EU lawmakers agreed a GDPR Procedural Regulation to harmonise how cross-border cases are handled between national regulators — targeting the delays and disputes that have dogged the one-stop-shop mechanism.
The one-stop-shop was meant to give organisations a single lead regulator for pan-EU processing. In practice, complex cross-border cases stalled amid procedural differences between authorities.
The new regulation sets common deadlines, clarifies complainants' and parties' rights, and tightens cooperation between the lead authority and other 'concerned' regulators — without reopening the substance of the GDPR itself.
The aim is faster, more predictable outcomes: better for complainants seeking redress and for businesses seeking certainty.
The information contained within this resource does in no way constitute legal advice. Any person who intends to rely upon or use this information is solely responsible for independently verifying it and obtaining independent expert advice if required.
Need to act on this?
We advise on GDPR compliance, transfers, AI and breach response.