EU Data Act Chapter IV: New Contract Compliance Requirements

With the EU Data Act now fully applicable, Chapter IV obligations immediately cover contracts concluded after 12 September 2025. October represents the first full month where customer, partner, and cloud agreements must show fair terms, reasonable compensation, and switching support. Organizations must urgently test templates against Articles 19 through 30 and establish governance processes ensuring ongoing compliance.

Chapter IV fairness requirements overview

The Data Act's Chapter IV establishes full fairness requirements for data access and cloud service contracts. Article 19 prohibits unfair contract terms that create significant imbalances between parties' rights and obligations, particularly affecting small and medium enterprises. Terms limiting data portability, imposing excessive termination penalties, or restricting legitimate data use are presumptively unfair and may be invalidated.

Article 20 specifies that fairness assessments must consider the nature of the data, the parties' relative bargaining positions, and whether terms were individually negotiated or imposed through standard contracts. Large organizations contracting with SMEs bear particular responsibility for ensuring terms do not exploit bargaining imbalances. Contract terms that deviate significantly from industry practice without clear justification may face regulatory challenge.

Organizations must review existing contract templates to identify provisions that may violate fairness requirements. Common problematic clauses include exclusive licensing terms that prevent data sharing, indemnification provisions shifting disproportionate liability to smaller parties, and termination clauses that impose unreasonable notice periods or penalties. Legal teams should establish review processes that flag potentially unfair terms before contract execution.

Switching and portability obligations

Articles 23 through 27 establish full switching and portability rights for customers of data processing services. Service providers must enable customers to switch to alternative providers or bring data in-house without undue technical or contractual barriers. This includes providing data in commonly used, machine-readable formats and offering reasonable assistance during transition periods.

Article 25 mandates transparent fee structures for switching services. Providers may charge reasonable fees reflecting actual costs of switching assistance during transitional periods, but must reduce charges progressively and eliminate switching fees entirely by 2027. Organizations must publish clear fee schedules and ensure customers can access switching cost information before committing to contracts.

Technical readiness for switching requires documented data export procedures, standardized data formats, and tested migration tooling. If you are affected, validate that customers can extract their data within mandated timelines without requiring extensive technical expertise or incurring hidden costs. Exit testing should show that switching procedures work reliably across different customer scenarios.

Article 26 addresses functional equivalence requirements ensuring that data remains usable after export. Providers cannot structure data in proprietary formats that effectively prevent migration or degrade data utility post-switching. Documentation must explain data structures, schemas, and any transformations applied during export to enable receiving systems to process imported data correctly.

Smart contract safeguards under Article 30

Article 30 introduces specific requirements for smart contracts used in data sharing arrangements. Smart contracts must include kill switches that enable authorized parties to end or pause automated execution when circumstances warrant intervention. These safeguards prevent automated data sharing from continuing inappropriately when business relationships change or when security concerns arise.

Implementation of Article 30 requires technical controls that can halt smart contract execution without corrupting underlying data or creating inconsistent states. Organizations deploying smart contracts for data sharing must document termination procedures and test that kill switches function correctly across various scenarios. Recovery procedures should restore parties to appropriate states after smart contract termination.

Audit trails for smart contract operations must capture sufficient detail to show compliance with Data Act requirements. Logs should record authorization decisions, data transfers, fee calculations, and any interventions that pause or end automated processing. These records support regulatory oversight and help resolve disputes about smart contract behavior.

Contract inventory and remediation

If you are affected, catalog every agreement signed since 12 September 2025 and identify any that rely on pre-Data Act terms. Legacy contract language that does not address Chapter IV requirements may expose organizations to regulatory action or customer disputes. Systematic inventory enables focus ond remediation of contracts presenting the highest compliance risk.

Remediation strategies may include contract amendments to incorporate required provisions, renegotiation with counterparties to address fairness concerns, or replacement of non-compliant agreements with updated templates. If you are affected, establish timelines for remediation that balance legal risk against operational disruption and counterparty relationship considerations.

Template governance processes should prevent new contracts from being executed without Chapter IV compliance validation. Deal desk checkpoints should verify that required provisions are present and that any deviations from standard templates have been reviewed and approved. Automated compliance checks can flag missing provisions before contracts reach signature stage.

Operational compliance processes

Ongoing compliance requires processes that support customers exercising their Data Act rights. Customer success and support teams need training on switching procedures, fee structures, and data export capabilities. If you are affected, develop standardized responses to switching requests that meet regulatory timelines while maintaining service quality.

Dispute resolution mechanisms should be established before conflicts arise. The Data Act encourages voluntary dispute settlement, and you should identify appropriate mediation or arbitration providers. Internal escalation procedures should address how disputed switching requests or fairness challenges are handled and who has authority to resolve disagreements.

Monitoring and reporting capabilities should track compliance metrics including switching request volumes, resolution timelines, fee calculations, and any disputes or escalations. Executive dashboards can highlight compliance status, identify emerging issues, and support regulatory reporting requirements. Regular compliance reviews should assess whether processes remain effective as customer volumes and regulatory expectations evolve.

60-day priority list

• Complete inventory of all contracts signed after 12 September 2025 and assess Chapter IV compliance status.
• Review and update contract templates to incorporate fairness, switching, and portability requirements.
• Establish deal desk checkpoints that validate Chapter IV compliance before contract signature.
• Develop and test data export procedures that meet switching timeline and format requirements.
• Publish transparent fee schedules for switching assistance services.
• Train customer-facing teams on Data Act rights and switching procedures.
• Establish dispute resolution mechanisms and escalation procedures.
• Implement compliance dashboards tracking switching requests, timelines, and resolution status.

What this means

The Data Act's Chapter IV obligations represent a significant shift in data contracting practices that organizations must address systematically. While the requirements impose operational burdens, organizations that embrace fair contracting and customer portability can differentiate themselves competitively and build stronger customer relationships based on service quality rather than lock-in.

If you are affected, view Chapter IV compliance as an opportunity to review and improve contracting processes more broadly. The discipline required to meet Data Act requirements—clear terms, transparent pricing, documented procedures—benefits organizational operations regardless of regulatory mandates.

Recommended: early engagement with customers and counterparties about Data Act implications rather than waiting for disputes or regulatory inquiries. Transparent communication about switching procedures and rights can strengthen relationships and reduce conflict when customers exercise their options.