The EU Data Act: What It Means for Saas Providers – and How to Get Ready

Posted on by

SaaS and digital service providers sit at the center of the new regulatory framework introduced by the Data Act.

Starting in 2025, their contractual, technical, and pricing models will need to evolve to meet new requirements around data portability, interoperability, and customer mobility. The regulation fundamentally reshapes how SaaS companies design their architectures, structure their offerings, and secure long‑term commercial relationships.

The analysis below highlights the key changes to anticipate and the areas where strategic planning will be essential.

Scope and Timeline: Who Is Affected?

The Data Act entered into force in January 2024 and became fully applicable in September 2025.

Any organization offering a data‑processing service—of any kind—within the EU or to customers located in the EU falls under its scope. This includes, in particular:

  • SaaS platforms
  • PaaS and IaaS offerings
  • IT services hosting customer data
  • Mobile apps and analytics tools
  • AI services or dashboards embedded in broader solutions

In practice, your organization may be affected even if you are not acting as a cloud provider.

An Exception for Highly Customized Services ?

Article 25 of the Data Act provides a limited exemption for services whose core functionalities are developed specifically for a single customer and are not deployed at scale. In such cases, the provider may be exempt from certain switching‑related obligations.

However, the customer’s right to terminate with two months’ notice still applies—even for fully bespoke solutions. Fixed‑term commitments will therefore need to be reconsidered.

Switching Fees, Exit Fees, and Pricing Pressure

The Data Act distinguishes several types of fees related to provider switching.

Switching Fees

Fees charged for moving from one service to another must be strictly cost‑based until January 12, 2027, after which they will be prohibited—except for highly customized services.

Exit Fees

Fees charged when leaving a service will become difficult to justify if they create dependency or discourage customer mobility.

What Remains Possible

Providers may still:

  • incorporate the ongoing cost of maintaining export and migration tools into their pricing,
  • offer premium migration‑support services that go beyond the regulatory minimum.

The challenge will be designing pricing models that remain both compliant and commercially viable.

Two‑Month Notice Period and Securing Fixed‑Term Contracts

One of the major innovations of the Data Act is the universal right for any customer to terminate any contract with two months’ notice—at any time, including for customized solutions.

Fixed‑term contracts remain possible, but their stability will now depend on the strategic use of proportionate early‑termination penalties.

Important note: the customer cannot exercise the termination right for convenience. It must correspond to an actual switch to another provider or a move to an on‑premises infrastructure (the customer’s own data center).

Penalties Under the Data Act

The Data Act explicitly allows such penalties, provided they:

  • reflect the provider’s actual economic loss,
  • compensate for the interruption of a commitment rather than the act of switching providers,
  • do not undermine portability.

In practice, these penalties may become the primary tool for stabilizing long‑term commitments once switching and exit fees are phased out.

Designing defensible, economically sound, and proportionate penalties will require careful analysis. There is no one‑size‑fits‑all solution.

Unfair Terms and Contractual Balance

The Data Act introduces a framework to regulate contractual terms unilaterally imposed on business customers when they may restrict portability or create an imbalance in the relationship.

Key clauses to reassess include:

  • unilateral modification clauses,
  • liability limitations,
  • portability and cooperation obligations,
  • renewal mechanisms,
  • any clause that may hinder switching.

This framework complements French rules governing “significant imbalance” in B2B contracts, while adopting a mobility‑focused approach. Future case law will clarify its boundaries.

Aurele IT will closely monitor any upcoming decisions that further clarify this framework and will keep you informed

Commission Model Clauses: A Future Market Standard?

The European Commission has published draft model contractual clauses to support switching, export, and interoperability obligations.

Although not mandatory, these templates are expected to:

  • shape market expectations,
  • influence contract negotiations,
  • be required by major or regulated customers.

Providers should closely monitor updates to these templates, which may become a practical reference point.

Conclusion: A New Commercial Balance for SaaS Providers

The Data Act establishes a contractual paradigm built on customer mobility, interoperability, and pricing transparency. For SaaS providers, compliance goes far beyond updating documentation. It requires a strategic redesign of the offering, including:

  • revisiting pricing models,
  • designing compliant export and migration mechanisms,
  • adapting fixed‑term commitments,
  • integrating proportionate penalties to secure long‑term relationships.

Preparing early will allow providers to enter the 2025–2027 period with contractual frameworks that are both compliant and resilient.

AURELE IT supports SaaS and digital service providers in the contractual, strategic, and regulatory adjustments required under the Data Act. For any questions or tailored support, our team is here to help.