Summary: What is the Data Act?
The EU Data Act, also known as the Data Act, is an EU regulation that came into force on January 11, 2024. After a transitional period, it will apply in all EU member states from September 12, 2025.
The Data Act aims to make data more accessible—not only for businesses but also for consumers. It therefore includes numerous provisions on data access, data transparency, data sharing, data handling, and data portability.
In this way, the regulation seeks to create fair competitive conditions, promote innovation, and strengthen both businesses and consumers.
Our Article Series on the EU Data Act
Which Companies Are Particularly Affected?
These companies should prepare:
Providers of connected products and digital services, e.g. manufacturers of smart home devices, car manufacturers, providers of blood sugar monitoring systems
Companies that require third-party data, e.g. research institutions; pharmaceutical companies that need patient data; energy suppliers that rely on grid data
Public institutions, e.g. authorities that need data to better manage crisis situations such as natural disasters (only under certain conditions!)
Cloud providers and data-sharing service providers, e.g. cloud service providers, platform operators, SaaS providers
What Obligations Do Companies Have?
According to the Data Act, companies must handle data in a fair and transparent manner. Here are some examples of issues that businesses may face:
Example Case: IoT Manufacturer
Challenge
- • Data holders, such as the IoT manufacturer, must make user data available to the users.
- • Users (buyers or renters) have control over the IoT data of their device as well as all related services. Under certain conditions, users may share this data with third parties.
- • As a result, the IoT manufacturer risks losing parts of its business model and exposing its trade secrets.
Solution
There may be ways to prevent all data from being shared without limitation: for example, data can be protected as trade secrets if they are confidential, economically valuable, and safeguarded by appropriate secrecy measures.
In practice, the company’s legal counsel would review the processes together with the company to determine how it can act in compliance with the law while protecting its trade secrets.
Legal and Data Protection Advice
on the Data ActOur Services
Contract drafting and review, e.g. adapting existing supplier and cooperation agreements
Compliance check, i.e. analysis and, where necessary, adjustment of existing usage models and processes
Representation in disputes, e.g. support in negotiations with contractual partners
Interdisciplinary challenges, i.e. assessment of possible interactions with other regulations
Strategic advice, e.g. on new business models that make use of data
Online Seminar
(in German language)
Ready for the Data Act!
- • Duration: 3h
- • Price: €499 plus VAT per person
- • Introduction to the key provisions of the Data Act
- • Best practices for compliance strategies
Why a Data Act Check Is Worthwhile
Our lawyers review whether your company is well prepared for the EU Data Act. Together, we find pragmatic solutions and advise you on your processes.
- Legally compliant actions
- Legally required data disclosure while protecting business interests
- Gain of trust through a clear approach
- Prepared for potential audits by supervisory authorities
- Risk of claims for damages
- Risk of disclosing trade secrets during data disclosure
- Potential reputational damage in case of conflicts
- Risk of fines during audits by supervisory authorities
Our Team
The Data Act affects many different areas. Therefore, our team handling Data Act matters is interdisciplinary, ranging from specialized lawyers to data protection experts. We are happy to forward your individual inquiry to the most suitable person!
MärtinLawyer I Equity Partner
Klufmöller LL.M.Lawyer I Counsel
Specialist lawyer for copyright and media law
Specialist lawyer for intellectual property law
Schimkat LL.M. Manager