Brussels, 5 November - The European Data Protection Board (EDPB) is taking an important step towards facilitating GDPR compliance for organisations by developing a series of ready-to-use templates. Th…

Brussels, 5 November - During its latest plenary, the EDPB adopted an opinion on the European Commission’s draft decision on the adequate level of protection of personal data in Brazil .* Once adopted…

Brussels, 20 October - During its latest plenary, the EDPB adopted two opinions on the European Commission’s draft decisions on the extension of the validity of the UK adequacy decisions under the Gen…

Brussels, 14 October - During its October plenary, the European Data Protection Board (EDPB) picked the topic for its fifth coordinated enforcement action, which will concern compliance with the oblig…

Brussels, 10 October -   On the occasion of the upcoming entry into operation of the EU Entry Exit System (EES) on 12 October 2025, the Coordinated Supervision Committee (CSC) will include the EE…

Brussels, 09 October - The European Data Protection Board (EDPB) and the European Commission endorsed joint guidelines on the interplay between the Digital Markets Act (DMA) and the General Data Prote…

Brussels, 9 October - The EDPB is organising a remote stakeholder event to collect stakeholders’ input on anonymisation and pseudonymisation following the clarification on the scope of the concept of …

Brussels, 12 September - During its September plenary meeting, the European Data Protection Board (EDPB) has adopted guidelines on the interplay between the Digital Services Act (DSA) and the General …

The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have jointly issued a new opinion on a European Commission proposal to amend regulations, including the GDPR, simplifying rules for small and medium-sized enterprises (SMEs) and small mid-cap enterprises (SMCs) by extending certain mitigating measures and introducing new definitions. The proposal aims to modify GDPR Article 30 to provide a derogation for record-keeping obligations for enterprises employing fewer than 750 people, as long as processing operations do not pose high risks to individuals' rights. The EDPB and EDPS support the proposal to reduce administrative burdens for SMEs and SMCs while ensuring the protection of individuals' fundamental rights. They welcomed the targeted modifications to record-keeping obligations and emphasized the importance of compliance tools like codes of conduct and certification, urging further clarifications on the impact of the proposed thresholds and definitions on affected organizations.

The European Data Protection Board (EDPB) adopted a Statement in Helsinki aimed at making GDPR compliance easier for organizations, particularly small and medium ones, to strengthen consistency and enhance cross-regulatory cooperation. EDPB Chair Anu Talus emphasized the importance of aligning technological advancements with fundamental rights to ensure a stronger digital economy, and the EDPB will provide resources like templates and checklists to simplify GDPR compliance.