European Data Act Compliance Checklist: 10 Key Steps

REVIEW EXISTING CONTRACTS

Evaluate and amend or update contracts with users to ensure that - if you are a data holder - you have the right to still use readily available data. Define clear terms regarding data access, use, and sharing, in compliance with the Data Act’s fairness principles.

The Data Act prohibits data holders to use readily available (non-personal) data without the user’s permission in a contract. You should therefore conduct a comprehensive review of all contracts with users to ensure that - if you are a data holder - you have the right to use readily available data. Evaluate existing agreements to ascertain whether they adequately define clear terms regarding data access, use, and sharing, in accordance with the fairness principles mandated by the Data Act. Verify that contracts explicitly specify the rights and obligations of both parties regarding the use of data generated, collected, or processed through connected products or related services. Ensure that users are granted appropriate access to the data they generate, while also verifying that you in the role of a data holder may use the data for your own purposes. Further, establish safeguards to protect proprietary information, i.e., trade secrets. Assess whether contractual provisions pertaining to data-sharing adhere to the non- discriminatory requirements outlined in the Data Act. Verify that users are not subjected to unfair contractual terms that may impede their ability to access or utilize the data effectively. Where necessary, amend existing contracts to align them with the provisions of the Data Act, ensuring transparency, fairness, and legal compliance. Seek legal counsel or regulatory guidance to address any ambiguities or discrepancies in contractual language and facilitate a smooth transition to Data Act compliance.

5/13