Navigating the Data Act’s B2B Unfairness Test: A Practical Guide

18 August 2025   |   By Marten Männis

Digital Policy

Navigating the Data Act’s B2B Unfairness Test: A Practical Guide

With the EU’s Data Act (Regulation (EU) 2023/2854) becoming fully applicable on 12 September 2025, corporate counsel must prepare for its impact on commercial contracting. Beyond its well-known provisions on data access, Article 13 introduces a potent and binding unfairness test for B2B agreements. This new regime targets unilaterally imposed terms concerning data access and use, fundamentally altering the risk landscape for any company operating in the European data economy.

The Rationale: Levelling the B2B Playing Field

Historically, tests for unfair contract terms have been a hallmark of B2C consumer protection law. The Data Act transposes this concept into the B2B sphere to address a specific market failure: the significant imbalance in bargaining power in the data economy. The rules aim to protect all enterprises, though the policy is particularly driven by the need to shield SMEs from “take-it-or-leave-it” terms often presented by larger technology platforms or manufacturers. Article 13 attempts to correct this imbalance by rendering unfair clauses non-binding, ensuring that access to data is governed by more equitable principles.

What Companies Need to Know

• Applicability timeline. Article 13 applies to contracts concluded after 12 September 2025. From 12 September 2027, it can also apply to contracts concluded on or before 12 September 2025 where they are of indefinite duration or due to expire at least ten years after 11 January 2024.
• What is “unilaterally imposed”? A term is considered unilaterally imposed if it was supplied by one party and the other could not influence its content, despite an attempt to negotiate. The burden of proof lies with the party that supplied the term to show it was negotiated. The party that supplied the contested term may not argue that the term is unfair.
• What is the scope? The test applies to contract clauses on data access/use and the liability/remedies for breaching those data-related obligations. It does not cover the main subject matter of the contract or the adequacy of the price. Terms reflecting mandatory Union law or Union default rules are not considered unfair.
• What is the effect? An unfair term is non-binding. The remainder of the contract survives, provided it is severable. Parties cannot contractually exclude or opt out of these protections.

The Three Tiers of the Unfairness Test

1. The General Principle – Article 13(3)
   At its core, a clause is unfair if it “grossly deviates from good commercial practice in data access and use, contrary to good faith and fair dealing.” This acts as a catch-all provision, offering a foundational argument against exploitative clauses that may not fall neatly into the specific lists below.
2. The Blacklist: Always Unfair – Article 13(4)
   Automatically unfair and non-binding where unilaterally imposed:

• Exclude or limit liability for intentional acts or gross negligence.
• Exclude remedies for non-performance or the imposing party’s own liability for breach.
• Give the imposing party the exclusive right to determine the conformity of data supplied or to interpret any term of the contract.

3. The Greylist: Presumed Unfair – Article 13(5)
   Presumed unfair (though rebuttable by the imposing party) where terms:

• Inappropriately limit remedies for non-performance or liability for breach, or extend the counterparty’s liability.
• Allow the imposing party to access or use the other party’s data in a manner significantly detrimental to their legitimate interests, including where data are commercially sensitive, protected by trade secrets, or IP.
• Prevent the other party from using data it provided or generated during the contract, or limit use so it cannot adequately use, capture, access, control, or exploit the data’s value.
• Prevent termination within a reasonable period.
• Prevent obtaining a copy of the party’s provided or generated data during the contract or within a reasonable period after termination.
• Enable termination at unreasonably short notice, taking into account switching feasibility and financial detriment, except where there are serious grounds.
• Allow substantial unilateral changes to price or other substantive data-sharing conditions without a valid reason, reasonable notice, and a free termination right for the other party; carve-out for indeterminate-duration contracts that specify valid reasons, provide reasonable notice, and allow no-cost termination.

Practical Guidance for Corporate Counsel

Drafting and Negotiation Strategy
When acting as the supplier, remove any “blacklist” terms from standard templates and replace them with proportionate, fault-based clauses. If relying on “greylist” terms, build in fairness by ensuring mutuality, objective triggers, and clear counterparty protections.

When acting as the recipient, use the presumptions in the “greylist” as leverage. Tag standard terms for scrutiny and press for deletion of suspect clauses or counterbalancing rights, including explicit rights to use and obtain copies of your own data. Maintain a record of negotiation attempts to evidence that a term was unilaterally imposed.

Operational Contract Review Checklist

1. Inventory & Classify: Identify all clauses related to data access, use, and liability. Classify as standard vs individually negotiated.
2. Screen for Blacklist Terms: If present, mark as high risk for non-enforceability and replace.
3. Scrutinise Greylist Terms: If present, require justification or revise with objective limits and safeguards.
4. Check Termination & Variation Clauses: Ensure termination periods are reasonable; for any unilateral variation, require valid reasons, reasonable notice, and a free termination option; in short-notice termination scenarios, assess switching feasibility and financial detriment.
5. Confirm Data Rights: Ensure explicit rights to use data provided/generated during the term and to obtain a copy during and after the term.
6. Protect Sensitive Data: Tighten any supplier access rights to commercially sensitive information, trade secrets, or IP.

Given the centrality of data infrastructure, Article 13 provides a binding mechanism for enterprises of all sizes to challenge unilaterally imposed unfair terms on data access, use and liability, reducing lock-in risk.