Skip to main content

Index

Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonised rules on fair access to and use of data and amending Regulation (EU) 2017/2394 and Directive (EU) 2020/1828 (Data Act)

Source : EU law
Code/RS : 2023/2854
  • Abbreviation :

    Data Act

  • Provision :

    Art. 3

  • Short description :

    Obligation to make product data and related service data accessible to the user

  • Nature of the provision :

    Right to request data (Right to access data directly if possible)

  • Status :

    Transitional period Note: The obligation under Art. 3(1) applies to connected products and connected services placed on the market after 12 September 2026.

  • Sector :

    All

Legal text :

1. Connected products shall be designed and manufactured, and related services shall be designed and provided, in such a manner that product data and related service data, including the relevant metadata necessary to interpret and use those data, are, by default, easily, securely, free of charge, in a comprehensive, structured, commonly used and machine-readable format, and, where relevant and technically feasible, directly accessible to the user. 2. Before concluding a contract for the purchase, rent or lease of a connected product, the seller, rentor or lessor, which may be the manufacturer, shall provide at least the following information to the user, in a clear and comprehensible manner: a) the type, format and estimated volume of product data which the connected product is capable of generating; b) whether the connected product is capable of generating data continuously and in real-time; c) whether the connected product is capable of storing data on-device or on a remote server, including, where applicable, the intended duration of retention; d) how the user may access, retrieve or, where relevant, erase the data, includi.ng the technical means to do so, as well as their terms of use and quality of service. 3. Before concluding a contract for the provision of a related service, the provider of such related service shall provide at least the following information to the user, in a clear and comprehensible manner: a) the nature, estimated volume and collection frequency of product data that the prospective data holder is expected to obtain and, where relevant, the arrangements for the user to access or retrieve such data, including the prospective data holder's data storage arrangements and the duration of retention; b) the nature and estimated volume of related service data to be generated, as well as the arrangements for the user to access or retrieve such data, including the prospective data holder's data storage arrangements and the duration of retention; c) whether the prospective data holder expects to use readily available data itself and the purposes for which those data are to be used, and whether it intends to allow one or more third parties to use the data for purposes agreed upon with the user; d) the identity of the prospective data holder, such as its trading name and the geographical address at which it is established and, where applicable, of other data processing parties; e) the means of communication which make it possible to contact the prospective data holder quickly and communicate with that data holder efficiently; f) how the user can request that the data are shared with a third party and, where applicable, end the data sharing; g) the user's right to lodge a complaint alleging an infringement of any of the provisions of this Chapter with the competent authority designated pursuant to Article 37; h) whether a prospective data holder is the holder of trade secrets contained in the data that is accessible from the connected product or generated during the provision of a related service, and, where the prospective data holder is not the trade secret holder, the identity of the trade secret holder; i) the duration of the contract between the user and the prospective data holder, as well as the arrangements for terminating such a contract.

Actor with an obligation to share data

Designers and manufacturers of connected products, and designers and providers of related services (or ‘designers and manufacturers/providers’); As a result, (i) the seller, hirer or lessor, who may be the manufacturer of the connected product, and (ii) the provider of the related service must provide certain information to users before entering into a contract.

Beneficiaries

‘User of connected products or related services’ = a natural or legal person that owns a connected product or to whom temporary rights to use this connected product have been contractually assigned, or that receives related services.

Linking criteria for Switzerland

Linking criteria for Switzerland

Financial aspects

Free

Binding and/or enforceable

Binding obligation; enforceable right

Conditions for accessing data

Existence of data on connected products or related services (where relevant and technically feasible, this data must be directly accessible to the user)

Exceptions and limitations

Exceptions applicable to obliged persons: Art. 7: Business-to-consumer and business-to-business data sharing obligations do not apply to data generated through the use of connected products manufactured or designed or related services provided by: - a microenterprise or small enterprise, or by - a company that has qualified as a medium-sized enterprise for less than one year and for connected products for one year after the date on which they were placed on the market by a medium-sized enterprise

Before concluding a contract, the seller, hirer or lessor, who may be the manufacturer, must inform the user in a clear and comprehensible manner whether the connected product is capable of generating dynamic data.

Format

Comprehensive, structured, commonly used and machine-readable format

Plateform

n/a

Notes

Note relevant to the regulation, and not just to this article: Chapter VII (‘Unlawful international governmental access and transfer of non-personal data’) requires data processing service providers to take all appropriate technical, organisational and legal measures, including contracts, in order to prevent international and third-country governmental access and transfer of non-personal data held in the EU where such transfer or access would create a conflict with EU law or with the national law of the relevant Member State. Any decision or judgment of a third-country court or tribunal and any decision of a third-country administrative authority requiring a provider of data processing services to transfer or give access to non-personal data will only be recognised or enforceable under the conditions specified in Art. 32(2) and 32(3). Chapter VIII (‘Interoperability’) sets out essential requirements regarding the interoperability of data, of data sharing mechanisms and services as well as of common European data spaces for participants in data spaces that offer data or data services to other participants.

Actor with an obligation to share data Designers and manufacturers of connected products, and designers and providers of related services (or ‘designers and manufacturers/providers’); As a result, (i) the seller, hirer or lessor, who may be the manufacturer of the connected product, and (ii) the provider of the related service must provide certain information to users before entering into a contract.

Beneficiaries ‘User of connected products or related services’ = a natural or legal person that owns a connected product or to whom temporary rights to use this connected product have been contractually assigned, or that receives related services.

Linking criteria for Switzerland Art. 1(3): The obligation applies to: - Swiss companies = manufacturers of connected products placed on the market in the EU / providers of related services; - Swiss data holders that make data available to data recipients in the EU. Beneficiaries: - Swiss users of connected products and related services located in the EU; - Swiss data recipients located in the EU to whom the data is made available.

Financial aspects Free

Binding and/or enforceable Binding obligation; enforceable right

Conditions for accessing data Existence of data on connected products or related services (where relevant and technically feasible, this data must be directly accessible to the user)

Exceptions and limitations Exceptions applicable to obliged persons: Art. 7: Business-to-consumer and business-to-business data sharing obligations do not apply to data generated through the use of connected products manufactured or designed or related services provided by: - a microenterprise or small enterprise, or by - a company that has qualified as a medium-sized enterprise for less than one year and for connected products for one year after the date on which they were placed on the market by a medium-sized enterprise

Time component Before concluding a contract, the seller, hirer or lessor, who may be the manufacturer, must inform the user in a clear and comprehensible manner whether the connected product is capable of generating dynamic data.

Format Comprehensive, structured, commonly used and machine-readable format

Plateform n/a

Notes Note relevant to the regulation, and not just to this article: Chapter VII (‘Unlawful international governmental access and transfer of non-personal data’) requires data processing service providers to take all appropriate technical, organisational and legal measures, including contracts, in order to prevent international and third-country governmental access and transfer of non-personal data held in the EU where such transfer or access would create a conflict with EU law or with the national law of the relevant Member State. Any decision or judgment of a third-country court or tribunal and any decision of a third-country administrative authority requiring a provider of data processing services to transfer or give access to non-personal data will only be recognised or enforceable under the conditions specified in Art. 32(2) and 32(3). Chapter VIII (‘Interoperability’) sets out essential requirements regarding the interoperability of data, of data sharing mechanisms and services as well as of common European data spaces for participants in data spaces that offer data or data services to other participants.

Compilation and Disclaimer

This index was prepared on behalf of the IPI by the law firm id est avocats Sàrl (for the section on Swiss law) and the law firm Pierstone (for the section on European law). 

This index does not constitute legal advice, and no guarantee is given regarding its completeness. 

Neither id est avocats Sàrl, nor Pierstone, nor the IPI or the FDJP can be held liable for any decisions or actions taken on the basis of this index.