This document seeks to provide guidance as to the application of Article 49 of the General Data Protection Regulation (GDPR) on derogations in the context of transfers of personal data to third countries.
Recommendations 2/2025 on the legal basis for requiring the creation of user accounts on e-commerce websites
The EDPB clarifies that mandatory user accounts are only lawful under the GDPR when they are strictly necessary and respect […]