Artifact GuideEUData Act

EU Data Act Article 13 Unfair Contractual Terms

Screen B2B data-access and data-use clauses for Data Act unfair-term risk: unilateral drafting, one-sided remedies, exclusive conformity decisions, blocked data use, termination traps, and unilateral changes to data-sharing conditions.

Use this as a contract-review aid grounded in the Data Act and European Commission implementation materials. It is supporting implementation planning and should be validated against jurisdiction-specific legal, contractual, and policy requirements before implementation.

Back to main artifactReview sources
Author
Sorena AI
Published
May 6, 2026
Updated
May 25, 2026
Sections
6

Structured answer sets in this page tree.

Primary sources
3

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 6, 2026
Updated May 25, 2026
Overview

Article 13 of Regulation (EU) 2023/2854 targets unfair contractual terms unilaterally imposed by one enterprise on another in B2B data contracts. This page turns the rule into a practical review: identify whether the term is in scope, test whether it was imposed rather than negotiated, classify the unfairness concern, capture evidence, and remediate templates or live contracts.

Section 1

Data Act Start with the Article 13 scope test for implementation evidence and owner review

Article 13 does not review every commercial term in a technology contract. It applies to contractual terms about access to and use of data, or liability and remedies for breach or termination of data-related obligations, when one enterprise has unilaterally imposed the term on another enterprise.

Separate this Article 13 review from ordinary price negotiation and from the contract's main subject matter. The Data Act says Article 13 does not apply to terms defining the main subject matter of the contract or to the adequacy of the price as against the data supplied in exchange.

  • In scope: data access permissions, data-use restrictions, copies of generated data, conformity decisions, remedies, liability limits, termination rights, and unilateral changes to data-sharing conditions.
  • Out of scope for this specific review: the main subject matter of the contract and price adequacy, while other Data Act or sector rules may still matter.
  • Review trigger: a new contract, renewal, order form, platform terms update, procurement template, data-sharing addendum, or fallback clause affecting data rights.
Sources for this answer
Regulation (EU) 2023/2854 (Data Act)
Article 13 defines the B2B unfair-term scope and excludes main-subject-matter and price-adequacy review.
Section 2

Data Act Prove whether the term was unilaterally imposed for implementation evidence and owner review

The Article 13 threshold depends on negotiation facts. A term is treated as unilaterally imposed when one contracting party supplied it and the other party could not influence its content despite an attempt to negotiate it.

The supplier of the contested term bears the burden of proving that it was not unilaterally imposed. Contract teams should therefore keep more than the final signed PDF: they need the redline trail, issue log, fallback language, and the counterparty response.

  • Record who supplied the clause, whether it came from standard terms, and whether the other party proposed edits.
  • Keep rejected redlines, negotiation notes, email responses, playbook instructions, and any statement that language was non-negotiable.
  • Do not label a clause negotiated merely because the contract as a whole was negotiated; preserve evidence that the specific clause could be influenced.
  • When your own organisation supplied the term, keep the evidence that the counterparty had a real chance to modify it.
Sources for this answer
Regulation (EU) 2023/2854 (Data Act)
Article 13 explains when a term is considered unilaterally imposed and allocates the burden of proving otherwise.
Section 3

Data Act Classify the clause against the Article 13 unfairness examples

Article 13 has a general unfairness standard: the term must grossly deviate from good commercial practice in data access and use, contrary to good faith and fair dealing. It then gives examples that are always unfair and examples presumed to be unfair.

Treat these examples as review categories for clause remediation. A clause can be problematic because it removes remedies, gives one side exclusive interpretive power, lets one side exploit the other party's data, blocks use or copies of generated data, traps the other party in the arrangement, or allows unjustified unilateral changes.

  • Always unfair: excluding or limiting liability for intentional acts or gross negligence by the party imposing the term.
  • Always unfair: excluding remedies for non-performance or excluding liability for breach by the party imposing the term.
  • Always unfair: giving the imposing party the exclusive right to decide whether supplied data conforms to the contract or to interpret any contractual term.
  • Presumed unfair: one-sided access to the other party's data in a way significantly detrimental to legitimate interests, especially commercially sensitive data, trade secrets, or intellectual property.
  • Presumed unfair: preventing the other party from using data it provided or generated, or preventing it from obtaining a copy during the contract or within a reasonable period after termination.
  • Presumed unfair: preventing reasonable termination, allowing unreasonably short-notice termination without serious grounds, or allowing substantial unilateral changes to price or data-sharing conditions without valid reason and a right to terminate.
Sources for this answer
Regulation (EU) 2023/2854 (Data Act)
Article 13 lists the always-unfair and presumed-unfair categories used to classify risky B2B data terms.
Section 4

Data Act Use the Commission model terms as a remediation benchmark

The European Commission has published non-binding Model Contractual Terms for Data Act data access and use, plus cloud Standard Contractual Clauses. Their use is voluntary, but they are useful remediation references because they were developed to help parties implement the Data Act and to support fairer contract design.

For this page's topic, the most relevant Commission material is the model-term package's explanation that the mandatory data-sharing MCT sets were drafted for data-holder, user, and data-recipient relationships, and that an additional voluntary data-sharing set was drafted to comply with Chapter IV unfairness control.

  • Use the Data Holder to User, User to Data Recipient, and Data Holder to Data Recipient MCT structures when the contract implements mandatory connected-product data sharing.
  • Use the voluntary Data Sharer to Data Recipient MCT as a benchmark when the arrangement is voluntary but still needs Chapter IV unfairness-control discipline.
  • Do not present the MCTs as mandatory or as a substitute for legal review; document where your clause follows, departs from, or cannot use the model wording.
  • For cloud switching contracts, check whether SCC Non-Amendment and SCC Liability concepts expose similar one-sided amendment or liability issues.
Sources for this answer
European Commission - Model Contractual Terms and Cloud SCCs
The Commission page explains that the model contractual terms are voluntary and describes the Data Act relationships they cover.
Recommended next step

Data Act Review Article 13 contract risk with cited evidence

Turn B2B data-contract review into a clause-level record covering unilateral imposition, Article 13 classification, model-term comparison, fallback wording, and remediation ownership.

Research workflow
Open Research Copilot

Check Data Act contract questions against cited official sources.

Explore next step
Talk to Sorena
Talk through implementation

Review B2B data terms, fallback language, and remediation evidence.

Explore next step
Section 5

Data Act Build a contract review record that can survive challenge

An Article 13 review should produce a clause-level record, not only a general legal note. The record should let a later reviewer see the original wording, the negotiation history, the Article 13 category, the proposed remediation, and the final business decision.

This evidence is especially important for standard terms, supplier paper, procurement frameworks, and repeated fallback clauses, because the unilateral-imposition question often turns on how the clause was supplied and handled in negotiations.

  • Minimum record: contract name, counterparty, data roles, clause reference, data affected, business owner, legal owner, and review date.
  • Unilateral-imposition evidence: who supplied the term, whether edits were attempted, whether edits were rejected, and what fallback was offered.
  • Fairness analysis: Article 13 category, why the concern applies or does not apply, source citation, and any trade-secret or commercially sensitive data facts.
  • Outcome: keep, revise, replace, delete, escalate, or accept as an exception with approver and expiry or review trigger.
  • Template control: whether the same clause appears in standard terms, procurement playbooks, order forms, partner agreements, or customer templates.
Sources for this answer
Regulation (EU) 2023/2854 (Data Act)
Article 13 makes negotiation facts and clause severability central to whether the term binds the enterprise affected by it.
Data Act Legal Helpdesk
The Commission helpdesk source supports escalation of concrete Data Act questions when independent review cannot resolve a clause issue.
Section 6

Data Act Remediate unfair-term risk in templates and live contracts

Operational remediation should turn Article 13 findings into controlled contract changes. The point is not to remove every strong commercial position; it is to avoid terms that are non-binding because they were unilaterally imposed and unfair under the Data Act.

Prioritise recurring clauses first. A problematic clause in one live deal may also sit in public terms, supplier templates, procurement forms, API terms, product-data addenda, or partner playbooks.

  • Replace exclusive conformity or interpretation rights with objective criteria, mutual review steps, and dispute escalation.
  • Replace blanket remedy exclusions with balanced remedies tied to non-performance, breach, unauthorised use, confidentiality, or trade-secret safeguards.
  • Replace blocks on generated-data use or copies with Data Act-compatible access, use, export, and post-termination copy language.
  • Replace unreasonable termination or unilateral-change rights with valid reasons, reasonable notice, switching time where relevant, and a no-cost termination right where Article 13 expects it.
  • Create a remediation queue for templates, open negotiations, renewals, high-value contracts, and contracts involving commercially sensitive data or trade secrets.
  • When a clause is retained despite risk, record the source-linked rationale, decision owner, review date, and trigger for re-opening the position.
Sources for this answer
Regulation (EU) 2023/2854 (Data Act)
Article 13 supports remediation priorities for liability, remedies, conformity decisions, data-use restrictions, copies, termination, and unilateral changes.
European Commission - Model Contractual Terms and Cloud SCCs
The Commission model-term package provides voluntary drafting references for Data Act data access, data use, cloud switching, amendment, and liability clauses.
Primary sources

References and citations

Data Act Legal Helpdesk
digital-strategy.ec.europa.eu
Referenced sections
  • The Commission helpdesk source supports escalation of concrete Data Act questions when independent review cannot resolve a clause issue.
Regulation (EU) 2023/2854 (Data Act)
eur-lex.europa.eu
Referenced sections
  • Article 13 supports remediation priorities for liability, remedies, conformity decisions, data-use restrictions, copies, termination, and unilateral changes.
Related guides

Explore more topics

Data Act and Common European Data Spaces
How Data Act Article 33 connects data-space participation with metadata, vocabularies, APIs, access terms, data quality, governance, and standards monitoring.
Data Act and Data Governance Act Overlap FAQ
FAQ explaining where the EU Data Act and Data Governance Act overlap, how they differ, and how to route product, cloud, public-sector reuse, intermediary, and data altruism workflows.
Data Act and GDPR Personal Data Overlap FAQ
FAQ on how the EU Data Act works when connected-product or related-service data includes personal data, mixed datasets, GDPR roles, lawful basis, trade secrets, and third-party sharing.
Data Act Audit Evidence And Request Logs FAQ
FAQ for Data Act request logs covering user and third-party access, B2G exceptional need requests, cloud switching records, contract terms, trade secrets, and GDPR boundaries.
Data Act B2B Data-Sharing Contract Clauses
Clause guide for EU Data Act B2B data sharing: FRAND terms, compensation, trade secret safeguards, recipient limits, termination, logs, and GDPR boundaries.
Data Act B2B Data-Sharing Contract Template
A usable EU Data Act B2B data-sharing template outline covering access requests, data schedules, permitted use, trade secrets, security, compensation, GDPR boundaries, audit records, and termination.
Data Act B2G Exceptional-Need Requests
A grounded guide to EU Data Act Chapter V requests from public bodies: exceptional need, public emergencies, request contents, limits, safeguards, costs, and records.
Data Act Cloud Switching Compliance Checklist
A grounded EU Data Act checklist for cloud and data processing service providers covering switching clauses, notices, export formats, charges, interoperability, and evidence.
Data Act Cloud Switching Contract Terms FAQ
FAQ on EU Data Act cloud switching contract terms: Article 25 clauses, assistance, notice, transition, charges, export, termination, interoperability, and records.
Data Act Cloud Switching Fees And Deadlines FAQ
FAQ on EU Data Act cloud switching charges, 2027 fee removal, notice periods, transition windows, data retrieval, contract terms, and evidence records.
Data Act Complaints and Dispute Settlement FAQ
FAQ on EU Data Act complaints, competent authorities, dispute settlement bodies, B2B data-sharing disputes, B2G requests, cloud switching disputes, and evidence records.
Data Act Exportable Data and Metadata FAQ
FAQ explaining which product, related service, metadata, and cloud switching data must be exportable under the EU Data Act, and which data can be excluded.
Data Act FAQ for Aftermarket Repair and Mobility Services
FAQ on EU Data Act vehicle-data access for repairers, independent service providers, fleets, insurers, and mobility services.
Data Act Functional Equivalence FAQ
FAQ on Data Act functional equivalence for cloud switching: IaaS scope, customer outcomes, export support, interoperability duties, limits, and evidence.
Data Act Indirect Access Request Flows FAQ
FAQ for Data Act teams handling user and third-party data requests when direct connected-product access is unavailable, incomplete, or limited.
Data Act International Government Access FAQ
FAQ on EU Data Act safeguards for non-EU government access to non-personal data held in the Union by data processing service providers.
Data Act Interoperability Standards FAQ
FAQ on EU Data Act interoperability standards for data spaces, cloud switching, smart contracts, harmonised standards, common specifications, and M/614.
Data Act Model Contractual Terms FAQ
FAQ on the EU Data Act non-binding model contractual terms for data access and use, cloud switching clauses, B2B use, unfair terms, and evidence.
Data Act Public Emergency Requests FAQ
FAQ on EU Data Act public emergency requests: exceptional need, request content, timing, data holder response, compensation, confidentiality, and records.
Data Act Smart Contracts for Data Sharing
Data Act Article 36 smart contract guide for data-sharing agreements: scope, robustness, access control, termination, interruption, archiving, standards status, and conformity evidence.
Data Act SME Exceptions and Startups FAQ
FAQ on where the EU Data Act gives micro, small, medium-sized, startup, and SME actors narrower treatment for access duties, compensation, and B2B terms.
Data Act Trade Secret Technical Protection Measures FAQ
FAQ on how EU Data Act data holders can protect trade secrets with confidentiality safeguards, technical measures, limited withholding, suspension, refusal, and evidence.
Data Act Trade Secrets and Protection Measures
Data Act guide for protecting trade secrets during access and sharing: classification, safeguards, refusal thresholds, notices, evidence records, and reviews.
Data Act Vehicle Data Guidance
Commission-grounded guide to Data Act vehicle data access: connected vehicles, vehicle-related services, raw and pre-processed data, aftermarket use cases, access routes, safeguards, and GDPR boundaries.
Data Act vs GDPR: connected-product data access
Compare EU Data Act connected-product access duties with GDPR personal-data rules: scope, roles, lawful basis, data subject rights, third-party sharing, trade secrets, and conflicts.
EU Data Act and Common European Data Spaces FAQ
FAQ on how EU Data Act interoperability duties, Data Governance Act rules, and sector data-space governance fit together without treating participation as a general obligation.
EU Data Act Applicability Test
Check whether a product, related service, data holder, cloud service, data-space role, smart contract, or B2G request is in scope of the EU Data Act.
EU Data Act Application Dates And Transition FAQ
FAQ on when the EU Data Act applies, which obligations are delayed, and what product, contract, cloud, and evidence records teams should maintain.
EU Data Act Article 3 Pre-Contract Information
What Article 3 of the EU Data Act requires before connected-product purchase, rent, lease, or related-service contracting: data categories, access, data holder identity, third-party sharing, complaints, and evidence.
EU Data Act Article 36 Smart Contract Controls FAQ
FAQ explaining when EU Data Act Article 36 applies to smart contracts for data-sharing agreements and what controls, conformity evidence, and limits it requires.
EU Data Act B2B Data Sharing Compensation FAQ
FAQ on when Data Act data holders may charge B2B data recipients, what reasonable compensation can include, SME limits, unfair terms, disputes, and trade secret safeguards.
EU Data Act B2G Compensation and Costs FAQ
FAQ on when Data Act B2G exceptional-need requests are free, when fair compensation may be claimed, which costs can be included, and what records to keep.
EU Data Act B2G Exceptional Need FAQ
When public-sector bodies can request business-held data under the EU Data Act, what a valid request must contain, and how data holders handle limits, trade secrets, compensation, and evidence.
EU Data Act Checklist for Product, Cloud, and Contract Teams
A grounded EU Data Act checklist for connected-product data access, third-party sharing, B2G requests, cloud switching, unfair terms, smart contracts, personal data boundaries, evidence, and owners.
EU Data Act Cloud Switching and Exit Plans
A grounded EU Data Act guide for data processing service exit plans: switching contracts, exportable data, assistance, charges, interoperability, retrieval, erasure, and records.
EU Data Act Cloud Switching Procurement FAQ
Procurement checklist FAQ for EU Data Act cloud switching: contract terms, exit support, exportable data, switching charges, interoperability, termination, and supplier evidence.
EU Data Act Compliance Program
Build a Data Act compliance program for connected-product data access, contracts, B2G requests, cloud switching, smart contracts, GDPR boundaries, records, and ownership.
EU Data Act Connected Product Scope and Data Types
Classify EU Data Act connected products, related services, product data, related-service data, readily available data, metadata, and excluded derived outputs.
EU Data Act Connected Product Scope FAQ
FAQ explaining when connected products, related services, generated data, EU market placement, and SME exceptions fall within EU Data Act scope.
EU Data Act Data Processing Service Switching
A grounded EU Data Act guide for provider and customer switching duties: exit assistance, exportable data, contract clauses, charges, interoperability, retrieval, and erasure.
EU Data Act data spaces interoperability FAQ
FAQ explaining Article 33 Data Act interoperability requirements for data-space participants, common European data spaces, standards, APIs, metadata, and architecture evidence.
EU Data Act deadlines and compliance calendar
A source-linked calendar for EU Data Act application dates, product design timing, contract remediation, cloud switching charges, response periods, standards work, and evidence records.
EU Data Act Direct Access by Design FAQ
FAQ for product and legal teams designing user access to connected-product and related-service data under the EU Data Act.
EU Data Act Enforcement And Competent Authorities FAQ
FAQ on who enforces the EU Data Act, how complaints work, how Member States set penalties, when dispute settlement can be used, and when GDPR authorities remain responsible.
EU Data Act FAQ: scope, access rights, B2G, cloud switching, GDPR, and dates
Grounded EU Data Act FAQ index covering connected-product data access, third-party sharing, B2G exceptional need, cloud switching, smart contracts, GDPR boundaries, unfair terms, trade secrets, and application dates.
EU Data Act Non-Emergency Public-Sector Requests FAQ
FAQ on EU Data Act requests where a public body claims exceptional need outside a public emergency, including scope, request contents, limits, compensation, confidentiality, and evidence.
EU Data Act Non-Personal Data and Mixed Datasets FAQ
FAQ on how the EU Data Act treats non-personal data, mixed datasets, GDPR precedence, user and third-party access, trade-secret limits, and evidence records.
EU Data Act Penalties and Enforcement
Grounded guide to Data Act penalties under Article 40, Member State enforcement, penalty factors, complaints, judicial remedies, and the GDPR enforcement boundary.
EU Data Act Pre-Contractual Information FAQ
FAQ on EU Data Act Article 3 pre-contract information for connected products and related services, including data categories, access methods, data holder identity, third-party sharing, and GDPR boundaries.
EU Data Act Product Data vs Related Service Data FAQ
FAQ explaining how the EU Data Act separates connected product data, related service data, readily available raw and pre-processed data, metadata, and inferred or derived outputs.
EU Data Act Readily Available Data FAQ
FAQ on what counts as readily available data under the EU Data Act, including product data, related service data, metadata, inferred data, and access mechanics.
EU Data Act Related Services FAQ
FAQ explaining when software is a Data Act related service, how it links to connected products, which product and service data are in scope, and what exclusions apply.
EU Data Act requirements
Source-grounded EU Data Act requirements for connected-product data access, B2B sharing terms, B2G exceptional needs, cloud switching, smart contracts, interoperability, GDPR boundaries, and records.
EU Data Act Smart Contracts for Data Sharing FAQ
Answers on Article 36 Data Act smart-contract requirements for data sharing: scope, robustness, access control, termination, archiving, conformity assessment, contract terms, and standards status.
EU Data Act Third-Party Data Sharing FAQ
FAQ on user-directed third-party data sharing under the EU Data Act, covering data holder duties, recipient limits, trade secrets, security, GDPR, and gatekeepers.
EU Data Act Trade Secret Safeguards FAQ
FAQ on protecting trade secrets when handling EU Data Act user and third-party data access requests, including safeguards, withholding, suspension, refusal, notices, and records.
EU Data Act Unfair Contractual Terms FAQ
FAQ on Article 13 of the EU Data Act: B2B unfair contract terms, unilateral take-it-or-leave-it clauses, always-unfair terms, presumed-unfair terms, SMEs, model terms, and review evidence.
EU Data Act User Access and Portability Rights
Practical guide to EU Data Act user access, connected-product data portability, third-party sharing, trade secret safeguards, and the GDPR boundary.
EU Data Act Users, Data Holders, and Recipients FAQ
FAQ explaining Data Act users, data holders, data recipients, connected products, related services, user access, third-party limits, and GDPR boundaries.
EU Data Act Vehicle Data Guidance FAQ
FAQ on EU Data Act vehicle data guidance for connected vehicles, aftermarket repair, mobility services, third-party access, trade secrets, security, and GDPR boundaries.
EU Data Act vs Data Governance Act
Compare the EU Data Act with the Data Governance Act: connected-product access, cloud switching, B2B/B2G duties, protected public-sector reuse, intermediaries, altruism, governance, and enforcement.