The Data Act, applicable September 12, 2025, establishes harmonized rules for data sharing in the EU and affects users and manufacturers of connected products, data holders and recipients, data processing service providers, and public sector bodies. Noncompliance can result in fines up to €20 million or 4% of global annual turnover, whichever is higher. The Data Act covers personal and non-personal data from connected products and related services. It applies to manufacturers, users, data holders, and recipients in the EU. The Act focuses on business-to-consumer and business-to-business data sharing. It requires connected products to be designed for easy data access by users and mandates that data holders make data available to users and third parties upon request. It also sets conditions for data holders making data available to recipients and establishes dispute resolution mechanisms and allows for technical protection measures against unauthorized data use. The Act aims to balance data access rights with protections for businesses, fostering a fair and competitive data economy while respecting existing data protection laws. Kiteworks supports compliance with the Data Act. Here’s how:

Solution Highlights

  • Comprehensive audit logs
  • Secure web forms
  • Role-based access controls
  • Enterprise Connect
  • Double encryption
  • User data management

Accessible and Verifiable Data

Laid out in chapter 2 are mandates that manufacturers design connected products and related services to allow easy, secure, and free access to data for users. Data holders must make readily available data accessible to users upon request, free of charge, in a structured format. Users have the right to share data with third parties, and personal data sharing must comply with GDPR requirements. The platform’s secure web forms enable organizations to obtain explicit user consent for data collection and use, aligning with the Act’s requirements for transparency. Kiteworks’ comprehensive audit logging system captures all user activities, including file access, uploads, and deletions, providing a detailed trail for accountability. The system allows users to easily access and delete their personal information, supporting the right to data portability and erasure. Role-based access controls and the principle of least privilege ensure that data is accessed only by authorized users, maintaining data security.

Protect Data With Access Controls and Robust Security

Encapsulated in chapter 3 of the Data Act are requirements for data holders to make data available to recipients under fair, reasonable, and nondiscriminatory terms. Data holders may implement technical protection measures against unauthorized access but must not hinder legitimate data use. The platform’s comprehensive audit logging system captures all user activities without throttling, providing a single, consolidated activity log that can be searched, filtered, and sorted, thus supporting transparency. Role-based access controls and the principle of least privilege ensure data is accessed only by authorized users, aligning with the Act’s requirements for fair data access. The Enterprise Connect feature allows secure access to external repositories while respecting their access controls, facilitating data sharing across different systems. Additionally, Kiteworks’ hardened virtual appliance architecture, with its multilayered security approach and strong double encryption, helps protect data during sharing processes, supporting the Act’s emphasis on data security and protection against unauthorized access.

The EU Data Act introduces significant changes to data sharing practices, affecting a wide range of stakeholders and imposing substantial penalties for noncompliance. Kiteworks offers a comprehensive suite of features that align closely with the Act’s requirements, supporting organizations in their compliance efforts. The platform’s secure web forms, detailed audit logging, role-based access controls, and principle of least privilege functionality address key aspects of data transparency, accessibility, and security. Kiteworks’ Enterprise Connect feature facilitates secure cross-repository data sharing, while its hardened virtual appliance architecture with multilayered security and strong encryption protects data integrity. Combined with the platform’s ability to enable user data access and deletion, Kiteworks is a valuable tool for organizations seeking to navigate the complex landscape of Data Act compliance, helping them balance data accessibility with robust security measures in the evolving European data economy.

 

Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who feel confident in their content communications platform today. Select an option below.

Lancez-vous.

Avec Kiteworks, se mettre en conformité règlementaire et bien gérer les risques devient un jeu d’enfant. Rejoignez dès maintenant les milliers de professionnels qui ont confiance en leur plateforme de communication de contenu. Cliquez sur une des options ci-dessous.

Jetzt loslegen.

Mit Kiteworks ist es einfach, die Einhaltung von Vorschriften zu gewährleisten und Risiken effektiv zu managen. Schließen Sie sich den Tausenden von Unternehmen an, die sich schon heute auf ihre Content-Kommunikationsplattform verlassen können. Wählen Sie unten eine Option.

Comienza ahora.

Es fácil empezar a asegurar el cumplimiento normativo y gestionar los riesgos de manera efectiva con Kiteworks. Únete a las miles de organizaciones que confían en su plataforma de comunicación de contenidos hoy mismo. Selecciona una opción a continuación.

Share
Tweet
Share
Explore Kiteworks