--- title: "EU Data Act Enforcement And Competent Authorities FAQ" canonical_url: "https://www.sorena.io/artifacts/eu/data-act/faq/enforcement-and-competent-authorities" source_url: "https://www.sorena.io/artifacts/eu/data-act/faq/enforcement-and-competent-authorities" author: "Sorena AI" description: "FAQ on who enforces the EU Data Act, how complaints work, how Member States set penalties, when dispute settlement can be used, and when GDPR authorities remain responsible." published_at: "2026-05-06" updated_at: "2026-05-06" keywords: - "EU Data Act" - "Regulation (EU) 2023/2854" - "competent authorities" - "data coordinator" - "complaints" - "penalties" - "dispute settlement" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # EU Data Act Enforcement And Competent Authorities FAQ FAQ on who enforces the EU Data Act, how complaints work, how Member States set penalties, when dispute settlement can be used, and when GDPR authorities remain responsible. *FAQ* *EU* *Data Act* ## EU Data Act Enforcement And Competent Authorities FAQ Who enforces the Data Act, where complaints go, and how penalties and dispute settlement fit together. Use this FAQ to separate Member State enforcement, data coordinator routing, certified dispute settlement, and GDPR supervisory-authority responsibilities. The Data Act enforcement model is national first: each Member State designates one or more competent authorities, and a data coordinator is needed where more than one authority is designated. This FAQ explains the practical routing rules without inventing national authority lists or penalty amounts that must come from Member State measures. ## Which national authorities are responsible for enforcing the EU Data Act in each Member State? Each Member State must designate one or more competent authorities for Data Act application and enforcement. A Member State can create a new authority or rely on an existing public body, so companies should not assume that the same office is responsible in every country. If a Member State designates more than one competent authority, it must designate a data coordinator from among them. The data coordinator is the national single point of contact for Data Act application questions and helps route people and businesses to the appropriate competent authority. - Use the Commission public register to check the current authority list before sending a complaint or request. - For cross-border issues, the data coordinator helps identify the right authority in the Member State concerned. - Do not guess sector-specific responsibility where another authority may have competence under Article 37. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 37 sets out competent authorities, data coordinators, cooperation duties, and the public register. - [European Commission - Data Act explained](https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained?ref=sorena.io) - The Commission explains that the data coordinator is the national single point of contact when several authorities are designated. ## How can a person or company lodge a complaint about an EU Data Act infringement? Natural and legal persons can lodge a complaint, individually or collectively where relevant, with the relevant competent authority if they consider that their Data Act rights have been infringed. The correct Member State is tied to the complainant's habitual residence, place of work, or establishment. The data coordinator must, on request, provide the information needed to lodge the complaint with the appropriate competent authority. After a complaint is lodged, the competent authority must inform the complainant of the progress and the decision in accordance with national law. - Collect the contract, request history, dates, and the exact Data Act issue before filing. - If you are unsure which authority is responsible, start with the data coordinator. - Complaints can be made without giving up the right to go to court. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 38 gives the complaint right and explains the Member State link and data coordinator support. - [European Commission - Data Act FAQ](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - The Commission FAQ says the data coordinator can help stakeholders with complaints and routing. ## Are penalties for EU Data Act infringements harmonised across all EU Member States? No single EU penalty table is set in the Data Act. Member States set the rules on penalties for Data Act infringements and must make sure the penalties are effective, proportionate, and dissuasive. The Data Act lists criteria for penalties, including the nature, gravity, scale, and duration of the infringement, mitigation or remediation, previous infringements, financial benefits gained or losses avoided, other aggravating or mitigating factors, and the infringing party's EU annual turnover in the preceding financial year. - Do not cite a euro amount, percentage cap, or national maximum unless it comes from the relevant Member State penalty measure. - Track national penalty rules separately from the Data Act text because Member States can update their measures. - For GDPR-related Data Act infringements within a data protection authority's competence, check the separate GDPR fine route. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 40 says Member States set Data Act penalty rules and lists non-exhaustive penalty criteria. - [European Commission - Data Act FAQ](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - The Commission FAQ confirms that penalties are set by Member States, with EDIB coordination for consistency. ## When can EU Data Act dispute settlement be used instead of a competent-authority complaint? Under the Data Act, certified dispute settlement bodies are a voluntary route. Users, data holders, and data recipients can use them for disputes about the Chapter II handbrakes, FRAND terms, Chapter III compensation, and Chapter VI data processing services. A dispute settlement body decision binds the parties only if they explicitly consented to its binding nature before proceedings began. The route does not remove the right to seek an effective remedy before a Member State court or tribunal. - Use dispute settlement when both parties want a faster, lower-cost route and the dispute falls within Article 10. - Do not use it for a dispute already before another dispute settlement body or a court or tribunal. - A complaint to the competent authority is still available where the Data Act gives that route. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 10 covers dispute settlement scope, timing, refusal rules, binding effect, and court-preservation rules. - [European Commission - Data Act explained](https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained?ref=sorena.io) - The Commission explains dispute settlement as a practical route for parties that cannot agree on FRAND terms. ## Where is the boundary between Data Act competent authorities and GDPR supervisory authorities? Data Act competent authorities do not replace GDPR supervisory authorities. Under Article 37, the authorities responsible for monitoring the GDPR are responsible for monitoring the Data Act insofar as protection of personal data is concerned. That boundary matters when a Data Act access, sharing, or complaint file involves personal data. The GDPR authority remains responsible for checking whether the data are personal, whether a valid GDPR legal basis exists, and how the personal-data rules apply in the case. - Route personal-data protection questions to the GDPR supervisory authority path. - Keep the Data Act and GDPR records aligned so the same facts are described consistently. - For mixed datasets, record the personal-data assessment and the legal basis analysis. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 37(3) preserves GDPR supervisory authority responsibility where Data Act application concerns personal-data protection. - [European Commission - Data Act FAQ](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - The Commission FAQ says the DPAs monitor Data Act matters within their personal-data protection competence. ## What evidence should a Data Act enforcement file contain to support a complaint or inquiry? A useful enforcement file should be narrow and factual. It should show which Data Act right or obligation is involved, which Member State authority path is relevant, whether a data coordinator should route the issue, whether dispute settlement is available, and whether GDPR or sectoral authorities have separate competence. For complaints, refusals, penalties, or authority inquiries, keep enough evidence to reconstruct the issue without relying on chat history or unsupported assumptions. - Keep the exact legal issue, the date, the actor involved, and the request or decision that triggered the file. - Record the authority contacted, including the data coordinator if used. - Attach the cited Data Act source, any Commission guidance used, and the current version of the national penalty rule if relevant. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Articles 37 to 40 support authority routing, complaints, cooperation, and penalty evidence. - [European Commission - Data Act explained](https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained?ref=sorena.io) - The Commission explains the role of the public register, the data coordinator, and the EDIB in enforcement. ## What Data Act source evidence should teams keep for an enforcement decision? For Data Act enforcement and competent authorities, teams should keep the source clause, any Commission guidance used, the actor role, the Member State route, and the reviewer who approved the interpretation. Keep the cited external URL, decision date, unresolved assumptions, and implementation record together so the answer stays auditable. - Store the exact Article 37 to 40 citation used for the decision. - Keep the Commission explainer or FAQ reference that supports the routing choice. - Record the owner, the workflow affected, and the review trigger for future re-checks. ## How should teams assign ownership for EU Data Act enforcement and complaint-handling work? For Data Act enforcement, the team should name the legal, product, procurement, cloud, support, or security owner who can change the affected process. Use one accountable owner per action, then record consulted teams and evidence dependencies separately. - Assign one internal owner for each Data Act decision or complaint file. - Record which teams were consulted and which documents were checked. - Make sure the owner knows when to revisit the authority route or complaint record. ## Which Data Act implementation evidence makes the enforcement answer usable later? Under the Data Act, the most useful evidence is the set of documents and references that let a later reviewer see why the team chose a particular authority path or complaint route. That usually means the source article, the Commission explainer or FAQ, the authority register entry, and the internal approval note. - Keep source URLs and the exact date the register was checked. - Store the complaint file, authority correspondence, and any national penalty measure used. - Link the evidence to the owner who approved the interpretation. ## When should the EU Data Act enforcement and competent-authority answer be reviewed again? Under the Data Act, review the answer when the product, service model, customer base, authority structure, or national penalty rule changes. Also review it when the Commission updates its guidance or when a new Member State authority or data coordinator appears in the public register. - Recheck the public register after any change in national enforcement arrangements. - Revisit the answer after a relevant Commission FAQ or explainer update. - Update the file if the issue starts to involve GDPR supervision or dispute settlement instead of complaint handling. ## What should teams avoid when applying the Data Act enforcement answer? Do not treat the Data Act enforcement answer as a generic checklist without checking the actual authority, route, and legal basis. Avoid reusing an old authority list, assuming a single EU-wide penalty scale, or copying notes that are not supported by the Data Act or Commission guidance. - Do not guess the competent authority or data coordinator. - Do not quote penalty amounts unless they come from the applicable Member State rule. - Do not ignore the GDPR boundary when personal data are involved. ## How do EU Data Act competent authorities cooperate across borders and with the European Data Innovation Board? Under the Data Act, competent authorities must cooperate with each other and with authorities in other Member States, sharing relevant information so a cross-border issue does not fall between national gaps. The European Data Innovation Board supports consistency, including coordinating on the approach to penalties so they remain comparable across the Union. For a complainant, this means a matter involving providers or users in several Member States can be coordinated rather than duplicated, and the data coordinator helps route the issue to the authority with competence. - Expect competent authorities to cooperate and exchange information on cross-border Data Act matters. - Use the data coordinator to route a multi-Member-State issue to the right authority. ## Primary sources - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Binding Data Act text for competent authorities, data coordinators, complaint rights, judicial remedies, penalties, GDPR supervisory-authority boundaries, dispute settlement, and EDIB coordination. - [European Commission - Data Act explained](https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained?ref=sorena.io) - Commission explainer for the practical role of data coordinators, the Commission public register, EDIB penalty coordination, and certified dispute settlement bodies. - [European Commission - Data Act FAQ](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Commission FAQ used for practical explanations of enforcement bodies, complaint routing, penalties, DPAs, EDIB support, and dispute settlement limits. ## Topic Guides - [Data Act and Common European Data Spaces](/artifacts/eu/data-act/data-act-and-common-european-data-spaces.md): How Data Act Article 33 connects data-space participation with metadata, vocabularies, APIs, access terms, data quality, governance, and standards monitoring. - [Data Act and Data Governance Act Overlap FAQ](/artifacts/eu/data-act/faq/data-governance-act-overlap.md): FAQ explaining where the EU Data Act and Data Governance Act overlap, how they differ, and how to route product, cloud, public-sector reuse, intermediary, and data altruism workflows. - [Data Act and GDPR Personal Data Overlap FAQ](/artifacts/eu/data-act/faq/gdpr-personal-data-overlap.md): FAQ on how the EU Data Act works when connected-product or related-service data includes personal data, mixed datasets, GDPR roles, lawful basis, trade secrets, and third-party sharing. - [Data Act Audit Evidence And Request Logs FAQ](/artifacts/eu/data-act/faq/audit-evidence-and-request-logs.md): FAQ for Data Act request logs covering user and third-party access, B2G exceptional need requests, cloud switching records, contract terms, trade secrets, and GDPR boundaries. - [Data Act B2B Data-Sharing Contract Clauses](/artifacts/eu/data-act/b2b-data-sharing-contract-clauses.md): Clause guide for EU Data Act B2B data sharing: FRAND terms, compensation, trade secret safeguards, recipient limits, termination, logs, and GDPR boundaries. - [Data Act B2B Data-Sharing Contract Template](/artifacts/eu/data-act/b2b-data-sharing-contract-template.md): A usable EU Data Act B2B data-sharing template outline covering access requests, data schedules, permitted use, trade secrets, security, compensation, GDPR boundaries, audit records, and termination. - [Data Act B2G Exceptional-Need Requests](/artifacts/eu/data-act/b2g-exceptional-need-requests.md): A grounded guide to EU Data Act Chapter V requests from public bodies: exceptional need, public emergencies, request contents, limits, safeguards, costs, and records. - [Data Act Cloud Switching Compliance Checklist](/artifacts/eu/data-act/cloud-switching-compliance-checklist.md): A grounded EU Data Act checklist for cloud and data processing service providers covering switching clauses, notices, export formats, charges, interoperability, and evidence. - [Data Act Cloud Switching Contract Terms FAQ](/artifacts/eu/data-act/faq/cloud-switching-contract-terms.md): FAQ on EU Data Act cloud switching contract terms: Article 25 clauses, assistance, notice, transition, charges, export, termination, interoperability, and records. - [Data Act Cloud Switching Fees And Deadlines FAQ](/artifacts/eu/data-act/faq/cloud-switching-fees-and-deadlines.md): FAQ on EU Data Act cloud switching charges, 2027 fee removal, notice periods, transition windows, data retrieval, contract terms, and evidence records. - [Data Act Complaints and Dispute Settlement FAQ](/artifacts/eu/data-act/faq/complaints-and-dispute-settlement.md): FAQ on EU Data Act complaints, competent authorities, dispute settlement bodies, B2B data-sharing disputes, B2G requests, cloud switching disputes, and evidence records. - [Data Act Exportable Data and Metadata FAQ](/artifacts/eu/data-act/faq/exportable-data-and-metadata.md): FAQ explaining which product, related service, metadata, and cloud switching data must be exportable under the EU Data Act, and which data can be excluded. - [Data Act FAQ for Aftermarket Repair and Mobility Services](/artifacts/eu/data-act/faq/aftermarket-repair-and-mobility-services.md): FAQ on EU Data Act vehicle-data access for repairers, independent service providers, fleets, insurers, and mobility services. - [Data Act Functional Equivalence FAQ](/artifacts/eu/data-act/faq/functional-equivalence.md): FAQ on Data Act functional equivalence for cloud switching: IaaS scope, customer outcomes, export support, interoperability duties, limits, and evidence. - [Data Act Indirect Access Request Flows FAQ](/artifacts/eu/data-act/faq/indirect-access-request-flows.md): FAQ for Data Act teams handling user and third-party data requests when direct connected-product access is unavailable, incomplete, or limited. - [Data Act International Government Access FAQ](/artifacts/eu/data-act/faq/international-government-access.md): FAQ on EU Data Act safeguards for non-EU government access to non-personal data held in the Union by data processing service providers. - [Data Act Interoperability Standards FAQ](/artifacts/eu/data-act/faq/interoperability-standards.md): FAQ on EU Data Act interoperability standards for data spaces, cloud switching, smart contracts, harmonised standards, common specifications, and M/614. - [Data Act Model Contractual Terms FAQ](/artifacts/eu/data-act/faq/model-contractual-terms.md): FAQ on the EU Data Act non-binding model contractual terms for data access and use, cloud switching clauses, B2B use, unfair terms, and evidence. - [Data Act Public Emergency Requests FAQ](/artifacts/eu/data-act/faq/public-emergency-requests.md): FAQ on EU Data Act public emergency requests: exceptional need, request content, timing, data holder response, compensation, confidentiality, and records. - [Data Act Smart Contracts for Data Sharing](/artifacts/eu/data-act/smart-contracts-for-data-sharing.md): Data Act Article 36 smart contract guide for data-sharing agreements: scope, robustness, access control, termination, interruption, archiving, standards status, and conformity evidence. - [Data Act SME Exceptions and Startups FAQ](/artifacts/eu/data-act/faq/sme-exceptions-and-startups.md): FAQ on where the EU Data Act gives micro, small, medium-sized, startup, and SME actors narrower treatment for access duties, compensation, and B2B terms. - [Data Act Trade Secret Technical Protection Measures FAQ](/artifacts/eu/data-act/faq/trade-secret-technical-protection-measures.md): FAQ on how EU Data Act data holders can protect trade secrets with confidentiality safeguards, technical measures, limited withholding, suspension, refusal, and evidence. - [Data Act Trade Secrets and Protection Measures](/artifacts/eu/data-act/trade-secrets-and-protection.md): Data Act guide for protecting trade secrets during access and sharing: classification, safeguards, refusal thresholds, notices, evidence records, and reviews. - [Data Act Unfair Contractual Terms | Article 13 B2B Contract Review](/artifacts/eu/data-act/unfair-contractual-terms.md): Review B2B data-sharing clauses under EU Data Act Article 13: unilateral terms, always unfair examples, presumed unfair terms, model clauses, evidence, and remediation. - [Data Act Vehicle Data Guidance](/artifacts/eu/data-act/vehicle-data-guidance.md): Commission-grounded guide to Data Act vehicle data access: connected vehicles, vehicle-related services, raw and pre-processed data, aftermarket use cases, access routes, safeguards, and GDPR boundaries. - [Data Act vs GDPR: connected-product data access](/artifacts/eu/data-act/data-act-vs-gdpr.md): Compare EU Data Act connected-product access duties with GDPR personal-data rules: scope, roles, lawful basis, data subject rights, third-party sharing, trade secrets, and conflicts. - [EU Data Act and Common European Data Spaces FAQ](/artifacts/eu/data-act/faq/data-act-and-common-european-data-spaces.md): FAQ on how EU Data Act interoperability duties, Data Governance Act rules, and sector data-space governance fit together without treating participation as a general obligation. - [EU Data Act Applicability Test](/artifacts/eu/data-act/applicability-test.md): Check whether a product, related service, data holder, cloud service, data-space role, smart contract, or B2G request is in scope of the EU Data Act. - [EU Data Act Application Dates And Transition FAQ](/artifacts/eu/data-act/faq/application-dates-and-transition.md): FAQ on when the EU Data Act applies, which obligations are delayed, and what product, contract, cloud, and evidence records teams should maintain. - [EU Data Act Article 3 Pre-Contract Information](/artifacts/eu/data-act/pre-contractual-information-obligations.md): What Article 3 of the EU Data Act requires before connected-product purchase, rent, lease, or related-service contracting: data categories, access, data holder identity, third-party sharing, complaints, and evidence. - [EU Data Act Article 36 Smart Contract Controls FAQ](/artifacts/eu/data-act/faq/article-36-smart-contract-controls.md): FAQ explaining when EU Data Act Article 36 applies to smart contracts for data-sharing agreements and what controls, conformity evidence, and limits it requires. - [EU Data Act B2B Data Sharing Compensation FAQ](/artifacts/eu/data-act/faq/compensation-for-b2b-data-sharing.md): FAQ on when Data Act data holders may charge B2B data recipients, what reasonable compensation can include, SME limits, unfair terms, disputes, and trade secret safeguards. - [EU Data Act B2G Compensation and Costs FAQ](/artifacts/eu/data-act/faq/b2g-compensation-and-costs.md): FAQ on when Data Act B2G exceptional-need requests are free, when fair compensation may be claimed, which costs can be included, and what records to keep. - [EU Data Act B2G Exceptional Need FAQ](/artifacts/eu/data-act/faq/b2g-exceptional-need.md): When public-sector bodies can request business-held data under the EU Data Act, what a valid request must contain, and how data holders handle limits, trade secrets, compensation, and evidence. - [EU Data Act Checklist for Product, Cloud, and Contract Teams](/artifacts/eu/data-act/checklist.md): A grounded EU Data Act checklist for connected-product data access, third-party sharing, B2G requests, cloud switching, unfair terms, smart contracts, personal data boundaries, evidence, and owners. - [EU Data Act Cloud Switching and Exit Plans](/artifacts/eu/data-act/cloud-switching-and-exit-plans.md): A grounded EU Data Act guide for data processing service exit plans: switching contracts, exportable data, assistance, charges, interoperability, retrieval, erasure, and records. - [EU Data Act Cloud Switching Procurement FAQ](/artifacts/eu/data-act/faq/cloud-switching-procurement-checklist.md): Procurement checklist FAQ for EU Data Act cloud switching: contract terms, exit support, exportable data, switching charges, interoperability, termination, and supplier evidence. - [EU Data Act Compliance Program](/artifacts/eu/data-act/compliance.md): Build a Data Act compliance program for connected-product data access, contracts, B2G requests, cloud switching, smart contracts, GDPR boundaries, records, and ownership. - [EU Data Act Connected Product Scope and Data Types](/artifacts/eu/data-act/scope-connected-products-and-data-types.md): Classify EU Data Act connected products, related services, product data, related-service data, readily available data, metadata, and excluded derived outputs. - [EU Data Act Connected Product Scope FAQ](/artifacts/eu/data-act/faq/scope-connected-products.md): FAQ explaining when connected products, related services, generated data, EU market placement, and SME exceptions fall within EU Data Act scope. - [EU Data Act Data Processing Service Switching](/artifacts/eu/data-act/data-processing-services-switching.md): A grounded EU Data Act guide for provider and customer switching duties: exit assistance, exportable data, contract clauses, charges, interoperability, retrieval, and erasure. - [EU Data Act data spaces interoperability FAQ](/artifacts/eu/data-act/faq/data-spaces-interoperability.md): FAQ explaining Article 33 Data Act interoperability requirements for data-space participants, common European data spaces, standards, APIs, metadata, and architecture evidence. - [EU Data Act deadlines and compliance calendar](/artifacts/eu/data-act/deadlines-and-compliance-calendar.md): A source-linked calendar for EU Data Act application dates, product design timing, contract remediation, cloud switching charges, response periods, standards work, and evidence records. - [EU Data Act Direct Access by Design FAQ](/artifacts/eu/data-act/faq/direct-access-by-design.md): FAQ for product and legal teams designing user access to connected-product and related-service data under the EU Data Act. - [EU Data Act FAQ: scope, access rights, B2G, cloud switching, GDPR, and dates](/artifacts/eu/data-act/faq.md): Grounded EU Data Act FAQ index covering connected-product data access, third-party sharing, B2G exceptional need, cloud switching, smart contracts, GDPR boundaries, unfair terms, trade secrets, and application dates. - [EU Data Act Non-Emergency Public-Sector Requests FAQ](/artifacts/eu/data-act/faq/non-emergency-public-sector-requests.md): FAQ on EU Data Act requests where a public body claims exceptional need outside a public emergency, including scope, request contents, limits, compensation, confidentiality, and evidence. - [EU Data Act Non-Personal Data and Mixed Datasets FAQ](/artifacts/eu/data-act/faq/non-personal-data-and-mixed-datasets.md): FAQ on how the EU Data Act treats non-personal data, mixed datasets, GDPR precedence, user and third-party access, trade-secret limits, and evidence records. - [EU Data Act Penalties and Enforcement](/artifacts/eu/data-act/penalties-and-fines.md): Grounded guide to Data Act penalties under Article 40, Member State enforcement, penalty factors, complaints, judicial remedies, and the GDPR enforcement boundary. - [EU Data Act Pre-Contractual Information FAQ](/artifacts/eu/data-act/faq/pre-contractual-information.md): FAQ on EU Data Act Article 3 pre-contract information for connected products and related services, including data categories, access methods, data holder identity, third-party sharing, and GDPR boundaries. - [EU Data Act Product Data vs Related Service Data FAQ](/artifacts/eu/data-act/faq/product-data-and-service-data.md): FAQ explaining how the EU Data Act separates connected product data, related service data, readily available raw and pre-processed data, metadata, and inferred or derived outputs. - [EU Data Act Readily Available Data FAQ](/artifacts/eu/data-act/faq/readily-available-data.md): FAQ on what counts as readily available data under the EU Data Act, including product data, related service data, metadata, inferred data, and access mechanics. - [EU Data Act Related Services FAQ](/artifacts/eu/data-act/faq/related-services.md): FAQ explaining when software is a Data Act related service, how it links to connected products, which product and service data are in scope, and what exclusions apply. - [EU Data Act requirements](/artifacts/eu/data-act/requirements.md): Source-grounded EU Data Act requirements for connected-product data access, B2B sharing terms, B2G exceptional needs, cloud switching, smart contracts, interoperability, GDPR boundaries, and records. - [EU Data Act Smart Contracts for Data Sharing FAQ](/artifacts/eu/data-act/faq/smart-contracts-for-data-sharing.md): Answers on Article 36 Data Act smart-contract requirements for data sharing: scope, robustness, access control, termination, archiving, conformity assessment, contract terms, and standards status. - [EU Data Act Third-Party Data Sharing FAQ](/artifacts/eu/data-act/faq/third-party-data-sharing.md): FAQ on user-directed third-party data sharing under the EU Data Act, covering data holder duties, recipient limits, trade secrets, security, GDPR, and gatekeepers. - [EU Data Act Trade Secret Safeguards FAQ](/artifacts/eu/data-act/faq/trade-secrets-safeguards.md): FAQ on protecting trade secrets when handling EU Data Act user and third-party data access requests, including safeguards, withholding, suspension, refusal, notices, and records. - [EU Data Act Unfair Contractual Terms FAQ](/artifacts/eu/data-act/faq/unfair-contractual-terms.md): FAQ on Article 13 of the EU Data Act: B2B unfair contract terms, unilateral take-it-or-leave-it clauses, always-unfair terms, presumed-unfair terms, SMEs, model terms, and review evidence. - [EU Data Act User Access and Portability Rights](/artifacts/eu/data-act/access-rights-and-portability.md): Practical guide to EU Data Act user access, connected-product data portability, third-party sharing, trade secret safeguards, and the GDPR boundary. - [EU Data Act Users, Data Holders, and Recipients FAQ](/artifacts/eu/data-act/faq/users-data-holders-and-recipients.md): FAQ explaining Data Act users, data holders, data recipients, connected products, related services, user access, third-party limits, and GDPR boundaries. - [EU Data Act Vehicle Data Guidance FAQ](/artifacts/eu/data-act/faq/vehicle-data-guidance.md): FAQ on EU Data Act vehicle data guidance for connected vehicles, aftermarket repair, mobility services, third-party access, trade secrets, security, and GDPR boundaries. - [EU Data Act vs Data Governance Act](/artifacts/eu/data-act/data-act-vs-data-governance-act.md): Compare the EU Data Act with the Data Governance Act: connected-product access, cloud switching, B2B/B2G duties, protected public-sector reuse, intermediaries, altruism, governance, and enforcement. *Recommended next step* *Placement: after evidence section* ## Prepare a Data Act authority response file Build a compact record for complaints, refusals, dispute settlement choices, GDPR authority routing, national penalty checks, and cross-border authority correspondence. - [Open Research Copilot](/solutions/research-copilot.md): Check Data Act enforcement questions against official sources before updating an authority response file. - [Discuss Data Act enforcement](/contact.md): Review competent-authority routing, complaint evidence, GDPR overlap, and national penalty tracking for your Data Act workflows. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/data-act/faq/enforcement-and-competent-authorities