Data ownership is a collective term for rights to use, reuse, and commercialization of data within a collaboration. Under Dutch law, data is not legally a classic object of property. In our practice, we see entrepreneurs who, in the case of a joint venture or IT project, only realize upon termination that they have no claim to the generated data. Good contractual agreements in advance are essential — Dutch property law offers no safety net.

What is the legal problem?

Classical property law does not automatically apply to data. Nevertheless, parties attach value to the exclusive use, reuse, and monetization of data. Internationally, data protection, intellectual property, contractual licenses, and specific sector rules operate intertwined. Without clear contractual agreements, uncertainty arises regarding who is allowed to do what with the data.

What does the law say?

The GDPR (Regulation 2016/679) governs the rights of data subjects and the obligations of controllers and processors. Since 12 September 2025, the EU Data Act (Regulation (EU) 2023/2854) has governed access to and sharing of data from connected products. Databases may be protected under sui generis database law (Directive 96/9/EC, in the Netherlands the Database Act 1999). Non-personal data is primarily governed contractually.

For trade secrets, Directive (EU) 2016/943 and the Dutch Trade Secrets Protection Act apply. For non-personal data, Regulation (EU) 2018/1807 on the free movement of non-personal data applies additionally.

What risks do companies face?

Without an arrangement, any party can claim ownership of valuable joint data. Misuse of data by a joint venture partner can cause irreversible strategic damage. Non-compliance with portability or access rights under the Data Act or Article 20 of the GDPR leads to fines. International disputes regarding data exploitation often only arise upon termination of the collaboration.

Practical example from our practice

We advised a Dutch and German partner who were jointly developing a platform for logistics data. The joint venture contract was silent on data ownership. Upon termination, each party demanded a full copy and the right to continue. Upon contract renewal, we incorporated a data allocation scheme: raw customer data remained with the original party; aggregated data became JV property; upon termination, buyout or transfer against independent valuation. Conflict averted, and the JV was successfully sold for 8.4 million euros.

What can you do?

Differentiate between raw data, derived data, and aggregated data. Regulate who holds which rights (use, reuse, monetization, transfer). Align with GDPR, Data Act, and sector law. Incorporate exit arrangements with data portability and usage rights after termination. Provide for licenses between parties if exclusivity is not desired. See also our article on AI clauses in commercial contracts.