The mechanism that lets cross-border businesses deal with a single lead supervisory authority.
For cross-border processing, the one-stop-shop means a single 'lead' supervisory authority (of the main establishment) coordinates enforcement, working with the other concerned authorities.
It simplifies life for business, though the cooperation and consistency mechanisms can make big cases slow.
In the Regulation
Related terms
Supervisory authorityThe independent national regulator that enforces the GDPR and handles complaints.European Data Protection BoardThe EU body of national regulators that ensures the GDPR is applied consistently and issues guidance.Main establishmentAn organisation's central place of decision-making in the EU — which sets its lead supervisory authority.
Need this applied to your business?
Our data-protection lawyers turn GDPR terms into a working plan.