Question 1

When did the EU Data Act come into effect?

Accepted Answer

The EU Data Act entered into force on January 11, 2024, and became applicable on September 12, 2025. Main obligations (Articles 4-5 for data access and third-party sharing, cloud switching provisions) are now in force and must be complied with.

Question 2

Does the EU Data Act apply to products already on the market before September 2025?

Accepted Answer

No. The Data Act only applies to connected products placed on the EU market after September 12, 2025. Products placed on the market before this date are grandfathered. However, significant updates (major firmware releases, new features) may constitute a "new product" subject to the regulation.

Question 3

What are the upcoming 2026 and 2027 deadlines?

Accepted Answer

September 12, 2026: "Data by design" obligations apply to new connected products (products must be designed from the start to enable easy data access). Enhanced interoperability requirements for cloud services also take effect. January 12, 2027: Complete ban on cloud switching charges. September 12, 2027: Full data portability standards implementation.

Question 4

What implementation approaches are available?

Accepted Answer

Organizations can implement compliance through in-house development (typically 18-24 months) or by leveraging pre-built platforms like Fiskil (8-12 weeks). The approach depends on technical resources, timeline requirements, and existing infrastructure. Documenting implementation efforts is valuable for regulatory discussions.

Question 5

What is the current enforcement status?

Accepted Answer

Member States are establishing enforcement frameworks. Germany and France have already designated authorities and specified penalties (up to 4-5% of global annual turnover). Enforcement is ramping up in 2026, with focus expected on large manufacturers and high-profile violations. Customer complaints can trigger investigations immediately.

Question 6

Are there grace periods for organisations that missed the deadline?

Accepted Answer

No official grace periods exist. However, enforcement is being phased in as Member States designate authorities and establish frameworks. Organizations demonstrating good-faith compliance efforts and rapid implementation may face more lenient treatment than those ignoring obligations entirely.

Question 7

What penalties can we face for non-compliance?

Accepted Answer

Penalties are set by Member States but must be "effective, proportionate, and dissuasive." Germany permits fines up to €5 million or 4% of global annual turnover. France allows up to 5% for repeat violations. If personal data is involved, GDPR penalties (up to €20 million or 4%) may also apply.

Question 8

Is the EU Commission publishing additional guidance?

Accepted Answer

Yes. The Commission continues to publish implementing acts and guidance documents. Fiskil monitors these developments and updates our platform automatically to reflect new guidance and evolving regulatory interpretations.

EU Data Act Timeline: Key Dates and Implementation Phases

What the Law Requires

Key Dates

What This Means in Practice

Streamlined Implementation with Fiskil Data Provider

Enterprise-Ready Infrastructure

Security & Compliance

Scale & Reliability

Frequently Asked Questions

Related Resources

Ready to Get Started?