GDPR: Sanctions can be imposed in multiple countries

11. 1. 2023
GDPR: Sanctions can be imposed in multiple countries

The European data protection system, the famed GDPR, has undergone a major change following a ruling by the Court of Justice of the European Union. This change consists in partially breaking through the principle of the single supervisory authority jurisdiction derived from the seat of the controlled company. This principle meant that compliance, breaches and potential sanctions were overseen by one specific authority in one single country.

There was little to complain about in theory, but in practice it meant that companies that found it worthwhile to optimize their headquarters, by whatever means, ended up grouped in one country - Ireland. As these were companies such as Meta, Google and Twitter, the Irish supervisory authority has been hopelessly and long term overwhelmed.

The Court therefore ruled that in cases of particular merit and where a breach of the GDPR occurs directly in a particular state, it is possible to break thought this jurisdiction and exercise supervision through local authorities in other Member States. The positives of this decision are undoubtedly that states will now be able to coordinate their supervisory duties more effectively between authorities of multiple states (as the court itself mentions). However, on the flip side, the entities obliged under the GDPR, which are not just giant tech companies, this brings the potential for a crippling amount of supervisory proceedings.

Even the Czech Office for Personal Data Protection can also deal with complaints about personal data breaches that have occurred in the Czech Republic (not only in the everyday use of services such as Facebook or Google).

Need help?

We are here for you and we will be glad to advise you based on more detailed information and documentation. Do not hesitate to contact us to arrange a non-binding consultation meeting.


We give clear answers

In our communication with clients, we do not hide behind long quotations of laws, but give a clear and understandable answer.

We're thinking with you

We always solve a specific problem with respect to the overall needs of the client; we do not take our recommendations out of context.

Newsletter - Stay up to date

We deliver directly to your e-mail

CAPTCHA
Copy image to check against spam.
A test to determine whether or not you are a human user in order to prevent automated spam.
© Schaffer & Partner 2025 | Created by: drualas.cz
Move up