What are the key Data Act obligations for EU businesses?

Ensure data accessibility for users. Enable data portability between services. Protect trade secrets during data sharing. Implement fair contract terms. Provide data to public bodies in emergencies.

What is the maximum fine for Data Act non-compliance?

The maximum fine under Data Act is Per member state (effective, proportionate, dissuasive).

Which sectors does Data Act affect?

Data Act applies to: IoT Manufacturers, Cloud Services, Data-driven Services.

EU Data Act

The Data Act ensures fair access to and use of data generated by connected products and related services. It establishes rules for data sharing between businesses and with public bodies.

What does Data Act require and when does it apply?

Data Act applies to IoT Manufacturers and Cloud Services organisations across all EU member states. The key deadline is September 12, 2025. Non-compliance carries a maximum penalty of Per member state (effective, proportionate, dissuasive). Core obligations include ensure data accessibility for users and enable data portability between services.

Ensure data accessibility for users
Enable data portability between services
Protect trade secrets during data sharing
Implement fair contract terms
Provide data to public bodies in emergencies

Deadline	September 12, 2025
Max fine	Per member state (effective, proportionate, dissuasive)
Primary sectors	IoT Manufacturers, Cloud Services, Data-driven Services

Source: Official Journal of the EU — EU Data ActReviewed: 2026-05-01

TL;DR

Data Act: Per member state (effective, proportionate, dissuasive) max fine

Data Act applies to IoT Manufacturers and Cloud Services organisations in all EU member states. Key deadline: September 12, 2025.

Source: Official Journal of the European Union — EU Data Act

Deadline

September 12, 2025

Max Fine

Per member state (effective, proportionate, dissuasive)

Sectors Affected

IoT Manufacturers, Cloud Services, Data-driven Services

Per member state (effective, proportionate, dissuasive)maximum fine

The highest penalty for non-compliance with Data Act in the EU.

EU Official Journal

How do I comply with Data Act?

Ensure data accessibility for users
Enable data portability between services
Protect trade secrets during data sharing
Implement fair contract terms
Provide data to public bodies in emergencies

Does Data Act apply to your business?

Find out in 2 minutes with our free regulation checker.

Check now — free

Related Regulations

AI Act

The EU AI Act classifies AI systems by risk level and imposes obligations on providers and deployers. High-risk systems face mandatory conformity assessments, documentation, and human oversight requirements.

GDPR

GDPR governs the processing of personal data of EU residents. It requires lawful basis for processing, data subject rights, breach notification, and accountability measures.

NIS2

NIS2 expands cybersecurity obligations to essential and important entities across critical sectors. It mandates risk management, incident reporting, and supply chain security.

Next step — classify

Classify your AI systems

Use the free regulation checker to find out exactly which Data Act obligations apply to your business in 2 minutes.