EU Data Act Notice Generator

Connected-product data access and sharing disclosure

Product and service

Identify the connected product, related service, and user-facing context.

Data holder

The legal entity responsible for making generated data available.

Data generated

Add each generated data category with format, volume, cadence, and retention.

Access method

Select at least one access path and define timing, channel, authentication, and limits.

Access methods

Sharing terms

Describe third-party access, user-directed sharing, and contractual boundaries.

Trade secrets and IP

Record safeguards for protected information without blocking lawful access by default.

Portability and switching

Explain export formats, switching support, and data availability after termination.

User rights summary

Summarize access, use, sharing, complaint, and restriction information in plain language.

Export JSON

The JSON uses the same structured model as the notice engine.

Golden self-tests

Required fields; >=1 data category; access method present; JSON round-trip.

Not run

    Data Act structure

    Use this checklist when reviewing the generated notice before contract use.

    • Identify the connected product, related service, and data holder before the user commits.
    • Describe generated data by category, format, approximate volume, cadence, and retention.
    • State how the user can access, use, and share generated data with a third party.
    • Explain trade-secret, IP, confidentiality, and security safeguards in a proportionate way.
    • Include portability and switching information in practical, machine-readable terms.
    • This tool aids composition only. The data holder remains responsible for legal accuracy; it is not legal advice.
    Checking draft

    About the EU Data Act Connected-Product Data Notice

    Manufacturers of connected IoT devices and related digital services must legally inform users about the data their products collect and how it can be accessed. Formulating a compliant EU Data Act notice empowers users with data portability rights and mitigates the risk of regulatory enforcement actions. Product managers can effectively articulate data categories, access instructions, and third-party sharing terms to provide clear, upfront transparency.

    How it works

    1. List the specific categories of data generated by the connected device or service.
    2. Explain clearly how the user can access, retrieve, or request portability of their data.
    3. Identify any third parties with whom the data might be shared and detail the sharing terms.
    4. Generate a concise, user-friendly notice to be included with the product documentation or app interface.

    Frequently asked questions

    What is the primary objective of the EU Data Act for connected products?

    The Data Act aims to ensure fairness in the digital environment by granting users (both consumers and businesses) the right to easily access, use, and share the data generated by the connected devices they own or rent.

    Does the Data Act apply to personal or non-personal data?

    The regulation applies to both personal data and non-personal machine-generated data produced by connected products and related services.

    How quickly must a manufacturer provide data to a user upon request?

    Data must be made available to the user without undue delay, easily, securely, and where relevant and technically feasible, continuously and in real-time.

    Can manufacturers charge users for accessing their own data?

    Manufacturers cannot charge the user for accessing the data generated by their product, but reasonable compensation may be allowed when transferring data to authorized third parties under specific B2B conditions.

    References