Data Act FAQ for DPOs
EU Digital Strategy Working Group
October 2025
The EU Data Act creates a new framework for accessing and sharing data from connected products, related services, and cloud environments. Although not a data-protection law, it works closely alongside the GDPR and affects how organizations handle both personal and non-personal data. For DPOs and data practitioners alike, the regulation introduces new user rights, new obligations for data holders, and practical challenges in aligning data-sharing requirements with GDPR principles.
This FAQ – drafted by the CEDPO EU Digital Strategy Working Group – provides DPO-focused insights on scope, key concepts, and compliance touchpoints – facilitating a better understanding and interpretation of the Data Act, how to manage risks, and support your organization as the regulation comes into force.
Note: The FAQ was drafted before the release of the European Commission Digital Omnibus proposal and as such is subject to change.
You can download the paper here:
