Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
DANISH SUPERVISORY AUTHORITY: new decision of the European Court of Justice on the “one-stop-shop”

DANISH SUPERVISORY AUTHORITY: new decision of the European Court of Justice on the “one-stop-shop”

A decision of the European Court of Justice in a lawsuit filed by the Belgian Data Protection Authority against Facebook in front of the Belgian Court helps to clarify the interpretation among the so-called mechanism of the “one-stop-shop” and other GDPR disposals.

On the 15th of June 2021, the European Court of Justice has pronounced itself on a lawsuit filed by the Belgian Data Protection Authority against Facebook in 2015 on the recollection of personal data of Belgian citizens.

The case has provided the opportunity to assess, among other things, the portability of the article 58, paragraph 5, of the GDPR, which requires that any supervisory authority of a member state has the power to propose an action in front of national courts.

In particular, there was the need to clarify how this disposal is adopted to the so called mechanism of “one-stop-shop”, based on which the supervisory authority of the country in which the data controller has its main establishment (the main supervisory authority) can, regularly, decide if the data controller has breached the legislation of personal data protection.

In its decision, the EUCJ has confirmed, among other things, that it is possible in some situations for a supervisory authority which is not the main supervisory authority to propose an action in front of a court of national judges against a company which has its main establishment in another member state, pursuant to the article 58, paragraph 5. Anyway, this shall be done in compliance with the mechanism of the “one-stop-shop” and can be required in specific situations, for example when the main supervisory authority has indicated that it will not process the case.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA DANIMARCA

Recommended to you

Advanced Research