--- title: "EU Data Act Vehicle Data Guidance FAQ" canonical_url: "https://www.sorena.io/artifacts/eu/data-act/faq/vehicle-data-guidance" source_url: "https://www.sorena.io/artifacts/eu/data-act/faq/vehicle-data-guidance" author: "Sorena AI" description: "FAQ on EU Data Act vehicle data guidance for connected vehicles, aftermarket repair, mobility services, third-party access, trade secrets, security, and GDPR boundaries." published_at: "2026-05-06" updated_at: "2026-05-06" keywords: - "EU Data Act" - "vehicle data" - "connected vehicles" - "automotive aftermarket" - "repair data" - "mobility data" - "third-party access" - "GDPR" - "Regulation (EU) 2023/2854" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # EU Data Act Vehicle Data Guidance FAQ FAQ on EU Data Act vehicle data guidance for connected vehicles, aftermarket repair, mobility services, third-party access, trade secrets, security, and GDPR boundaries. *FAQ* *EU* *Data Act* ## EU Data Act Vehicle Data Guidance FAQ Answers for connected-vehicle teams applying Chapter II of the Data Act. Use this FAQ to separate vehicle data from vehicle functions, map data holder, user, and third-party roles, and handle aftermarket, safety, security, trade-secret, and GDPR boundaries. The Commission vehicle-data guidance explains how Chapter II of the EU Data Act applies in the automotive sector. It covers vehicle data from connected vehicles and vehicle-related services, not general access to vehicle functions or public-sector data requests. ## What is the Commission vehicle-data guidance for the EU Data Act? It is Commission guidance for automotive stakeholders applying Chapter II of the Data Act to vehicle data. The guidance focuses on connected vehicles, vehicle-related services, data within the scope of Chapter II, and the access rules for users and third parties chosen by users. The guidance is not a new legal obligation and does not extend or modify the Data Act. It is also sector-specific: it concerns the automotive sector, including OEMs, suppliers, aftermarket service providers, and insurance providers, and should not be automatically applied to other industries or the public sector. - Use it for connected-vehicle and vehicle-related service access questions. - Do not treat it as guidance on public-sector access requests or non-automotive products. - Read it alongside the binding Data Act text and any applicable sector-specific rules. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Explains the purpose, legal status, automotive-sector scope, and boundaries of the vehicle-data guidance. - [European Commission - Vehicle data guidance page](https://digital-strategy.ec.europa.eu/en/library/guidance-vehicle-data-accompanying-data-act?ref=sorena.io) - Commission publication page describing the guidance as tailored advice for automotive stakeholders implementing Chapter II. ## Which vehicles and services are covered under the Data Act for Vehicle Data Guidance implementation evidence? The guidance covers vehicles that qualify as connected products under the Data Act: vehicles that obtain, generate, or collect data about use or environment and can communicate product data electronically, by physical connection, or through on-device access. A vehicle-related service must be a digital service connected with the vehicle in a way that affects the vehicle's operation or behavior. Examples in the guidance include remote vehicle-control services, some predictive maintenance services that exchange data with the vehicle and adapt functionality, cloud-based driver preference services, and dynamic route optimization shown through the vehicle interface. - Regular manual repair and maintenance, such as brake replacement or oil changes, are generally not vehicle-related services when carried out offline. - Pay-how-you-drive insurance analytics and apps that only display charging history are examples of services that may use vehicle data but do not necessarily qualify as related services. - The same company may be an OEM, data holder, service provider, recipient, or third party depending on the workflow. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Defines the connected-vehicle and vehicle-related-service boundaries used by the guidance. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Provides the Data Act definitions for connected products, related services, users, data holders, and data recipients. ## What vehicle data is in scope under Chapter II under the Data Act? The Data Act context is the starting point for this answer. For this guidance, vehicle data means product data generated by the use of a connected vehicle and vehicle-related service data. The in-scope set includes raw and pre-processed data, together with relevant metadata needed to interpret and use the data. The guidance treats inferred or derived information as outside Chapter II. That boundary matters for repair, mobility, and insurance use cases because a measured value such as speed, location, odometer value, battery level, tire pressure, or fault information can be in scope, while a proprietary driver score, route prediction, risk assessment, or other new insight may be outside scope. - Classify each requested field as raw, pre-processed, inferred, derived, metadata, or unavailable. - Keep examples tied to actual data fields, such as GNSS-based location, odometer value, battery level, brake-pad wear, fault codes, and malfunction indicators. - Do not label all analytics outputs as shareable vehicle data; check whether the output represents new inferred or derived information. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Explains vehicle data, raw data, pre-processed data, and inferred or derived data in the automotive context. - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Clarifies that Chapter II access rights generally cover raw and pre-processed data that are readily available. ## Who are the data holder, user, and third party in a vehicle-data request under the Data Act? The Data Act context is the starting point for this answer. The user is the person or organisation that owns, rents, or leases the connected vehicle or receives a vehicle-related service. A data holder is the party that has the right or obligation to use and make available readily available product data or related service data. A third party is selected by the user to receive data from the data holder. In practice, the request file should identify the vehicle or service, the user, the data holder, the requested third party, the requested data fields, the intended route for access, and whether personal data, trade secrets, safety, or cybersecurity issues affect the response. - Do not assume the OEM is the only possible data holder; map who lawfully obtains or can lawfully obtain the requested data. - Treat repairers, mobility providers, insurers, and other aftermarket actors as potential third parties when selected by the user. - Record the role map before deciding whether the answer belongs under direct access, indirect user access, or third-party sharing. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Defines core Data Act actors and Chapter II access relationships between users, data holders, and data recipients. - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Shows practical connected-product access flows involving manufacturers or data holders, users, and third parties. ## How should repair, maintenance, mobility, and aftermarket use cases be handled under the Data Act? Start with the vehicle-data field, not the market label. The Data Act can support access to readily available vehicle data for aftermarket uses, but the guidance also explains that the Data Act does not create access rights to vehicle functions or resources. For independent repair shops and other independent service providers, the guidance is explicit that access quality should not be lower than the quality made available to the data holder, subsidiaries, authorised partners, dealers, or repairers. Access must also be easy, without undue barriers, costs, or procedural hurdles. - For repair and maintenance, separate data access from access to vehicle functions, resources, or commands. - For mobility services, identify whether the service only uses data or also affects vehicle operation through a related service. - For aftermarket access, compare the requested quality, completeness, timeliness, and interface with what the data holder uses or gives to authorised channels. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Addresses aftermarket service providers, independent repair shops, access quality, and the boundary between vehicle data and vehicle functions. - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Explains that users can access and use connected-product data and share it with third parties to provide services. ## Does the Data Act require direct access through the vehicle for Vehicle Data Guidance implementation evidence? The Data Act context is the starting point for this answer. No, not in every situation. The guidance explains that direct access under Article 3 applies where relevant and technically feasible. If users cannot access data directly from the vehicle, the data holder must provide indirect access to readily available data under Article 4, and must make readily available data accessible to a third party at the user's request under Article 5. The Data Act is technology-neutral about the access method. The guidance mentions remote backend solutions, onboard access, and data intermediation as possible routes, but the chosen method must still satisfy the Data Act conditions, including access to data of the same quality as available to the data holder. - Document whether the route is direct user access, indirect access through the data holder, or third-party access at the user's request. - If using an OBD-II route, do not require the user to buy a specialised tool or have advanced technical skills. - If using a backend or API route, check that it does not reduce accuracy, completeness, reliability, relevance, or timeliness compared with what the data holder has. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Clarifies direct access, indirect access, third-party access, OBD-II access, technology neutrality, and same-quality access. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Sets the Chapter II access duties in Articles 3, 4, and 5 for product and related service data. ## How do trade secrets, safety, and cybersecurity affect vehicle-data access under the Data Act? Trade-secret and security concerns should be handled as specific safeguards, not as blanket refusals. The Data Act contains mechanisms for protecting trade secrets and allowing appropriate technical and organisational measures, while the vehicle guidance stresses that access still has to remain easy and non-discriminatory. For vehicle data, the file should identify the protected interest, the precise data or interface affected, the measure applied, and what data remains available. Safety, cybersecurity, and trade-secret controls are most defensible when they are proportionate to a documented risk and do not turn an access right into a dead end. - Use field-level controls, access conditions, logging, authentication, and recipient commitments where they address the real risk. - Escalate refusals or heavy limitations to legal, cybersecurity, safety, and product owners before communicating them externally. - Avoid unsupported statements that all diagnostic, location, or component-status data is too sensitive to share. Sources for this answer: - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Contains the Data Act trade-secret protection mechanism and competent-authority complaint context. - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Explains that the Data Act does not modify existing trade-secret protections and adds a trade-secret protection mechanism. - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Connects automotive implementation with interoperability, security, fair competition, and non-discriminatory access quality. ## Where is the GDPR boundary for connected vehicle data under the Data Act? The Data Act does not supersede the GDPR. Where vehicle data is personal data, GDPR rules apply to the processing, and the Commission FAQs state that GDPR rules on personal-data protection prevail in the event of conflict. This means an access workflow can be within Chapter II of the Data Act and still need a GDPR basis, data-subject analysis, minimisation, security, and recipient controls. Location data, driver behavior, charging history, and vehicle-use patterns should be assessed carefully because they can often identify or relate to a person depending on context. - Classify each field as personal, non-personal, or mixed before release. - Check whether the requesting user is the data subject or whether another GDPR legal basis is needed. - Keep the GDPR assessment separate from the Data Act scope assessment so neither one hides the other. Sources for this answer: - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Clarifies that the GDPR applies to personal-data processing under the Data Act and prevails where personal-data rules conflict. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Preserves GDPR application and assigns personal-data monitoring to data-protection supervisory authorities. - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - States that the vehicle guidance does not affect application of the GDPR. ## Which adjacent automotive rules should be checked under the Data Act? The vehicle guidance is limited to the Data Act. It does not interpret or displace sector-specific automotive rules, including the Type Approval Regulation, rules on on-board diagnostics information or vehicle emissions data, competition rules for motor vehicle repair and spare parts, or other sector guidance. A practical vehicle-data review should therefore mark whether the request is a Data Act Chapter II access request, a sector-specific access request, a GDPR issue, or a combined case. That prevents a team from using Data Act language to narrow rights that already exist under another rule, or using another rule to ignore Data Act access duties. - Check sector rules for OBD information, vehicle emissions data, roadworthiness testing information, repair information, and spare-parts distribution issues. - Use the Data Act for product data and related service data access where no more specific rule controls the exact question. - Document which rule controls each field, interface, recipient, and refusal or limitation reason. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Identifies sector-specific automotive laws and other EU rules that the guidance does not interpret or affect. - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Explains how the Data Act interacts with sector-specific EU data-access rules. ## What evidence should a vehicle-data access workflow keep under the Data Act? The Data Act context is the starting point for this answer. Keep a vehicle-data access matrix that lists the data field, vehicle or service source, role map, raw or pre-processed classification, inferred or derived exclusion if relevant, personal-data status, access route, recipient, safeguards, source citation, decision, and delivery or refusal outcome. For recurring aftermarket or mobility requests, also keep interface evidence: API specification, data dictionary, quality comparison, authentication model, recipient terms, support script, and logs showing what was delivered and when. The point is to make later complaints, partner disputes, or authority questions answerable without rebuilding the decision from memory. - Record the reason when a requested field is excluded as inferred, derived, not readily available, not designed to be retrievable, or controlled by another rule. - Keep the same-quality check where independent repairers or service providers receive data through a different route than authorised partners. - Retain escalation records for safety, cybersecurity, trade-secret, and GDPR limitations. Sources for this answer: - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Supports the evidence categories needed for vehicle-data scope, access routes, quality, and limitations. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Gives competent authorities information-request powers and complaint-handling roles for Data Act compliance. ## What source records should teams keep for a Data Act vehicle-data guidance decision for later review? Keep the source clause, Commission guidance reference, actor role, dataset, request trigger, and approving owner together so the decision can be checked later. A short record is enough if it points to the exact Data Act source and the specific vehicle-data field or workflow that was reviewed. Also keep the cited external URL, decision date, reviewer, unresolved assumptions, and implementation artifact with the decision file. That makes the answer auditable without forcing teams to reconstruct the reasoning from email threads. - Link the decision to a cited Data Act source URL and the relevant vehicle-data field or workflow. - Store the owner, affected workflow, evidence artifact, and review trigger in the same record. ## Which team should own a Data Act vehicle-data guidance implementation task and confirm the fix? Assign one accountable owner who can actually change the affected process under the Data Act, such as legal, product, procurement, cloud, support, or security. That owner should be the person who can approve the interpretation, coordinate the fix, and confirm the workflow now matches the guidance. Use consulted teams and evidence dependencies to support the owner, but keep them separate from the single accountable owner. That helps teams avoid stalled decisions and makes follow-up reviews easier when the vehicle-data workflow changes. - Name one accountable owner per action. - Record consulted teams, evidence artifacts, and review triggers separately. - Use the owner record to follow up on any access, quality, or safeguard change. ## Primary sources - [Commission guidance on vehicle data - Official Journal](https://eur-lex.europa.eu/eli/C/2025/5026/oj/eng?ref=sorena.io) - Primary source for automotive vehicle-data guidance under Chapter II of the Data Act, including scope, examples, access routes, quality, sector-rule boundaries, and aftermarket considerations. - [European Commission - Vehicle data guidance page](https://digital-strategy.ec.europa.eu/en/library/guidance-vehicle-data-accompanying-data-act?ref=sorena.io) - Commission publication page confirming the guidance is for automotive stakeholders implementing Chapter II. - [Regulation (EU) 2023/2854 (Data Act)](https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng?ref=sorena.io) - Binding Data Act text for Chapter II actor definitions, access duties, trade-secret safeguards, GDPR preservation, enforcement, and evidence requests. - [European Commission - Data Act FAQs v1.4](https://ec.europa.eu/newsroom/dae/redirection/document/108144?ref=sorena.io) - Commission FAQ support for raw and pre-processed data, readily available data, connected-product flows, GDPR boundaries, trade secrets, and sector-rule interactions. - [European Commission - Data Act explained](https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained?ref=sorena.io) - Commission overview for Data Act chapters, connected-product access, B2G requests, cloud switching, interoperability, and implementation support. ## Topic Guides - [Data Act and Common European Data Spaces](/artifacts/eu/data-act/data-act-and-common-european-data-spaces.md): How Data Act Article 33 connects data-space participation with metadata, vocabularies, APIs, access terms, data quality, governance, and standards monitoring. - [Data Act and Data Governance Act Overlap FAQ](/artifacts/eu/data-act/faq/data-governance-act-overlap.md): FAQ explaining where the EU Data Act and Data Governance Act overlap, how they differ, and how to route product, cloud, public-sector reuse, intermediary, and data altruism workflows. - [Data Act and GDPR Personal Data Overlap FAQ](/artifacts/eu/data-act/faq/gdpr-personal-data-overlap.md): FAQ on how the EU Data Act works when connected-product or related-service data includes personal data, mixed datasets, GDPR roles, lawful basis, trade secrets, and third-party sharing. - [Data Act Audit Evidence And Request Logs FAQ](/artifacts/eu/data-act/faq/audit-evidence-and-request-logs.md): FAQ for Data Act request logs covering user and third-party access, B2G exceptional need requests, cloud switching records, contract terms, trade secrets, and GDPR boundaries. - [Data Act B2B Data-Sharing Contract Clauses](/artifacts/eu/data-act/b2b-data-sharing-contract-clauses.md): Clause guide for EU Data Act B2B data sharing: FRAND terms, compensation, trade secret safeguards, recipient limits, termination, logs, and GDPR boundaries. - [Data Act B2B Data-Sharing Contract Template](/artifacts/eu/data-act/b2b-data-sharing-contract-template.md): A usable EU Data Act B2B data-sharing template outline covering access requests, data schedules, permitted use, trade secrets, security, compensation, GDPR boundaries, audit records, and termination. - [Data Act B2G Exceptional-Need Requests](/artifacts/eu/data-act/b2g-exceptional-need-requests.md): A grounded guide to EU Data Act Chapter V requests from public bodies: exceptional need, public emergencies, request contents, limits, safeguards, costs, and records. - [Data Act Cloud Switching Compliance Checklist](/artifacts/eu/data-act/cloud-switching-compliance-checklist.md): A grounded EU Data Act checklist for cloud and data processing service providers covering switching clauses, notices, export formats, charges, interoperability, and evidence. - [Data Act Cloud Switching Contract Terms FAQ](/artifacts/eu/data-act/faq/cloud-switching-contract-terms.md): FAQ on EU Data Act cloud switching contract terms: Article 25 clauses, assistance, notice, transition, charges, export, termination, interoperability, and records. - [Data Act Cloud Switching Fees And Deadlines FAQ](/artifacts/eu/data-act/faq/cloud-switching-fees-and-deadlines.md): FAQ on EU Data Act cloud switching charges, 2027 fee removal, notice periods, transition windows, data retrieval, contract terms, and evidence records. - [Data Act Complaints and Dispute Settlement FAQ](/artifacts/eu/data-act/faq/complaints-and-dispute-settlement.md): FAQ on EU Data Act complaints, competent authorities, dispute settlement bodies, B2B data-sharing disputes, B2G requests, cloud switching disputes, and evidence records. - [Data Act Exportable Data and Metadata FAQ](/artifacts/eu/data-act/faq/exportable-data-and-metadata.md): FAQ explaining which product, related service, metadata, and cloud switching data must be exportable under the EU Data Act, and which data can be excluded. - [Data Act FAQ for Aftermarket Repair and Mobility Services](/artifacts/eu/data-act/faq/aftermarket-repair-and-mobility-services.md): FAQ on EU Data Act vehicle-data access for repairers, independent service providers, fleets, insurers, and mobility services. - [Data Act Functional Equivalence FAQ](/artifacts/eu/data-act/faq/functional-equivalence.md): FAQ on Data Act functional equivalence for cloud switching: IaaS scope, customer outcomes, export support, interoperability duties, limits, and evidence. - [Data Act Indirect Access Request Flows FAQ](/artifacts/eu/data-act/faq/indirect-access-request-flows.md): FAQ for Data Act teams handling user and third-party data requests when direct connected-product access is unavailable, incomplete, or limited. - [Data Act International Government Access FAQ](/artifacts/eu/data-act/faq/international-government-access.md): FAQ on EU Data Act safeguards for non-EU government access to non-personal data held in the Union by data processing service providers. - [Data Act Interoperability Standards FAQ](/artifacts/eu/data-act/faq/interoperability-standards.md): FAQ on EU Data Act interoperability standards for data spaces, cloud switching, smart contracts, harmonised standards, common specifications, and M/614. - [Data Act Model Contractual Terms FAQ](/artifacts/eu/data-act/faq/model-contractual-terms.md): FAQ on the EU Data Act non-binding model contractual terms for data access and use, cloud switching clauses, B2B use, unfair terms, and evidence. - [Data Act Public Emergency Requests FAQ](/artifacts/eu/data-act/faq/public-emergency-requests.md): FAQ on EU Data Act public emergency requests: exceptional need, request content, timing, data holder response, compensation, confidentiality, and records. - [Data Act Smart Contracts for Data Sharing](/artifacts/eu/data-act/smart-contracts-for-data-sharing.md): Data Act Article 36 smart contract guide for data-sharing agreements: scope, robustness, access control, termination, interruption, archiving, standards status, and conformity evidence. - [Data Act SME Exceptions and Startups FAQ](/artifacts/eu/data-act/faq/sme-exceptions-and-startups.md): FAQ on where the EU Data Act gives micro, small, medium-sized, startup, and SME actors narrower treatment for access duties, compensation, and B2B terms. - [Data Act Trade Secret Technical Protection Measures FAQ](/artifacts/eu/data-act/faq/trade-secret-technical-protection-measures.md): FAQ on how EU Data Act data holders can protect trade secrets with confidentiality safeguards, technical measures, limited withholding, suspension, refusal, and evidence. - [Data Act Trade Secrets and Protection Measures](/artifacts/eu/data-act/trade-secrets-and-protection.md): Data Act guide for protecting trade secrets during access and sharing: classification, safeguards, refusal thresholds, notices, evidence records, and reviews. - [Data Act Unfair Contractual Terms | Article 13 B2B Contract Review](/artifacts/eu/data-act/unfair-contractual-terms.md): Review B2B data-sharing clauses under EU Data Act Article 13: unilateral terms, always unfair examples, presumed unfair terms, model clauses, evidence, and remediation. - [Data Act Vehicle Data Guidance](/artifacts/eu/data-act/vehicle-data-guidance.md): Commission-grounded guide to Data Act vehicle data access: connected vehicles, vehicle-related services, raw and pre-processed data, aftermarket use cases, access routes, safeguards, and GDPR boundaries. - [Data Act vs GDPR: connected-product data access](/artifacts/eu/data-act/data-act-vs-gdpr.md): Compare EU Data Act connected-product access duties with GDPR personal-data rules: scope, roles, lawful basis, data subject rights, third-party sharing, trade secrets, and conflicts. - [EU Data Act and Common European Data Spaces FAQ](/artifacts/eu/data-act/faq/data-act-and-common-european-data-spaces.md): FAQ on how EU Data Act interoperability duties, Data Governance Act rules, and sector data-space governance fit together without treating participation as a general obligation. - [EU Data Act Applicability Test](/artifacts/eu/data-act/applicability-test.md): Check whether a product, related service, data holder, cloud service, data-space role, smart contract, or B2G request is in scope of the EU Data Act. - [EU Data Act Application Dates And Transition FAQ](/artifacts/eu/data-act/faq/application-dates-and-transition.md): FAQ on when the EU Data Act applies, which obligations are delayed, and what product, contract, cloud, and evidence records teams should maintain. - [EU Data Act Article 3 Pre-Contract Information](/artifacts/eu/data-act/pre-contractual-information-obligations.md): What Article 3 of the EU Data Act requires before connected-product purchase, rent, lease, or related-service contracting: data categories, access, data holder identity, third-party sharing, complaints, and evidence. - [EU Data Act Article 36 Smart Contract Controls FAQ](/artifacts/eu/data-act/faq/article-36-smart-contract-controls.md): FAQ explaining when EU Data Act Article 36 applies to smart contracts for data-sharing agreements and what controls, conformity evidence, and limits it requires. - [EU Data Act B2B Data Sharing Compensation FAQ](/artifacts/eu/data-act/faq/compensation-for-b2b-data-sharing.md): FAQ on when Data Act data holders may charge B2B data recipients, what reasonable compensation can include, SME limits, unfair terms, disputes, and trade secret safeguards. - [EU Data Act B2G Compensation and Costs FAQ](/artifacts/eu/data-act/faq/b2g-compensation-and-costs.md): FAQ on when Data Act B2G exceptional-need requests are free, when fair compensation may be claimed, which costs can be included, and what records to keep. - [EU Data Act B2G Exceptional Need FAQ](/artifacts/eu/data-act/faq/b2g-exceptional-need.md): When public-sector bodies can request business-held data under the EU Data Act, what a valid request must contain, and how data holders handle limits, trade secrets, compensation, and evidence. - [EU Data Act Checklist for Product, Cloud, and Contract Teams](/artifacts/eu/data-act/checklist.md): A grounded EU Data Act checklist for connected-product data access, third-party sharing, B2G requests, cloud switching, unfair terms, smart contracts, personal data boundaries, evidence, and owners. - [EU Data Act Cloud Switching and Exit Plans](/artifacts/eu/data-act/cloud-switching-and-exit-plans.md): A grounded EU Data Act guide for data processing service exit plans: switching contracts, exportable data, assistance, charges, interoperability, retrieval, erasure, and records. - [EU Data Act Cloud Switching Procurement FAQ](/artifacts/eu/data-act/faq/cloud-switching-procurement-checklist.md): Procurement checklist FAQ for EU Data Act cloud switching: contract terms, exit support, exportable data, switching charges, interoperability, termination, and supplier evidence. - [EU Data Act Compliance Program](/artifacts/eu/data-act/compliance.md): Build a Data Act compliance program for connected-product data access, contracts, B2G requests, cloud switching, smart contracts, GDPR boundaries, records, and ownership. - [EU Data Act Connected Product Scope and Data Types](/artifacts/eu/data-act/scope-connected-products-and-data-types.md): Classify EU Data Act connected products, related services, product data, related-service data, readily available data, metadata, and excluded derived outputs. - [EU Data Act Connected Product Scope FAQ](/artifacts/eu/data-act/faq/scope-connected-products.md): FAQ explaining when connected products, related services, generated data, EU market placement, and SME exceptions fall within EU Data Act scope. - [EU Data Act Data Processing Service Switching](/artifacts/eu/data-act/data-processing-services-switching.md): A grounded EU Data Act guide for provider and customer switching duties: exit assistance, exportable data, contract clauses, charges, interoperability, retrieval, and erasure. - [EU Data Act data spaces interoperability FAQ](/artifacts/eu/data-act/faq/data-spaces-interoperability.md): FAQ explaining Article 33 Data Act interoperability requirements for data-space participants, common European data spaces, standards, APIs, metadata, and architecture evidence. - [EU Data Act deadlines and compliance calendar](/artifacts/eu/data-act/deadlines-and-compliance-calendar.md): A source-linked calendar for EU Data Act application dates, product design timing, contract remediation, cloud switching charges, response periods, standards work, and evidence records. - [EU Data Act Direct Access by Design FAQ](/artifacts/eu/data-act/faq/direct-access-by-design.md): FAQ for product and legal teams designing user access to connected-product and related-service data under the EU Data Act. - [EU Data Act Enforcement And Competent Authorities FAQ](/artifacts/eu/data-act/faq/enforcement-and-competent-authorities.md): FAQ on who enforces the EU Data Act, how complaints work, how Member States set penalties, when dispute settlement can be used, and when GDPR authorities remain responsible. - [EU Data Act FAQ: scope, access rights, B2G, cloud switching, GDPR, and dates](/artifacts/eu/data-act/faq.md): Grounded EU Data Act FAQ index covering connected-product data access, third-party sharing, B2G exceptional need, cloud switching, smart contracts, GDPR boundaries, unfair terms, trade secrets, and application dates. - [EU Data Act Non-Emergency Public-Sector Requests FAQ](/artifacts/eu/data-act/faq/non-emergency-public-sector-requests.md): FAQ on EU Data Act requests where a public body claims exceptional need outside a public emergency, including scope, request contents, limits, compensation, confidentiality, and evidence. - [EU Data Act Non-Personal Data and Mixed Datasets FAQ](/artifacts/eu/data-act/faq/non-personal-data-and-mixed-datasets.md): FAQ on how the EU Data Act treats non-personal data, mixed datasets, GDPR precedence, user and third-party access, trade-secret limits, and evidence records. - [EU Data Act Penalties and Enforcement](/artifacts/eu/data-act/penalties-and-fines.md): Grounded guide to Data Act penalties under Article 40, Member State enforcement, penalty factors, complaints, judicial remedies, and the GDPR enforcement boundary. - [EU Data Act Pre-Contractual Information FAQ](/artifacts/eu/data-act/faq/pre-contractual-information.md): FAQ on EU Data Act Article 3 pre-contract information for connected products and related services, including data categories, access methods, data holder identity, third-party sharing, and GDPR boundaries. - [EU Data Act Product Data vs Related Service Data FAQ](/artifacts/eu/data-act/faq/product-data-and-service-data.md): FAQ explaining how the EU Data Act separates connected product data, related service data, readily available raw and pre-processed data, metadata, and inferred or derived outputs. - [EU Data Act Readily Available Data FAQ](/artifacts/eu/data-act/faq/readily-available-data.md): FAQ on what counts as readily available data under the EU Data Act, including product data, related service data, metadata, inferred data, and access mechanics. - [EU Data Act Related Services FAQ](/artifacts/eu/data-act/faq/related-services.md): FAQ explaining when software is a Data Act related service, how it links to connected products, which product and service data are in scope, and what exclusions apply. - [EU Data Act requirements](/artifacts/eu/data-act/requirements.md): Source-grounded EU Data Act requirements for connected-product data access, B2B sharing terms, B2G exceptional needs, cloud switching, smart contracts, interoperability, GDPR boundaries, and records. - [EU Data Act Smart Contracts for Data Sharing FAQ](/artifacts/eu/data-act/faq/smart-contracts-for-data-sharing.md): Answers on Article 36 Data Act smart-contract requirements for data sharing: scope, robustness, access control, termination, archiving, conformity assessment, contract terms, and standards status. - [EU Data Act Third-Party Data Sharing FAQ](/artifacts/eu/data-act/faq/third-party-data-sharing.md): FAQ on user-directed third-party data sharing under the EU Data Act, covering data holder duties, recipient limits, trade secrets, security, GDPR, and gatekeepers. - [EU Data Act Trade Secret Safeguards FAQ](/artifacts/eu/data-act/faq/trade-secrets-safeguards.md): FAQ on protecting trade secrets when handling EU Data Act user and third-party data access requests, including safeguards, withholding, suspension, refusal, notices, and records. - [EU Data Act Unfair Contractual Terms FAQ](/artifacts/eu/data-act/faq/unfair-contractual-terms.md): FAQ on Article 13 of the EU Data Act: B2B unfair contract terms, unilateral take-it-or-leave-it clauses, always-unfair terms, presumed-unfair terms, SMEs, model terms, and review evidence. - [EU Data Act User Access and Portability Rights](/artifacts/eu/data-act/access-rights-and-portability.md): Practical guide to EU Data Act user access, connected-product data portability, third-party sharing, trade secret safeguards, and the GDPR boundary. - [EU Data Act Users, Data Holders, and Recipients FAQ](/artifacts/eu/data-act/faq/users-data-holders-and-recipients.md): FAQ explaining Data Act users, data holders, data recipients, connected products, related services, user access, third-party limits, and GDPR boundaries. - [EU Data Act vs Data Governance Act](/artifacts/eu/data-act/data-act-vs-data-governance-act.md): Compare the EU Data Act with the Data Governance Act: connected-product access, cloud switching, B2B/B2G duties, protected public-sector reuse, intermediaries, altruism, governance, and enforcement. *Recommended next step* *Placement: after evidence section* ## Data Act Map Your Vehicle Data Access Workflow Turn vehicle-data guidance into a field-level access matrix covering connected vehicles, related services, users, third parties, safeguards, GDPR checks, and aftermarket delivery routes. - [Open Research Copilot](/solutions/research-copilot.md): Get cited answers on Data Act vehicle-data scope, actors, access routes, and safeguards. - [Discuss Vehicle Data Access](/contact.md): Review connected-vehicle, repair, mobility, and third-party access workflows against the Data Act guidance. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/data-act/faq/vehicle-data-guidance