The EU Data Act: What It ACTUALLY Means for Small Businesses

The EU Data Act is now in force, but for many small businesses with just a website, a Facebook page, or a client mailing list, it may feel distant. Here’s a simple guide to what matters—and what...

Mark Nolan

19 September 2025 2 Mins Read

From 12 September 2025, the EU Data Act became law across all EU countries, including Spain. It is a big new framework for how companies handle data from connected products and cloud services. For large tech firms it means major change, but what about the smallest businesses—like a café with a website, or a local service provider with a Facebook page and a list of customer contacts?

What Matters for the Smallest Businesses

1. Everyday websites and mailing lists
If you just collect names, phone numbers, or emails (for example in a mailing list, booking form, or client file), the Data Act isn’t adding much beyond what GDPR already requires. You must still protect personal data, keep it secure, and be transparent about what you use it for.

2. Cloud services you rely on
The Act makes it easier to switch between providers of cloud or hosting services. For example, if your website runs on one hosting company and you want to move it, the provider will need to allow you to transfer your data more easily and without high “exit” fees.

3. Connected devices (probably not relevant to you)
The Data Act mostly targets companies making or selling smart products—like vehicles, wearables, or home appliances. If your business doesn’t produce connected devices, this part is unlikely to apply.

4. Contracts and fairness
If you use cloud services, storage, or software subscriptions, providers must now include fairer terms in contracts—so less risk of hidden restrictions or unfair fees.

What You Should Do Now

Stick to GDPR basics: keep your customer data secure, use it only for what you told them, and delete it if it’s no longer needed.
Check your subscriptions: if you use hosting, email, or cloud storage, know that you now have clearer rights to move your data.
Don’t panic: the most disruptive parts of the Data Act are for big manufacturers and cloud providers, not for small local businesses.

Pocket Snapshot

EU Data Act in Plain Words

In force since 12 September 2025.
Big focus: data from smart devices and cloud services.
Small businesses: main benefit is easier switching between hosting and cloud providers, plus reassurance that contracts must be fair.
If you only run a website, social media, and mailing lists—keep following GDPR, and you’re already most of the way there.

Tags:

Main Menu

Trending News

Nutrition, a Key Factor in the Prevention of Breast Cancer

Quirónsalud Torrevieja Hospital inaugurates the exhibition “ALTAS”, a tribute to patients and to 25 years of shared trust

Jane Mansfield’s Legacy on the Road: How a Hollywood Tragedy Saved Lives

Follow Us