manufacturers and providers of connected products, data holders, providers of related services, and cloud service providers. Businesses must enable Access-by-Design, meaning products and services should allow users to obtain their usage data quickly, securely, and in a common format, and share it with third parties.

The Act also facilitates parallel or alternative use of multiple cloud services and protects businesses against unfair contract terms related to data. These new rights are expected to drive efficiency gains and foster new after-sales services, especially in industries such as manufacturing, mobility, and agriculture.


Get Started With TÜV SÜD

Prepare your business for EU Data Act compliance and create new innovation opportunities. Our experts guide you through every step.
Request our service

Our TÜV SÜD Services for the EU Data Act 2025

  • Data Act Gap Analysis: Maturity assessment, obligation mapping, action plan
  • Data Inventory & Data Flows: Identifiable data, formats, interfaces
  • Product/Service Design: Access-by-Design, security and continuity requirements
  • Contract Adjustments: Recommendations for Data Act-compliant contracts
  • Cloud Switching & Interoperability: Exit strategies, switching processes, technical and organisational measures
  • B2G Request Management: Processes/templates for exceptional cases
  • Training & Enablement: Empower teams on roles, rights, and obligations

Our service portfolio is designed for companies acting as data holders, data users, or manufacturers of connected products or related software. Legal reviews can be arranged through qualified legal professionals upon request. TÜV SÜD facilitates these connections but does not provide legal services directly.


The Data Act strengthens user access rights and makes data a key economic resource. Data holders must enable access, ensure fair compensation, protect trade secrets, and meet data protection requirements. Clear processes, such as data inventories, compliant contracts, Access-by-Design, and defined interfaces, are essential to avoid risks such as unintended data transfers or non-compliance. Strategic action enables compliance and new service opportunities.
Pictogram in .SVG for Internal Experts

Dr. Max-Hendrik Böttcher, TÜV SÜD

Director, Data Protection Services

Frequently Asked Questions

What Is the EU Data Act 2025?
The EU Data Act is Regulation (EU) 2023/2854, establishing harmonised rules for fair data access and use. It applies directly in all EU Member States.
What Are the Key Objectives of the EU Data Act 2025?
The Act aims to ensure fair access to and use of data, define rights and obligations for stakeholders, and promote interoperability and cloud switching. These measures support the European strategy for data.
Who Does the EU Data Act Apply To?
It applies to manufacturers and providers of connected products, data holders, providers of related services, and cloud service providers.
What Is the Difference Between GDPR and the EU Data Act?
• GDPR: Protects personal data and sets requirements for its processing.
• EU Data Act: Governs access to and use of non-personal and industrial data, including rights and obligations for businesses.
What Is the Penalty for Failure to Comply With the EU Data Act?
Penalties vary by Member State. They must be effective, proportionate, and dissuasive. Some national drafts propose fines up to €5 million or up to 4% of annual EU turnover.

Knowledge Highlights

Article

shutterstock_565959685

#Service knowledge #Future insights #Cybersecurity #Consumer Products and Retail

Cyber Resilience Act: A new era in product cybersecurity

Read More

Article

Cybersecurity requirements Radio Equipment Directive

5 key points about the new cybersecurity requirements for RED

Read More

Article

New EU security legislation

#Service knowledge #Consumer Products and Retail

New EU security legislation under the Radio Equipment Directive (RED)

Read More

Related Services