The EU Data Act is Here – Are You Ready?

Posted by Jon Wood on Sep 03, 2025 Last updated Sep 03, 2025

If you’re a CIO, CTO, IT manager, compliance lead, or responsible for your organisation’s cloud strategy, the EU Data Act is now more than regulatory small print – it fundamentally impacts how you handle your infrastructure, data assets, vendor relationships, and competitive position. This EU law comes into effect in September 2025, with further requirements applying from 12 September 2026.

Here’s what you need to know to stay ahead:

Your New Responsibility: Data Portability Across Systems and Partners

From 12 September 2026, providers of connected products and related services must ensure that users can directly access and retrieve the data they generate. Meeting this obligation requires secure, scalable, and auditable methods for extracting, transforming, and delivering data, regardless of whether it resides in legacy applications, on-premises systems, or IoT streams. A robust data migration and integration solution is not optional; it’s a critical necessity for legal compliance and long-term competitiveness.

Breaking Free from Data Access Restrictions

Under the EU Data Act, cloud switching must now be technically achievable and contractually supported. Providers of cloud services are required to enable data portability and allow access for third parties designated by their customers. This means the onus is on providers to ensure compliance. If your current cloud vendor isn’t meeting your needs, you’re now legally empowered to move. However, you’ll require expert partners to navigate complex environments – especially those involving multi-tenant platforms, encrypted workloads, or significant data volumes.

Think Portability, Not Just Migration

Traditional migrations are typically “one-off” events. The EU Data Act introduces a continuous requirement for data mobility, demanding regular exchanges of data across systems, geographies, and partners. You’ll need data migration solutions capable of automation, repeatable processes, interoperability, and robust governance. Essentially, you’re not simply migrating – you’re building an agile data infrastructure prepared for the future.

Compliance, Transparency, and Control Matter More than Ever

The Act clarifies that the term “data processing services” applies to all models of cloud services contracts, including IaaS, PaaS, and SaaS. Article 30 “Technical aspects of switching” distinguishes between:

  1. Providers of data processing services that concern scalable and elastic computing resources limited to infrastructural elements such as servers, networks, and the virtual resources necessary for operating the infrastructure (IaaS).
  2. Providers of other data processing services, including PaaS and SaaS contracts.

Recital 81 further explains this by saying that the concept of “data processing services” is deliberately broad. It covers a wide variety of services, with many different purposes, functions, and technical setups – but they all fit into one or more of the three delivery models: IaaS, PaaS, or SaaS. In simpler terms: if it’s a cloud service, regardless of its complexity or specialisation, it’s covered by the Data Act.

Expect increased scrutiny from auditors, customers, and regulators who will require proof that your data sharing practices and cloud migrations adhere strictly to EU standards. Data residency, access control, encryption, and audit trails have never been more critical. Choosing a migration solution with built-in compliance controls significantly reduces your audit risks and boosts your organisational credibility.

Costs and Switching Rules

It’s important to note that switching costs can be levied by providers until 12 January 2027. These costs cannot exceed the actual costs incurred by the provider directly linked to the switching process, such as providing access to automated switching tools, testing tools, or assistance with switching. After that date, the provider may not charge switching costs.

It’s Not Just Compliance – It’s a Competitive Advantage

The EU Data Act represents an opportunity – not just a compliance burden. Secure, portable data allows your organisation to:

  • Innovate rapidly with new data-driven services.
  • Collaborate seamlessly with partners in real-time.
  • Extract value from previously inaccessible or siloed assets.

Data migration has evolved from a backend necessity to a strategic business enabler. The right investments in tools and partnerships today will drive innovation tomorrow.

Don’t Just Migrate – Mobilise

The EU Data Act is transforming data strategies for every organisation operating within or interacting with the EU. Data migration is now integral – not optional – to achieving compliance, agility, and competitive advantage.

At Transvault , we specialise in helping organisations:

  • Seamlessly navigate complex data environments.
  • Confidently migrate data across cloud and on-premises infrastructures.
  • Enable secure, governed data sharing and collaboration.
  • Build future-ready data infrastructures to capitalise on emerging opportunities.

Let’s talk about how we can transform your data into a powerful advantage.

Speak To A Migration Specialist Today