EU Data Act Cloud Switching Procurement FAQ

Start by confirming that the supplier is providing a data processing service to a customer, such as cloud or edge services using configurable, scalable computing resources. The Commission FAQ explains that the Data Act concept covers common IaaS, PaaS, and SaaS delivery models when the service has the Article 2(8) characteristics.

Then ask whether the contract removes the obstacles listed in Article 23: termination after the permitted notice and successful switch, new contracts with another provider, porting exportable data and digital assets, functional equivalence where applicable, and technically feasible unbundling.

The Data Act context is the starting point for this answer. Article 25 requires the customer's switching rights and the provider's obligations to be clearly set out in a written contract that the customer can store and reproduce before signing. Procurement should therefore reject exit language that is only in a help-center article, commercial slide, or support policy outside the contract pack.

The contract should cover at least switching or porting on request, support for the customer's exit strategy, termination mechanics, a maximum notice period, exportable data categories, provider-internal data exemptions, a retrieval period, erasure after retrieval or an agreed later date, and any permitted switching charges.

The Data Act context is the starting point for this answer. For switching or porting, Article 25 requires reasonable assistance, due care to maintain business continuity, clear information on known continuity risks, and high security during transfer and retrieval. A procurement checklist should ask for named support channels, technical documentation, migration tooling, continuity risk notices, and security controls during the switch.

Article 26 adds a separate information obligation: the provider must give switching and porting procedures, methods, formats, known restrictions, technical limitations, and a reference to an up-to-date online register for data structures, data formats, relevant standards, and open interoperability specifications.

For cloud switching procurement checklist, the Data Act record should identify the source clause, Commission guidance, affected service, decision owner, and the evidence used to approve the supplier's switching terms. Keep the contract pack, supplier redlines, export tests, fee schedule, and online-register snapshot together so the decision can be checked later.

Review the checklist again when the service architecture, supplier documentation, standards references, or renewal timetable changes. A later reviewer should be able to see what was agreed, why it was acceptable, and what would require a fresh review.

Under the Data Act, Article 29 phases out switching charges, including data egress fees, so that from 12 January 2027 providers cannot impose them, and in the interim period any charge must not exceed the costs the provider actually incurs. Procurement should ask the supplier to confirm which date its contract reflects and how any interim charge is calculated.

A buyer should reject open-ended egress pricing and require the contract to state that switching charges fall away on the statutory date, so the cost of leaving is predictable rather than a lock-in lever.

Under the Data Act, exportable data covers the data the customer generated or imported and the digital assets it is entitled to, but it excludes assets protected by third-party intellectual property rights or that would reveal the provider's own trade secrets. Procurement should ask the supplier to define the boundary in the contract rather than discovering it during a migration.

The checklist should confirm the formats, the metadata included, and the configuration or schema material needed to make the export usable on the destination service, not just a raw dump that the customer cannot rebuild from.

Under the Data Act, functional equivalence applies to switching between services of the same service type, mainly IaaS, where the destination should deliver a materially comparable outcome after the customer has reconfigured the service. For PaaS and SaaS the obligation is the lighter duty to export the data and digital assets in a structured, commonly used, machine-readable format.

Procurement should establish which obligation applies to the service being bought, because expecting functional equivalence from a SaaS provider, or accepting only a raw export from an IaaS provider, both misread the Regulation.

Under the Data Act, the contract should give the customer a minimum 30-day retrieval period to recover its exportable data after the switch is initiated, after which the provider erases the data unless a longer period is agreed or another legal duty applies. Procurement should make sure the retrieval window and the erasure trigger are both explicit.

A buyer should also confirm how erasure is evidenced, so it can show that the data left the old provider once the migration and any agreed retention period ended.

Under the Data Act, Article 30 expects providers of the same service type to support interoperability through open interoperability specifications and harmonised standards listed in a central repository, and Article 26 requires the provider to reference an up-to-date register of data structures, formats, and standards. Procurement should ask which standards the export actually uses.

The checklist should confirm that the supplier's stated formats and interfaces map to those open specifications, so the destination provider can ingest the data without a bespoke, supplier-controlled conversion.

Under the Data Act, custom-built services not offered at broad commercial scale and services supplied as a non-production test version are treated differently, and providers may claim that some Chapter VI duties do not apply. Procurement should require the supplier to state the exemption it relies on and the factual basis, rather than accepting a bare assertion.

A buyer should treat an exemption claim as a risk to price and document, because a service that genuinely sits outside the switching rules offers far weaker exit protection than a standard data processing service.

Under the Data Act, switching should be technically feasible and the provider should support a managed transition, which in practice means a buyer can run the old and new services in parallel for a period and unbundle interdependent services where feasible. Procurement should ask how the supplier supports a phased cutover rather than a single hard switch.

The checklist should confirm the assistance, documentation, and continuity measures available during the overlap, so the migration does not force an all-or-nothing move that risks business continuity.

Under the Data Act, the core cloud-switching obligations apply from 12 September 2025, and switching charges must be removed by 12 January 2027, so procurement should track which obligations a contract already meets and which depend on a future date. A renewal or new signature is the moment to align the contract with the applicable date.

The team should also set event triggers, such as a change of service architecture or supplier documentation, so the contract is re-checked when the underlying service or the applicable obligation changes.