Think You’re Not Affected by the EU Data Act? Think Again.

‍

September 2025 is approaching faster than it seems. If your business isn’t ready for the EU Data Act, the risks include fines, legal challenges, and potential disruptions to everyday operations. This isn’t simply a new compliance requirement - it marks a significant change that will influence which businesses adapt successfully and which may struggle in the evolving data economy.

The EU Data Act (Regulation (EU) 2023/2854) is a new law that gives people and businesses more control over the data that connected devices (like smart fridges, cars, or factory machines) create. It’s part of the EU’s plan to make the data economy fairer and more open.

‍

‍

What is a Connected Device?

EU Data Act: “Connected product’ means an item that obtains, generates or collects data concerning its use or environment and that is able to communicate product data via an electronic communications service, physical connection or ondevice access, and whose primary function is not the storing, processing or transmission of data on behalf of any party other than the user.

‍

In simpler terms:  

• It’s a physical device that either collects or generates data about its usage or its surroundings.  

• That data must be communicable: via WiFi, Bluetooth, a cable, or even through on-device access.  

• Importantly, the product’s primary purpose is not just data storage/processing/transmission for others - unless it's the user themselves.

‍

‍

Examples - Connected Products & Related Services

‍

‍

‍Consumer Products:

• Smart TVs

• Smart fridges, washing machines, ovens

• Wearable fitness trackers or smartwatches

• Smart thermostats or lighting systems

• Robot vacuum cleaners

‍

Automotive & Mobility:

• Connected cars (with onboard telematics, GPS, engine diagnostics)

• Electric vehicle chargers

‍

Industrial & Professional Equipment:

• Agricultural machinery with soil sensors

• Manufacturing robots or smart factory tools

• Smart medical devices (e.g. digital glucose monitors)

‍

Related Services :

These are the software and digital platforms needed to operate or interact with the connected product, such as:

• Mobile apps that control your device

• Cloud dashboards for remote monitoring

• Predictive maintenance platforms

‍

‍

What Triggered the EU Data Act?

Until now, device manufacturers often controlled all the data a product created - even if you bought it. That limited innovation and locked users into certain brands or services. The Data Act changes that by saying:

“Upon request by a user, or by a party acting on behalf of a user, the data holder shall make available readily available data, as well as the relevant metadata necessary to interpret and use those data, to a third party without undue delay”

‍Example: Imagine you own a smart tractor that collects data on soil quality and fuel use. Without the Data Act, the tractor’s manufacturer could keep all that data to themselves, forcing you to rely only on their services or upgrades.

With the Data Act, you can access that data and even share it with another company - maybe one that offers better analytics or cheaper maintenance.

‍

‍

5 Key Features of the EU Data Act

1. Gives you access to your device data

‍

If you own or use a connected product - like a smart car, home appliance, or industrial machine - you have the right to access the data it produces during regular use.
This includes information like usage patterns, performance stats, error logs, or energy consumption.

• And you can get this data for free, unless there are special handling costs (like retrieving archived data).

‍

2. Lets you share that data with others

‍

You can choose to share your device data with another company or service provider - not just the original manufacturer. For example: Send your
smart car data to an independent garage for diagnostics and maintenance or share your smart home energy data with a third-party app that helps reduce electricity bills

• This opens up more choices, better prices, and new services, without being locked into one brand.

‍

3. Prevents unfair contracts

‍

The law bans abusive contract terms, especially those imposed by powerful companies on smaller businesses or consumers.
Examples of unfair terms: A contract that says, “You must give us all your data for free, and you can’t share it.”

• Contracts involving data access must now be balanced, transparent, and negotiable, particularly to protect SMEs and startups.

‍

4. Makes it easier to switch cloud providers

‍

If your company uses cloud or edge computing services, the Data Act ensures you can move your data and apps to another provider more easily and affordably.

• It gives businesses the freedom to choose better or cheaper services, without losing access to their own data.

‍

5. Allows public access in emergencies

‍

In special cases - like natural disasters, pandemics, or energy shortages - public authorities may request access to private-sector data that could help manage the crisis.

‍
Example: During a heatwave, authorities could request real-time data from smart thermostats to manage power grid usage. But this can only happen under strict rules, with limited scope and safeguards to prevent misuse.

‍

‍

When does it apply?

• Most rules (like user access to data) start on 12 September 2025.

• Design rules for new connected products (to make data more accessible) start on 12 September 2026.

‍

Who is affected?

• Manufacturers of connected products and related services

• Cloud service providers

• Businesses and consumers who use connected devices

• Public sector bodies (in specific situations)

‍

‍

The Clock is Ticking – Are You Ready ?

‍

‍

Here's the uncomfortable truth: Most businesses are still underestimating how disruptive the EU Data Act will be. This isn’t just about user rights - it reshapes how data is accessed, shared, and built into business models.  

‍

• For manufacturers: Products that don’t provide users with direct access to their data could quickly fall out of compliance. Updating designs, contracts, and data-sharing processes takes significant lead time.

• For cloud and infrastructure providers: You’ll need to support contract portability, fair exit terms, and technically smooth data migration. Some providers are already preparing - those who wait risk losing customers who demand flexibility.

• For companies relying on connected devices: Operational data strategies may need a rethink. Data once locked inside a product or service will have to be shareable by default.

‍

The reality: those who prepare now can position themselves ahead of competitors and customers’ expectations. Those who delay will likely be forced into reactive fixes under regulatory pressure.

‍

‍

Need help making sense of the EU Data Act?

Missing the deadline could mean fines, legal headaches, and loss of customer trust. Meanwhile, competitors who prepare early will be ready to unlock new opportunities and stronger relationships.

The good news: there’s still time to get ahead- if you start now.  

Contact us for personalized consultation on EU Data Act compliance and strategy.

‍

‍