EU Data Act Complaints and Dispute Settlement FAQ

Natural and legal persons can lodge a Data Act complaint with the relevant competent authority if they consider that their rights under the Regulation have been infringed. The complaint can be individual or, where relevant, collective.

The complaint may be lodged with the competent authority in the Member State of the person's habitual residence, place of work, or establishment. If the right authority is unclear, the data coordinator must provide the information needed to lodge the complaint with the appropriate competent authority.

Competent authorities must handle complaints about alleged Data Act infringements, investigate the subject matter to the extent appropriate, and keep complainants informed of progress and outcome in accordance with national law. They also cooperate with other competent authorities, the Commission, the EDIB, data protection authorities, sectoral authorities, and electronic-communications authorities where the issue crosses regimes.

For an internal playbook, avoid promising a fixed national procedure unless the specific Member State source confirms it. The Data Act itself supports a practical intake record: complaint, alleged infringement, authority route, investigation status, cooperation needs, outcome, and any corrective action.

A certified dispute settlement body can be used for specified Data Act disputes between users, data holders, data recipients, customers, and providers of data processing services. The route covers disputes under Articles 4 and 5, disputes about fair, reasonable, non-discriminatory and transparent terms for making data available under Chapter III and Chapter IV, and disputes between cloud or other data-processing-service customers and providers about Articles 23 to 31.

This is not a mandatory first step. The Commission FAQ explains that recourse to a dispute settlement body is voluntary and requires agreement by both parties. The Data Act also preserves access to courts.

The Data Act context is the starting point for this answer. A dispute settlement body decision is binding only if the parties explicitly consent to its binding nature before the proceeding starts. The body must give the parties a chance to express their views, share the other side's submissions and expert statements, and allow comments on those materials.

The body must adopt its decision within 90 days of receiving a covered request. The decision must be in writing or on a durable medium and supported by reasons. Fees or fee-calculation mechanisms must be known before the parties request a decision.

The Data Act uses parallel routes. A person can complain to a competent authority without losing other administrative or judicial remedies. Affected natural and legal persons also have a right to an effective judicial remedy against legally binding competent-authority decisions.

If a competent authority fails to act on a complaint, affected persons must have, in accordance with national law, either an effective judicial remedy or access to review by an impartial body with appropriate expertise. Proceedings are brought before the courts or tribunals of the Member State of the competent authority against which the judicial remedy is sought.

For mandatory B2B data sharing, Data Act disputes often concern whether terms for making data available are fair, reasonable, non-discriminatory, and transparent. The dispute file should show the legal obligation to make data available, the data requested, compensation basis, technical conditions, transparency information, and the counterparty category used for non-discrimination analysis.

For unfair contractual terms, focus on the specific term concerning access to and use of data, or liability and remedies for data-related obligations. The Commission FAQ states that, if a party disputes the unfairness assessment and does not withdraw the term, the matter can be brought to a competent authority, courts, or a dispute settlement body if the other party agrees.

For business-to-government requests, the complaint or objection record should focus on whether the Chapter V request is specific, transparent, proportionate, tied to an exceptional need, and limited to the data and duration required for the public-interest task. The Data Act also gives competent authorities the task of examining Chapter V requests.

Do not add unsupported national enforcement details. If a public-sector request is challenged, keep the request, legal basis, exceptional-need explanation, requested data categories, purpose, duration, confidentiality measures, personal-data analysis, response, and any competent-authority or court route.

The Data Act context is the starting point for this answer. Customers and providers of data processing services can use certified dispute settlement bodies for disputes about breaches of customer rights and provider obligations under Articles 23 to 31. These include switching, porting, contractual transparency, assistance, service continuity, exportable data, switching charges, and technical aspects of switching.

Competent authorities responsible for Articles 23 to 31 and Articles 34 and 35 must have experience in data and electronic communications services. They also cooperate to enforce those provisions consistently with other Union law and self-regulation applicable to providers of data processing services.

A useful evidence file lets a reviewer identify the Data Act role, route, legal issue, disputed data or service, affected counterparty, chronology, source basis, decision maker, and outcome without reconstructing the matter from informal messages.

Keep facts separate from legal conclusions. The same complaint may involve a competent authority, a data coordinator, a certified dispute settlement body, GDPR supervisory authority involvement, sectoral authority coordination, or a court remedy.

For complaints and dispute settlement, teams should keep the exact Data Act article or Commission guidance that supports the answer, plus the issue type, the affected workflow, and the date the decision was made.

The most useful evidence is a source URL, a short rationale for why the provision applies, and a linked implementation record showing who reviewed the question and what follow-up action was assigned.

Ownership of the Data Act question should sit with the team that can actually change the process: legal for the interpretation, product or engineering for technical access, procurement for vendor terms, support for intake routing, and cloud operations for switching or portability issues.

One owner should be named for each action item, with consulted teams and evidence dependencies listed separately so a later reviewer can see who approved the position and who has to execute it.

Data Act evidence is usable later when a reviewer can tell what decision was made, why it was made, and what concrete record supports it. That means the file should show the applicable article, the affected data or service, the route chosen, and the follow-up action.

Useful evidence is specific: source URLs, contract clauses, complaint records, dispute settlement forms, authority correspondence, switching logs, and implementation notes that show the decision can be recreated without guessing.