Artifact GuideEU

EU Data Act: Fair Access to Connected Product Data and Cloud Switching Requirements

A chapter-by-chapter obligations map with a practical evidence checklist.

Use this as the backbone for your requirements doc, backlog, and audit pack.

Back to main artifactReview sources
Author
Sorena AI
Published
Feb 23, 2026
Updated
Feb 23, 2026
Sections
5

Structured answer sets in this page tree.

Primary sources
2

Cited legal and guidance references.

Publication metadata
Sorena AI
Published Feb 23, 2026
Updated Feb 23, 2026
Overview

EU Data Act requirements are easiest to implement when you map them to owners and artifacts. This page breaks down obligations across the most operational chapters (II-VI), then lists the evidence artifacts you should be able to produce on demand: dataset manifests, contract clause matrices, online registers, switching drill reports, and case files for exceptional-need requests.

Section 1

Chapter II - connected products and related services: transparency + access workflows

Chapter II is the user-facing access layer for connected product and related service data. The operational requirements are: (1) transparency before purchase and (2) an access and portability mechanism that works securely and predictably.

Your implementation must be specific to the product: define the dataset, the delivery method, and the safeguards.

  • Transparency: publish what data is generated, who the data holder is, and how access works
  • Access workflow: direct access vs indirect request portal; identity verification and secure delivery
  • Third-party sharing: recipient onboarding and secure data sharing mechanisms
  • Evidence: dataset manifest, portal/API specs, request logs, and delivery receipts
Section 2

Chapters III-IV - B2B data sharing terms and unfair contractual terms controls

In B2B relations, the Data Act's contract layer is where most compliance failures happen: unclear dataset scope, weak safeguards, and unfair terms that become non binding.

Treat this as contract engineering: move critical controls into annexes that are executable by technical teams.

  • Dataset scope annex: schemas, formats, metadata, and change-control process
  • Purpose and permitted use: allowed use cases, prohibited uses, retention and deletion
  • Compensation: cost drivers, fee schedule, and dispute mechanics
  • Unfair terms risk (Article 13): avoid one-sided liability/remedies, exclusive interpretation rights, termination traps
  • Evidence: clause matrices, negotiation trail for key terms, and annex version history
Section 3

Chapter V - B2G 'exceptional need': validated requests, minimisation, safeguards, compensation

Chapter V requires data holders (legal persons, other than public sector bodies) to make data available upon a duly reasoned request where an exceptional need exists. Exceptional need is limited in time and scope (Article 15).

Implementation is an intake and disclosure workflow: validate the request, define and minimise the dataset, apply trade secret/GDPR safeguards, and calculate compensation where applicable.

  • Validate exceptional need lane (emergency vs non-emergency statutory task) and SME carve-outs
  • Require request completeness per Article 17 (data + metadata, purpose, safeguards, deadlines, sharing)
  • Safeguards: trade secret marking, pseudonymisation/anonymisation where needed, secure transfer and access control
  • Compensation: free for emergency requests; fair compensation for non-emergency lane (Article 20)
  • Evidence: case file with request packet, decision memo, delivery receipts, deletion proof
Section 4

Chapter VI - cloud switching and exit: contract terms, transparency, charges, technical portability

Chapter VI removes obstacles to switching between providers of data processing services and to on-prem infrastructure. It is contract-heavy (Article 25) and evidence-heavy (Article 26 register, Article 28 disclosures, Article 29 charges, Article 30 interfaces).

Treat this as procurement-grade exit readiness with regular drills.

  • Contract terms: notice <= 2 months; transitional period 30 days; retrieval >= 30 days; maintain security throughout switching
  • Article 26 online register: data structures/formats/standards for exportable data and known limitations
  • Article 28 disclosures: jurisdiction + measures to prevent conflicting international access
  • Article 29 switching charges: reduced charges only 11 Jan 2024-12 Jan 2027; none from 12 Jan 2027
  • Article 30: open interfaces and portability formats; compatibility with common specs/standards after publication
Section 5

Evidence mapping - requirement -> artifact (the 'audit pack' backbone)

Use this as a minimal evidence map. If you can produce these artifacts quickly, you can usually resolve disputes without re-building history.

Automate evidence generation where possible (logs, snapshots, drill reports).

  • Scope decisions -> scope memo + role map + dataset inventory
  • Access rights (Chapter II) -> portal/API specs + request logs + delivery receipts
  • B2B sharing (Chapters III-IV) -> contract clause matrix + annexes + negotiation trail
  • Trade secrets -> trade secret register + safeguard agreements + technical control evidence
  • B2G (Chapter V) -> case file template + minimisation rationale + compensation calculation
  • Cloud switching (Chapter VI) -> contract checklist + online register snapshots + jurisdiction page + drill reports
Recommended next step

Turn EU Data Act: Fair Access to Connected Product Data and Cloud Switching Requirements into an operational assessment

Assessment Autopilot can take EU Data Act: Fair Access to Connected Product Data and Cloud Switching Requirements from turning the requirements into assigned actions to a reusable workflow inside Sorena. Teams working on EU Data Act: Fair Access to Connected Product Data and Cloud Switching can keep owners, evidence, and next steps aligned without copying this guide into separate documents.

Assessment workflow
Open Assessment Autopilot for EU Data Act: Fair Access to Connected Product Data and Cloud Switching Requirements

Start from EU Data Act: Fair Access to Connected Product Data and Cloud Switching Requirements and turn the guidance into owned tasks, evidence requests, and review checkpoints.

Explore next step
Talk to Sorena
Talk through EU Data Act: Fair Access to Connected Product Data and Cloud Switching

Review your current process, evidence gaps, and next steps for EU Data Act: Fair Access to Connected Product Data and Cloud Switching Requirements.

Explore next step
Primary sources

References and citations

Related guides

Explore more topics

Access Rights and Portability | EU Data Act: Fair Access to Connected Product Data and Cloud Switching
EU Data Act access rights and portability (Chapter II) made practical: direct vs indirect access, "readily available" data.
Applicability Test | EU Data Act: Connected Products, B2B Data Sharing, B2G Exceptional Need, Cloud Switching
A practical EU Data Act applicability test you can run in 15 minutes: determine if Chapter II IoT access rights apply (connected products + related services).
B2B Data Sharing Contract Clauses | EU Data Act: Mandatory Sharing, Unfair Terms, Trade Secrets
EU Data Act contract clauses for B2B data sharing made practical: clause library for Chapter III access/use (purpose limits, compensation, security.
B2B Data Sharing Contract Template | EU Data Act: Data Access and Use Agreement (Drafting Checklist)
A practical EU Data Act-aligned B2B data sharing contract template: sections, annexes, and drafting checklist for dataset definition, permitted use.
B2G Exceptional Need Requests | EU Data Act: Public Emergency Data Requests, Safeguards, Compensation
EU Data Act Chapter V B2G 'exceptional need' requests made practical.
Cloud Switching and Exit Plans | EU Data Act Chapter VI: Switch Providers, Port Data, Remove Egress Barriers
EU Data Act Chapter VI cloud switching made practical: Article 23 obstacle removal, Article 25 required contract terms (max 2-month notice, 30-day transition.
Cloud Switching Compliance Checklist | EU Data Act Chapter VI: Contracts, Exportable Data, Fees, Transparency
A detailed EU Data Act Chapter VI cloud switching compliance checklist: Article 25 contract terms (max notice period, 30-day transition, retrieval period).
Compliance Program | EU Data Act Implementation Playbook: Governance, Controls, Evidence, Operating Cadence
Turn the EU Data Act into an implementation program: chapter scoping, roles and ownership, product workflows for Chapter II access.
Deadlines and Compliance Calendar | EU Data Act
Plan EU Data Act delivery with real dates: Regulation applies from 12 Sep 2025.
EU Data Act Checklist | Chapter II Access, B2B Sharing, Unfair Terms, B2G Requests, Cloud Switching
A comprehensive EU Data Act checklist organized by roles and chapters: Chapter II connected product data access (direct vs indirect access).
EU Data Act vs GDPR | Differences, Overlap, Portability, Lawful Basis, Implementation Playbook
EU Data Act vs GDPR made practical: how Chapter II access/portability for connected product data differs from GDPR data subject rights.
FAQ | EU Data Act Explained: Key Dates, Access Rights, Trade Secrets, B2G Requests, Cloud Switching
EU Data Act FAQ with practical answers grounded in official sources: when the Data Act applies (Article 50), direct vs indirect access.
Penalties and Fines | EU Data Act Enforcement: Member State Penalties, GDPR-Linked Fines, Risk Controls
EU Data Act penalties and fines made practical: how Member States set penalties (Article 40), the criteria authorities must consider.
Scope, Connected Products and Data Types | EU Data Act: Fair Access to Connected Product Data and Cloud Switching
EU Data Act scope explained: connected products vs related services, product data vs related service data, readily available data.
Trade Secrets and Protection | EU Data Act: Confidentiality Measures, Withholding Rules, Evidence Pack
EU Data Act trade secrets protection made practical: how to identify trade secret fields before disclosure, how to agree confidentiality measures (NDAs.