--- title: "EU Data Act Smart Contracts for Data Sharing FAQ" canonical_url: "https://www.sorena.io/artifacts/eu/data-act/faq/smart-contracts-for-data-sharing" source_url: "https://www.sorena.io/artifacts/eu/data-act/faq/smart-contracts-for-data-sharing" author: "Sorena AI" description: "Answers on Article 36 Data Act smart-contract requirements for data sharing: scope, robustness, access control, termination, archiving, conformity assessment, contract terms, and standards status." published_at: "2026-05-06" updated_at: "2026-05-06" keywords: - "EU Data Act Article 36" - "smart contracts for data sharing" - "data sharing agreements" - "conformity assessment" - "EU declaration of conformity" - "EU Data Act" - "Regulation (EU) 2023/2854" - "Article 36" - "Smart contracts" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # EU Data Act Smart Contracts for Data Sharing FAQ Answers on Article 36 Data Act smart-contract requirements for data sharing: scope, robustness, access control, termination, archiving, conformity assessment, contract terms, and standards status. *FAQ* *EU* *Data Act* ## EU Data Act Smart Contracts for Data Sharing FAQ Article 36 applies to smart contracts used to execute data sharing agreements, not to every automated workflow that touches data. Use this FAQ to identify who must act, what the essential requirements cover, how smart-contract controls relate to the underlying agreement, and where standards or common specifications may affect conformity. Article 36 of Regulation (EU) 2023/2854 sets essential requirements for smart contracts used to execute agreements, or parts of agreements, to make data available. The focus is the smart-contract program and its deployment for data sharing: robustness, access control, safe stop functions, audit-preserving archiving, consistency with the agreement, conformity assessment, and an EU declaration of conformity. ## When does Article 36 of the EU Data Act apply to smart contracts for data sharing? The Data Act context is the starting point for this answer. Article 36 applies when a vendor of an application using smart contracts, or another professional deployer acting for others, uses a smart contract in the context of executing an agreement or part of an agreement to make data available. That scope is narrower than the phrase "smart contract" is often used in product teams. A pricing rule, API permission check, workflow automation, or internal data job should not be labelled Article 36 work unless it is the smart-contract mechanism executing data-sharing agreement logic for making data available. - Check whether the code executes a data sharing agreement or part of one. - Identify the vendor of the smart-contract application or, if there is no vendor, the professional deployer acting for others. - Keep internal-only smart-contract development separate unless it is deployed for others in the Article 36 fact pattern. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36 defines the actors and the data-sharing agreement context for the smart-contract essential requirements. ## What are the Article 36 essential requirements for Data Act smart contracts? The Data Act context is the starting point for this answer. Article 36 lists five requirements. The smart contract must support robustness and access control, safe termination and interruption, data archiving and continuity, access control at governance and smart-contract layers, and consistency with the terms of the data sharing agreement it executes. A practical control file should translate those requirements into testable evidence: security review results, manipulation-resistance tests, privileged-action controls, stop or reset procedures, archived transaction records, archived logic and code, and a comparison between coded behavior and the signed data sharing terms. - Robustness: test for functional errors and resistance to third-party manipulation. - Termination and interruption: prove the contract can be stopped, reset, or interrupted to prevent accidental future executions. - Archiving and continuity: preserve transactional data, logic, and code when the contract is terminated or deactivated. - Access control: protect both governance actions and smart-contract-layer functions. - Consistency: compare the deployed logic with the terms of the data sharing agreement. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36(1) is the binding list of smart-contract essential requirements. ## Who must perform the conformity assessment and issue the EU declaration of conformity under the Data Act? The Data Act context is the starting point for this answer. The vendor of the smart contract, or in the absence of a vendor the professional deployer acting for others, must perform a conformity assessment against the Article 36 requirements. Once the requirements are fulfilled, that actor must issue an EU declaration of conformity. The declaration is not a shortcut around engineering evidence. By drawing it up, the vendor or professional deployer takes responsibility for compliance with the Article 36 essential requirements, so the declaration should be backed by versioned deployment records, tests, access-control evidence, stop-function evidence, archive evidence, and agreement-consistency review. - Name the vendor or professional deployer responsible for Article 36. - Attach the conformity assessment to a specific smart-contract version and deployment context. - Keep the EU declaration of conformity tied to the evidence package that supports it. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36(2) and 36(3) assign the conformity assessment, declaration, and responsibility for compliance. ## Does the Data Act make smart-contract code the legal agreement for Smart Contracts For Data Sharing implementation evidence? No. The Commission FAQ states that Article 36 does not affect national contract law and that the Data Act regulates the computer programs used to execute agreements, not the agreements as such. Teams should therefore maintain two linked records: the data sharing agreement that sets the parties' rights and obligations, and the smart-contract evidence showing that the automated execution is robust, controllable, auditable, and consistent with those terms. Do not claim that compliant code alone creates, replaces, validates, or overrides the contract. - Keep the signed data sharing agreement as the legal source for the parties' terms. - Use Article 36 evidence to show how the smart contract executes those terms. - Escalate mismatches between the agreement and deployed logic before relying on automation. Sources for this answer: - [European Commission Data Act FAQs](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - The Commission FAQ answers that Article 36 essential requirements do not affect national contract law. - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36 requires consistency with the terms of the data sharing agreement executed by the smart contract. ## How should Article 36 robustness and access control be implemented in practice under the Data Act? The Data Act context is the starting point for this answer. Robustness should be treated as both reliability and abuse-resistance. Before deployment, the team should test error handling, boundary conditions, manipulation attempts, dependency failures, and upgrade or migration paths that could change execution outcomes. Access control needs coverage at two levels. Governance-layer controls should restrict who can deploy, pause, upgrade, terminate, or change parameters. Smart-contract-layer controls should restrict who can trigger functions, submit data, approve transactions, retrieve records, or operate privileged methods. - Record the threat model and manipulation tests for the smart-contract deployment. - Require approval and logging for privileged governance actions. - Verify role, key, token, and permission controls before each material release. - Retest controls when the data sharing agreement, protocol, access model, or deployment environment changes. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36 requires a very high degree of robustness and rigorous access controls at governance and smart-contract layers. ## What should safe termination, interruption, archiving, and continuity controls cover under the Data Act? The Data Act context is the starting point for this answer. The smart contract should include internal functions that can reset, stop, or interrupt operation, especially to avoid accidental future executions. The stop mechanism should be tested before production use and documented so authorized personnel know when and how it can be used. Recital 104 also says the requirement to interrupt and terminate smart contracts implies mutual consent by the parties to the data sharing agreement. Do not design a one-sided kill switch that conflicts with the agreement terms or later claim that a stop function changes the contract by itself. If the smart contract is terminated or deactivated, Article 36 expects a possibility to archive the transactional data, smart-contract logic, and code so past operations on data remain auditable. The archive should preserve the relevant version, execution history, stop event, consent record, and agreement link. - Document who can trigger stop, reset, interruption, termination, and deactivation functions, and where the parties' consent is recorded. - Test that stopping the contract prevents unwanted future executions without destroying audit records. - Archive transactional data, code, and logic for the terminated or deactivated version. - Keep continuity notes for pending transactions, data access rights, and post-termination retrieval obligations created by the agreement. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36 requires safe termination and interruption functions plus archiving of data, logic, and code for auditability. ## How do smart contracts relate to Data Act data sharing agreements and model terms? The Data Act context is the starting point for this answer. A smart contract can automate execution of a data sharing agreement, but it should not be treated as a substitute for the agreement. The agreement should still state the parties, data, use conditions, access limits, compensation if relevant, trade-secret measures, remedies, and termination terms. The Commission has published non-binding model contractual terms for Data Act data access and use. Those terms are voluntary implementation tools; they can help structure the agreement that the smart contract executes, but using them does not by itself prove Article 36 conformity. - Compare each automated function with a specific agreement term. - Keep trade-secret safeguards, access conditions, and termination terms visible outside the code. - Use model terms as drafting support where suitable, not as evidence that the smart-contract controls are compliant. Sources for this answer: - [European Commission - Model Contractual Terms and Standard Contractual Clauses](https://digital-strategy.ec.europa.eu/en/library/draft-recommendation-non-binding-model-contractual-terms-data-access-and-use-and-non-binding?ref=sorena.io) - The Commission page describes non-binding model contractual terms for Data Act data sharing and states that their use is voluntary. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - The Data Act separately addresses data sharing agreements, unfair terms, and smart-contract consistency with the agreement. ## What is the current standards and common-specifications position for Article 36 under the Data Act? The Data Act context is the starting point for this answer. Article 36 creates two conformity routes that may matter over time. A smart contract that meets harmonised standards cited in the Official Journal is presumed to conform to the covered Article 36 requirements. If the standards route is unavailable under Article 36 conditions, the Commission may adopt common specifications by implementing act, and meeting those specifications can also create a presumption of conformity for the covered requirements. The grounding materials show active Data Act standardisation work around a European Trusted Data Framework, trusted data transactions, and Article 33 interoperability deliverables. They do not support telling readers that a specific Article 36 harmonised standard is already cited in the Official Journal for smart contracts. Treat standards status as a live dependency and cite the binding Article 36 text before making conformity claims. - Do not claim presumption of conformity unless the relevant harmonised standard or common specification covers the Article 36 requirement at issue. - Track Official Journal citations and any Commission implementing acts before updating declarations or release gates. - Use Data Act trusted-data-transaction standardisation materials as implementation context, not as a replacement for Article 36 text. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Article 36 sets the presumption-of-conformity rules for harmonised standards and common specifications. - [Commission Implementing Decision C(2025) 4135](https://ec.europa.eu/transparency/documents-register/api/files/C(2025)4135_1/de00000001072897?rendition=false&ref=sorena.io) - The standardisation request annex lists trusted data transaction and data-space deliverables supporting the Data Act standardisation programme. - [CEN and CENELEC - Data Act Standardization Request Officially Accepted](https://www.cencenelec.eu/news-events/news/2025/brief-news/2025-07-11-data-act-standardization-request/?ref=sorena.io) - CEN and CENELEC announced acceptance of the European Trusted Data Framework standardization request under Mandate M/614. ## What evidence should a team keep for an Article 36 smart-contract deployment under the Data Act? The Data Act context is the starting point for this answer. Keep a small but complete Article 36 evidence pack for each smart-contract deployment used to execute a data sharing agreement. The pack should let a reviewer connect the legal agreement, deployed code, controls, tests, conformity assessment, declaration, and later termination or archiving event without reconstructing the story from tickets. At minimum, the pack should include the agreement terms being executed, the responsible vendor or professional deployer, code and logic version, deployment address or environment, access-control design, robustness tests, stop and reset tests, archive procedure, conformity assessment, EU declaration of conformity, and review notes for any standard or common-specification updates. - Agreement-to-code traceability table. - Robustness, manipulation-resistance, and error-handling test records. - Governance-layer and smart-contract-layer access-control evidence. - Stop, reset, interruption, termination, and deactivation test evidence. - Archive package for transactional data, smart-contract logic, code, and execution history. - Conformity assessment and EU declaration of conformity. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act), Article 36](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - The evidence list maps directly to Article 36 requirements and conformity-assessment duties. ## What unsupported claims should teams avoid on Data Act smart contracts? The Data Act context is the starting point for this answer. Avoid saying that Article 36 validates the legal agreement, replaces national contract law, certifies a blockchain protocol, requires a particular ledger technology, or makes all automated data-sharing controls smart contracts. The grounded rule is more specific: it applies essential requirements to smart contracts used by the relevant vendor or professional deployer to execute a data sharing agreement or part of one. Also avoid using Article 36 to bypass the Data Act rules on data access, trade secrets, unfair contract terms, or technical protection measures. A smart contract can help enforce agreed terms or prevent unauthorized access, but Data Act technical measures must not be used to discriminate between recipients or hinder user and third-party rights. - Do not claim legal effect beyond the Article 36 smart-contract requirements. - Do not call a smart contract compliant without conformity assessment and declaration evidence. - Do not use automated controls to frustrate Data Act access or sharing rights. Sources for this answer: - [European Commission Data Act FAQs](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - The Commission FAQ limits Article 36's effect on contract law and distinguishes programs from agreements. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - The Data Act allows technical protection measures, including smart contracts, but says they must not hinder protected access and sharing rights. ## What Data Act source evidence should teams keep for the Smart Contracts For Data Sharing FAQ decision? For smart contracts for data sharing, the Data Act record should identify the source clause, Commission guidance, actor role, dataset, request or contract trigger, and the owner who approved the interpretation. For smart contracts for data sharing, keep the cited external URL, decision date, reviewer, unresolved assumptions, and implementation artifact together so the answer remains auditable. If Article 36 controls are reused across teams, note which contract version, deployment environment, and standardization reference the team relied on so later reviews can see why the decision was made. - Record the source clause and Commission guidance that support the decision. - Capture the responsible owner, reviewer, and decision date. - Link the decision to the contract version, deployment environment, and implementation artifact. ## How should teams assign ownership for Data Act Smart Contracts For Data Sharing implementation work? For smart contracts for data sharing, the Data Act workflow should name the legal, product, procurement, cloud, support, or security owner who can change the affected process. For smart contracts for data sharing, use one accountable owner per action, then record consulted teams and evidence dependencies separately. Ownership should also cover follow-up work: keeping the Article 36 evidence pack current, updating the agreement when the deployed logic changes, and checking whether new harmonised standards or common specifications affect the deployment. - Record the accountable owner for each Article 36 action. - List consulted teams separately from the decision owner. - Track evidence dependencies, standards updates, and contract changes together with the implementation owner. ## Primary sources - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Binding source for Article 36 scope, essential requirements, conformity assessment, EU declaration of conformity, harmonised standards, common specifications, and related Data Act technical-protection limits. - [European Commission Data Act FAQs](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Commission FAQ support for the point that Article 36 regulates smart-contract programs and does not change national contract law. - [European Commission - Model Contractual Terms and Standard Contractual Clauses](https://digital-strategy.ec.europa.eu/en/library/draft-recommendation-non-binding-model-contractual-terms-data-access-and-use-and-non-binding?ref=sorena.io) - Commission source for voluntary model contractual terms for Data Act data access and use, relevant to the underlying agreement that smart-contract code may execute. - [Commission Implementing Decision C(2025) 4135](https://ec.europa.eu/transparency/documents-register/api/files/C(2025)4135_1/de00000001072897?rendition=false&ref=sorena.io) - Commission standardisation request annex showing Data Act standardisation work on trusted data transactions and data-space interoperability. - [CEN and CENELEC - Data Act Standardization Request Officially Accepted](https://www.cencenelec.eu/news-events/news/2025/brief-news/2025-07-11-data-act-standardization-request/?ref=sorena.io) - Standardisation-body source confirming acceptance of the Data Act European Trusted Data Framework request under Mandate M/614. - [European Commission - Data Act explained](https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained?ref=sorena.io) - Commission overview for Data Act chapters, connected-product access, B2G requests, cloud switching, interoperability, and implementation support. ## Topic Guides - [Data Act and Common European Data Spaces](/artifacts/eu/data-act/data-act-and-common-european-data-spaces.md): How Data Act Article 33 connects data-space participation with metadata, vocabularies, APIs, access terms, data quality, governance, and standards monitoring. - [Data Act and Data Governance Act Overlap FAQ](/artifacts/eu/data-act/faq/data-governance-act-overlap.md): FAQ explaining where the EU Data Act and Data Governance Act overlap, how they differ, and how to route product, cloud, public-sector reuse, intermediary, and data altruism workflows. - [Data Act and GDPR Personal Data Overlap FAQ](/artifacts/eu/data-act/faq/gdpr-personal-data-overlap.md): FAQ on how the EU Data Act works when connected-product or related-service data includes personal data, mixed datasets, GDPR roles, lawful basis, trade secrets, and third-party sharing. - [Data Act Audit Evidence And Request Logs FAQ](/artifacts/eu/data-act/faq/audit-evidence-and-request-logs.md): FAQ for Data Act request logs covering user and third-party access, B2G exceptional need requests, cloud switching records, contract terms, trade secrets, and GDPR boundaries. - [Data Act B2B Data-Sharing Contract Clauses](/artifacts/eu/data-act/b2b-data-sharing-contract-clauses.md): Clause guide for EU Data Act B2B data sharing: FRAND terms, compensation, trade secret safeguards, recipient limits, termination, logs, and GDPR boundaries. - [Data Act B2B Data-Sharing Contract Template](/artifacts/eu/data-act/b2b-data-sharing-contract-template.md): A usable EU Data Act B2B data-sharing template outline covering access requests, data schedules, permitted use, trade secrets, security, compensation, GDPR boundaries, audit records, and termination. - [Data Act B2G Exceptional-Need Requests](/artifacts/eu/data-act/b2g-exceptional-need-requests.md): A grounded guide to EU Data Act Chapter V requests from public bodies: exceptional need, public emergencies, request contents, limits, safeguards, costs, and records. - [Data Act Cloud Switching Compliance Checklist](/artifacts/eu/data-act/cloud-switching-compliance-checklist.md): A grounded EU Data Act checklist for cloud and data processing service providers covering switching clauses, notices, export formats, charges, interoperability, and evidence. - [Data Act Cloud Switching Contract Terms FAQ](/artifacts/eu/data-act/faq/cloud-switching-contract-terms.md): FAQ on EU Data Act cloud switching contract terms: Article 25 clauses, assistance, notice, transition, charges, export, termination, interoperability, and records. - [Data Act Cloud Switching Fees And Deadlines FAQ](/artifacts/eu/data-act/faq/cloud-switching-fees-and-deadlines.md): FAQ on EU Data Act cloud switching charges, 2027 fee removal, notice periods, transition windows, data retrieval, contract terms, and evidence records. - [Data Act Complaints and Dispute Settlement FAQ](/artifacts/eu/data-act/faq/complaints-and-dispute-settlement.md): FAQ on EU Data Act complaints, competent authorities, dispute settlement bodies, B2B data-sharing disputes, B2G requests, cloud switching disputes, and evidence records. - [Data Act Exportable Data and Metadata FAQ](/artifacts/eu/data-act/faq/exportable-data-and-metadata.md): FAQ explaining which product, related service, metadata, and cloud switching data must be exportable under the EU Data Act, and which data can be excluded. - [Data Act FAQ for Aftermarket Repair and Mobility Services](/artifacts/eu/data-act/faq/aftermarket-repair-and-mobility-services.md): FAQ on EU Data Act vehicle-data access for repairers, independent service providers, fleets, insurers, and mobility services. - [Data Act Functional Equivalence FAQ](/artifacts/eu/data-act/faq/functional-equivalence.md): FAQ on Data Act functional equivalence for cloud switching: IaaS scope, customer outcomes, export support, interoperability duties, limits, and evidence. - [Data Act Indirect Access Request Flows FAQ](/artifacts/eu/data-act/faq/indirect-access-request-flows.md): FAQ for Data Act teams handling user and third-party data requests when direct connected-product access is unavailable, incomplete, or limited. - [Data Act International Government Access FAQ](/artifacts/eu/data-act/faq/international-government-access.md): FAQ on EU Data Act safeguards for non-EU government access to non-personal data held in the Union by data processing service providers. - [Data Act Interoperability Standards FAQ](/artifacts/eu/data-act/faq/interoperability-standards.md): FAQ on EU Data Act interoperability standards for data spaces, cloud switching, smart contracts, harmonised standards, common specifications, and M/614. - [Data Act Model Contractual Terms FAQ](/artifacts/eu/data-act/faq/model-contractual-terms.md): FAQ on the EU Data Act non-binding model contractual terms for data access and use, cloud switching clauses, B2B use, unfair terms, and evidence. - [Data Act Public Emergency Requests FAQ](/artifacts/eu/data-act/faq/public-emergency-requests.md): FAQ on EU Data Act public emergency requests: exceptional need, request content, timing, data holder response, compensation, confidentiality, and records. - [Data Act Smart Contracts for Data Sharing](/artifacts/eu/data-act/smart-contracts-for-data-sharing.md): Data Act Article 36 smart contract guide for data-sharing agreements: scope, robustness, access control, termination, interruption, archiving, standards status, and conformity evidence. - [Data Act SME Exceptions and Startups FAQ](/artifacts/eu/data-act/faq/sme-exceptions-and-startups.md): FAQ on where the EU Data Act gives micro, small, medium-sized, startup, and SME actors narrower treatment for access duties, compensation, and B2B terms. - [Data Act Trade Secret Technical Protection Measures FAQ](/artifacts/eu/data-act/faq/trade-secret-technical-protection-measures.md): FAQ on how EU Data Act data holders can protect trade secrets with confidentiality safeguards, technical measures, limited withholding, suspension, refusal, and evidence. - [Data Act Trade Secrets and Protection Measures](/artifacts/eu/data-act/trade-secrets-and-protection.md): Data Act guide for protecting trade secrets during access and sharing: classification, safeguards, refusal thresholds, notices, evidence records, and reviews. - [Data Act Unfair Contractual Terms | Article 13 B2B Contract Review](/artifacts/eu/data-act/unfair-contractual-terms.md): Review B2B data-sharing clauses under EU Data Act Article 13: unilateral terms, always unfair examples, presumed unfair terms, model clauses, evidence, and remediation. - [Data Act Vehicle Data Guidance](/artifacts/eu/data-act/vehicle-data-guidance.md): Commission-grounded guide to Data Act vehicle data access: connected vehicles, vehicle-related services, raw and pre-processed data, aftermarket use cases, access routes, safeguards, and GDPR boundaries. - [Data Act vs GDPR: connected-product data access](/artifacts/eu/data-act/data-act-vs-gdpr.md): Compare EU Data Act connected-product access duties with GDPR personal-data rules: scope, roles, lawful basis, data subject rights, third-party sharing, trade secrets, and conflicts. - [EU Data Act and Common European Data Spaces FAQ](/artifacts/eu/data-act/faq/data-act-and-common-european-data-spaces.md): FAQ on how EU Data Act interoperability duties, Data Governance Act rules, and sector data-space governance fit together without treating participation as a general obligation. - [EU Data Act Applicability Test](/artifacts/eu/data-act/applicability-test.md): Check whether a product, related service, data holder, cloud service, data-space role, smart contract, or B2G request is in scope of the EU Data Act. - [EU Data Act Application Dates And Transition FAQ](/artifacts/eu/data-act/faq/application-dates-and-transition.md): FAQ on when the EU Data Act applies, which obligations are delayed, and what product, contract, cloud, and evidence records teams should maintain. - [EU Data Act Article 3 Pre-Contract Information](/artifacts/eu/data-act/pre-contractual-information-obligations.md): What Article 3 of the EU Data Act requires before connected-product purchase, rent, lease, or related-service contracting: data categories, access, data holder identity, third-party sharing, complaints, and evidence. - [EU Data Act Article 36 Smart Contract Controls FAQ](/artifacts/eu/data-act/faq/article-36-smart-contract-controls.md): FAQ explaining when EU Data Act Article 36 applies to smart contracts for data-sharing agreements and what controls, conformity evidence, and limits it requires. - [EU Data Act B2B Data Sharing Compensation FAQ](/artifacts/eu/data-act/faq/compensation-for-b2b-data-sharing.md): FAQ on when Data Act data holders may charge B2B data recipients, what reasonable compensation can include, SME limits, unfair terms, disputes, and trade secret safeguards. - [EU Data Act B2G Compensation and Costs FAQ](/artifacts/eu/data-act/faq/b2g-compensation-and-costs.md): FAQ on when Data Act B2G exceptional-need requests are free, when fair compensation may be claimed, which costs can be included, and what records to keep. - [EU Data Act B2G Exceptional Need FAQ](/artifacts/eu/data-act/faq/b2g-exceptional-need.md): When public-sector bodies can request business-held data under the EU Data Act, what a valid request must contain, and how data holders handle limits, trade secrets, compensation, and evidence. - [EU Data Act Checklist for Product, Cloud, and Contract Teams](/artifacts/eu/data-act/checklist.md): A grounded EU Data Act checklist for connected-product data access, third-party sharing, B2G requests, cloud switching, unfair terms, smart contracts, personal data boundaries, evidence, and owners. - [EU Data Act Cloud Switching and Exit Plans](/artifacts/eu/data-act/cloud-switching-and-exit-plans.md): A grounded EU Data Act guide for data processing service exit plans: switching contracts, exportable data, assistance, charges, interoperability, retrieval, erasure, and records. - [EU Data Act Cloud Switching Procurement FAQ](/artifacts/eu/data-act/faq/cloud-switching-procurement-checklist.md): Procurement checklist FAQ for EU Data Act cloud switching: contract terms, exit support, exportable data, switching charges, interoperability, termination, and supplier evidence. - [EU Data Act Compliance Program](/artifacts/eu/data-act/compliance.md): Build a Data Act compliance program for connected-product data access, contracts, B2G requests, cloud switching, smart contracts, GDPR boundaries, records, and ownership. - [EU Data Act Connected Product Scope and Data Types](/artifacts/eu/data-act/scope-connected-products-and-data-types.md): Classify EU Data Act connected products, related services, product data, related-service data, readily available data, metadata, and excluded derived outputs. - [EU Data Act Connected Product Scope FAQ](/artifacts/eu/data-act/faq/scope-connected-products.md): FAQ explaining when connected products, related services, generated data, EU market placement, and SME exceptions fall within EU Data Act scope. - [EU Data Act Data Processing Service Switching](/artifacts/eu/data-act/data-processing-services-switching.md): A grounded EU Data Act guide for provider and customer switching duties: exit assistance, exportable data, contract clauses, charges, interoperability, retrieval, and erasure. - [EU Data Act data spaces interoperability FAQ](/artifacts/eu/data-act/faq/data-spaces-interoperability.md): FAQ explaining Article 33 Data Act interoperability requirements for data-space participants, common European data spaces, standards, APIs, metadata, and architecture evidence. - [EU Data Act deadlines and compliance calendar](/artifacts/eu/data-act/deadlines-and-compliance-calendar.md): A source-linked calendar for EU Data Act application dates, product design timing, contract remediation, cloud switching charges, response periods, standards work, and evidence records. - [EU Data Act Direct Access by Design FAQ](/artifacts/eu/data-act/faq/direct-access-by-design.md): FAQ for product and legal teams designing user access to connected-product and related-service data under the EU Data Act. - [EU Data Act Enforcement And Competent Authorities FAQ](/artifacts/eu/data-act/faq/enforcement-and-competent-authorities.md): FAQ on who enforces the EU Data Act, how complaints work, how Member States set penalties, when dispute settlement can be used, and when GDPR authorities remain responsible. - [EU Data Act FAQ: scope, access rights, B2G, cloud switching, GDPR, and dates](/artifacts/eu/data-act/faq.md): Grounded EU Data Act FAQ index covering connected-product data access, third-party sharing, B2G exceptional need, cloud switching, smart contracts, GDPR boundaries, unfair terms, trade secrets, and application dates. - [EU Data Act Non-Emergency Public-Sector Requests FAQ](/artifacts/eu/data-act/faq/non-emergency-public-sector-requests.md): FAQ on EU Data Act requests where a public body claims exceptional need outside a public emergency, including scope, request contents, limits, compensation, confidentiality, and evidence. - [EU Data Act Non-Personal Data and Mixed Datasets FAQ](/artifacts/eu/data-act/faq/non-personal-data-and-mixed-datasets.md): FAQ on how the EU Data Act treats non-personal data, mixed datasets, GDPR precedence, user and third-party access, trade-secret limits, and evidence records. - [EU Data Act Penalties and Enforcement](/artifacts/eu/data-act/penalties-and-fines.md): Grounded guide to Data Act penalties under Article 40, Member State enforcement, penalty factors, complaints, judicial remedies, and the GDPR enforcement boundary. - [EU Data Act Pre-Contractual Information FAQ](/artifacts/eu/data-act/faq/pre-contractual-information.md): FAQ on EU Data Act Article 3 pre-contract information for connected products and related services, including data categories, access methods, data holder identity, third-party sharing, and GDPR boundaries. - [EU Data Act Product Data vs Related Service Data FAQ](/artifacts/eu/data-act/faq/product-data-and-service-data.md): FAQ explaining how the EU Data Act separates connected product data, related service data, readily available raw and pre-processed data, metadata, and inferred or derived outputs. - [EU Data Act Readily Available Data FAQ](/artifacts/eu/data-act/faq/readily-available-data.md): FAQ on what counts as readily available data under the EU Data Act, including product data, related service data, metadata, inferred data, and access mechanics. - [EU Data Act Related Services FAQ](/artifacts/eu/data-act/faq/related-services.md): FAQ explaining when software is a Data Act related service, how it links to connected products, which product and service data are in scope, and what exclusions apply. - [EU Data Act requirements](/artifacts/eu/data-act/requirements.md): Source-grounded EU Data Act requirements for connected-product data access, B2B sharing terms, B2G exceptional needs, cloud switching, smart contracts, interoperability, GDPR boundaries, and records. - [EU Data Act Third-Party Data Sharing FAQ](/artifacts/eu/data-act/faq/third-party-data-sharing.md): FAQ on user-directed third-party data sharing under the EU Data Act, covering data holder duties, recipient limits, trade secrets, security, GDPR, and gatekeepers. - [EU Data Act Trade Secret Safeguards FAQ](/artifacts/eu/data-act/faq/trade-secrets-safeguards.md): FAQ on protecting trade secrets when handling EU Data Act user and third-party data access requests, including safeguards, withholding, suspension, refusal, notices, and records. - [EU Data Act Unfair Contractual Terms FAQ](/artifacts/eu/data-act/faq/unfair-contractual-terms.md): FAQ on Article 13 of the EU Data Act: B2B unfair contract terms, unilateral take-it-or-leave-it clauses, always-unfair terms, presumed-unfair terms, SMEs, model terms, and review evidence. - [EU Data Act User Access and Portability Rights](/artifacts/eu/data-act/access-rights-and-portability.md): Practical guide to EU Data Act user access, connected-product data portability, third-party sharing, trade secret safeguards, and the GDPR boundary. - [EU Data Act Users, Data Holders, and Recipients FAQ](/artifacts/eu/data-act/faq/users-data-holders-and-recipients.md): FAQ explaining Data Act users, data holders, data recipients, connected products, related services, user access, third-party limits, and GDPR boundaries. - [EU Data Act Vehicle Data Guidance FAQ](/artifacts/eu/data-act/faq/vehicle-data-guidance.md): FAQ on EU Data Act vehicle data guidance for connected vehicles, aftermarket repair, mobility services, third-party access, trade secrets, security, and GDPR boundaries. - [EU Data Act vs Data Governance Act](/artifacts/eu/data-act/data-act-vs-data-governance-act.md): Compare the EU Data Act with the Data Governance Act: connected-product access, cloud switching, B2B/B2G duties, protected public-sector reuse, intermediaries, altruism, governance, and enforcement. *EU Data Act Article 36 support* *Placement: after implementation section* ## Review Data Act Smart-Contract Controls Turn Article 36 into an evidence-backed smart-contract register covering agreement traceability, access control, stop functions, archiving, conformity assessment, and standards monitoring. - [Open Research Copilot](/solutions/research-copilot.md): Get cited answers on Data Act Article 36, data sharing agreements, and related implementation questions. - [Discuss Article 36 Readiness](/contact.md): Review smart-contract evidence, declarations, agreement traceability, and release controls for Data Act data sharing. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/data-act/faq/smart-contracts-for-data-sharing