février 28 2024

EDPB Provides Guidance on Determining a 'Main Establishment' and the 'One-Stop-Shop' Mechanism


On February 13 2024, the European Data Protection Board ("EDPB") adopted an opinion on the concept of a data controller's main establishment under Article 4(16)(a) of the General Data Protection Regulation ("GDPR") and whether the one-stop-shop mechanism can be relied upon by organisations to communicate with just one European supervisory data protection authority ("SA") about GDPR compliance rather than multiple SAs in up to twenty-seven countries across the European Union.

Making a decision about whether an organisation can legitimately rely on the one-stop-shop mechanism under the GDPR is often of critical importance to a controller when attempting to respond to crisis events such as cyber attacks.

Compétences et Secteurs liés

Domaines de compétences

Stay Up To Date With Our Insights

See how we use a multidisciplinary, integrated approach to meet our clients' needs.