The Data Act
The Data Act applies: does your warehouse operation still have control over its own data?
On the floor, data rarely feels like a legal topic. It sits in scanners, forklifts, conveyors, machine events, cloud connections, and in dashboards the team relies on when pressure increases. Only when something gets stuck, a supplier does not cooperate, an audit question arises, or an export simply turns out not to be available, does it become clear how dependent a warehouse operation has become on that data.
For many logistics professionals, this is recognizable. Operations continue, peaks will come anyway, exceptions pile up, and somewhere in between it still has to be explained who is responsible for what. That is precisely why the Data Act is relevant now. Not because another European policy document has been added, but because data from connected products and related services has become less optional since 12 September 2025.
Quick Navigation:
- What has really changed now
- Why this is not a legal side issue in practice
- For warehouse managers, the real risk lies in the in-between space
- Why vendor lock-in is now also becoming a governance issue
- The implementation phase has begun
- What you can expect in the next 12 months
- What a warehouse needs to get clear right now
- Conclusion
The Data Act: who has control over your data?
The core of this blog is simple: warehouse data is no longer just an IT issue, but increasingly an enforceable right and a practical power matter.
What has really changed for warehouse data
Since 12 September 2025, the Data Act applies in the EU. As a result, rights regarding access to, use of, and sharing of data from connected products and related services are no longer preparatory, but in force.
For warehouse management, that is a fundamental difference.
The underlying logic now directly affects the assets and digital services on which warehouse processes are based. The provided baseline information requires careful translation through industrial machines, connected products, cloud switching, and contract conditions. This is not a detail; it is exactly the area where many logistics organizations have experienced friction for years.
The core shift is as follows: data on which operations are based is less automatically under the exclusive control of the supplier. This makes the topic broader than just integration. It touches on ownership, access, contractual power relationships, and the continuity of your logistics operation.
Why this is not a legal side issue in practice
Anyone working in a warehouse knows that operational dependency usually does not start with a legal text. It starts with something concrete.
- A machine that produces data but does not offer a usable export.
- A service partner that has exclusive access to failure data.
- A cloud environment where switching is theoretically possible, but not in practice.
- An audit question where it suddenly becomes unclear who the user is, who the data holder is, and who actually has to provide something.
These are not exceptional edge cases. These are exactly the situations where the Data Act gains weight.
The impact goes beyond access alone. Contract conditions also become sharper. Unfair take-it-or-leave-it clauses come more clearly into focus. Cloud switching becomes more concrete. Model contract terms and standard clauses have been published. A legal helpdesk has been established. The Commission continues to work on interpretation. And in the Netherlands, the step toward enforcement has visibly come closer with formal supervision. All of this together tells one story: the discussion has shifted from abstract policy to execution.
For warehouse managers, the real risk lies in the in-between space
For a busy operation, it is tempting to dismiss this topic as something for legal or IT. That would be a misreading. The risk lies precisely in the in-between space. Between operations and contract. Between machine and service provider. Between data that technically exists and data that is practically available.
Take inbound and putaway. This is where arrival data, scan moments, location data, and machine events arise. As long as no one clearly identifies what data is created, who manages it, and how it should be shared, dependency remains, even if the legal position has changed.
In picking and packing, it becomes even more sensitive. Performance data, user data, and non-personal data quickly become intertwined. Then it is no longer just about access, but also about classification, consent, role allocation, and usage purposes. This is precisely where an operational question can quickly get stuck in ambiguity.
In internal transport and failure interventions, it becomes clear how directly this affects continuity. If data from forklifts, AMRs, or conveyors is not available in time for maintenance, analysis, or a third party, that is not just a technical inconvenience. Vendor lock-in then becomes an operational problem.
Why vendor lock-in is now also becoming a governance issue
Many logistics organizations mainly view vendor lock-in as an IT-related issue, especially during migrations, interfaces, or contract renewals. This perspective is changing. When access to data, switching barriers, and unfair clauses bring not only technical but also legal implications, the internal question shifts. It is no longer enough to know that something is difficult; organizations must be able to demonstrate how access is arranged, which exceptions exist, how requests are handled, and where potential blockages are located.
This does not immediately require drastic replatforming, and that is not being suggested. What is needed is something less drastic but much more concrete:
- Insight into connected products and associated services
- A data catalog per asset or service
Clarity about users and data holders - Assessment of contract clauses
- Logging of data requests
- Verifiable procedures for export, switching, and refusals
Although this may seem administrative, it is in reality essential to ensure that rights do not exist only on paper.
The implementation phase has begun, and that is the real news
Although the entry into force of the Data Act is the trigger, the story only really gains meaning because the months afterward show that implementation is actually in full swing. The Commission published model contract terms and standard clauses. A legal helpdesk was established. Additional FAQs and further interpretation tracks are underway. The Netherlands organized formal supervision. These are signals of a dossier that has moved beyond the preparatory phase.
For logistics professionals, this is relevant because it is precisely in this phase that friction in practice becomes visible. Not in the major principles, but in definitions, procedures, contract boundaries, exportability, and evidence.
That may be the most important observation at this moment: the Data Act is not yet a completed practical regime, but it is no longer a distant future either.
What you can expect on the work floor in the next 12 months
There are three realistic scenarios for what the next 12 months may bring:
In the base scenario, interpretation becomes more concrete, but implementation remains uneven. This is probably the most recognizable path. Many organizations will first work on data catalogs, contract reviews, and exportability, without immediately rebuilding fundamentally.
In a stricter scenario, the tone shifts from awareness to assessment. Complaints, escalations, and supervision then become more visible. For operations, this means more pressure on vendor management, compliance, and documentation.
In the acceleration scenario, the Data Act becomes a lever for exiting lock-in. Not because dependencies disappear on their own, but because organizations more actively link the issue to contract renewals, migrations, and new investment decisions.
For the warehouse manager, the practical lesson in all three scenarios is similar: waiting until a conflict arises is the most expensive way to discover where the weak spots are.
What a warehouse needs to get clear right now
The same tension keeps returning: there is data, but is it also accessible, shareable, explainable, and demonstrably controlled? That is why these are the most relevant questions now:
- Which connected products and related services produce data on which operations depend?
- Who is the user in each situation, and who is the data holder?
- Which data is actually exportable, and through which process?
- Where are the contractual limitations or unfair dependencies?
- Which requests, refusals, and exceptions are already visible but not yet systematically recorded?
These are not policy questions. These are mature operational questions.
The real shift may seem small on paper, but it is significant in meaning
The Data Act changes more for warehouses than just the legal packaging of existing data flows. Since 12 September 2025, access to data from connected products and related services has become less optional than before. Industrial machines explicitly fall within the logic of the framework. Cloud switching, contract conditions, and national enforcement make the discussion more tangible. The power question shifts accordingly. Not suddenly and completely. Not without friction. And certainly not without interpretation and implementation work. But enough to take seriously now.
For logistics professionals, this may be the most important line of thinking: the question is no longer only whether the data exists. The question is whether your organization is already set up in such a way that you can actually enforce something with it.
Sources and background
- EU Data Act gives users control over data from connected devices, European Commission, 12 September 2025
https://digital-strategy.ec.europa.eu/en/news/eu-data-act-gives-users-control-over-data-connected-devices - Data Act, European Commission, accessed April 2026
https://digital-strategy.ec.europa.eu/en/policies/data-act - Data Act explained, European Commission, accessed April 2026
https://digital-strategy.ec.europa.eu/en/factpages/data-act-explained - Commission publishes Frequently Asked Questions about the Data Act, European Commission, FAQ version 1.4 of 22 January 2026, page updated 3 March 2026
https://digital-strategy.ec.europa.eu/en/library/commission-publishes-frequently-asked-questions-about-data-act - Draft Recommendation on non-binding model contractual terms on data access and use and non-binding standard contractual clauses for cloud computing contracts, European Commission, 19 November 2025
https://digital-strategy.ec.europa.eu/en/library/draft-recommendation-non-binding-model-contractual-terms-data-access-and-use-and-non-binding - Commission launches Data Act legal helpdesk, European Commission, 16 December 2025
https://digital-strategy.ec.europa.eu/en/news/commission-launches-data-act-legal-helpdesk - Data Act, Commission seeks feedback on draft Guidelines for reasonable compensation, European Commission, 2 February 2026
https://digital-strategy.ec.europa.eu/en/consultations/data-act-commission-seeks-feedback-draft-guidelines-reasonable-compensation - Implementation of the Data Act: Workshop on guidelines on selected definitions, European Commission, 15 January 2026
https://digital-strategy.ec.europa.eu/en/events/implementation-data-act-workshop-guidelines-selected-definitions - Guidance on vehicle data, accompanying the Data Act, European Commission, 12 September 2025
https://digital-strategy.ec.europa.eu/en/library/guidance-vehicle-data-accompanying-data-act - Rules for data from smart devices, Ondernemersplein, accessed April 2026
https://ondernemersplein.overheid.nl/wetten-en-regels/regels-voor-data-uit-slimme-apparaten/ - Implementation Act Data Regulation, Eenvoudig zoeken – Overheid.nl | Wetten.nl, 2025
https://wetten.overheid.nl/BWBR0051796/ - ACM now authorized to supervise the Data Act, ACM, 21 November 2025
https://www.acm.nl/nl/publicaties/acm-vanaf-nu-bevoegd-om-toezicht-te-houden-op-de-data-act