This guidance is intended to assist the users of these recording devices in determining whether they are a ‘controller’ with obligations under data protection law, or whether their actions fall within the personal or household exemption, as well as what those obligations are and what steps users can take to ensure that they use these technologies in compliance with data protection law. This guidance also briefly discusses the use of these technologies for law enforcement purposes, although this is not the focus of this guidance note.
Recommendations 2/2025 on the legal basis for requiring the creation of user accounts on e-commerce websites
The EDPB clarifies that mandatory user accounts are only lawful under the GDPR when they are strictly necessary and respect […]