1 minute read
1.2. The European Data Protection Board (EDPB
SUGGESTION
In principle, because the GDPR applies across the EU, an SME can use templates and tools for GDPR compliance developed by any European DPA, regardless of the place of its establishment. However, it must be considered that some national rules for processing personal data may differ. Several GDPR provisions foresee a possibility of derogations and exceptions.
Advertisement
The European Data Protection Board (EDPB) is an independent European body that contributes to the consistent application of data protection rules throughout the EU. It promotes cooperation between national DPAs. The EDPB is made up of the representatives from the European DPAs and the European Data Protection Supervisor (EDPS). Its decisions concerning cases under the consistency mechanism, certifications and codes of conduct are legally binding.
With the entry into force of the GDPR, the EDPB replaced the Article 29 Working Party (WP29) that in a similar composition, albeit in a solely advisory capacity, addressed issues relating to the protection of privacy and personal data until 25 May 2018.23 Some of WP29 opinions concerning the GDPR’s application were endorsed by the EDPB. Other WP29 opinions may be used to understand key concepts of European data protection laws.
The EDPB regularly issues opinions and guidance clarifying certain aspects of European data protection laws. These documents are not legally
23 WP29 was established under Data Protection Directive 95/46/EC.
