By Mugurel Olariu, RPD protectie date

The European body specialized in data protection – EDPB, adopted on May 12, 2022 Guidelines 6/2022 regarding the practical implementation of the amicable settlements. Although the title of the regulation seems elliptical, it specifically refers to the complaints of the individuals, respectively to their possibility to formulate and submit the complaint to the Supervisory Authority.

For an easier understanding, we state that the natural person has two options for submitting the complaint: to the controller/processor and to the supervisory authority. Thus, for the first possibility – submitting the complaint directly to the controller/processor, the common provisions of the GDPR are applicable, regarding the regime of registration, analysis and response within the shortest period or 30 days from its submission.

The instrument in question – Guidelines 6/2022 specifies the second possibility, namely the practical implementation of the amicable settlements submitted to the supervisory authority, according to recital 131 of the GDPR.

Guidelines 6/2022 is structured in four chapters, respectively: Scope and aim, Definition of the term amicable settlement, General legal analysis and Legal consequences and practical recommendations for supervisory authorities.

Also, Guidelines 6/2022 also presents two annexes, the FIRST containing a Checklist: Steps in handling a case via amicable settlement and ANNEX 2: Countries where amicable settlement is not possible in accordance with the national legislation.

Regarding Annex 1 – Checklist, the EDPB mentions a number of 5 steps to be followed by the supervisory authorities, respectively:
1) Background of the case.
2) Early cooperation with other SAs (where applicable).
3) Consultation of all concerned parties at an early stage.
4) Has an amicable settlement been reached?
5) Does the final decision comply with Article 60 GDPR (in OSS cases)? •

Annex no. 2 mentions that the following 14 countries have indicated that amicable solutions are not possible under their national legislation, namely Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Greece, Malta, Poland, Portugal, Slovakia , Slovenia, Spain and Sweden.

In addition, we also specify the fact that from the perspective of the Code of Conduct, it includes specifications covering both possibilities, i.e. both to ensure that the controller/processor who have adhered to this instrument comply with the provisions of the GDPR regarding the resolution of complaints, as well as the fact that the verification and supervision mechanism is created for the Supervisory Authority in the exercise of investigative and corrective powers.

In addition, for the members of the Code of Conduct, the existence of a specific additional mechanism is also foreseen through which concrete measures are adopted for the amicable settlement of disputes.

In conclusion, with the exception of the 14 EU Member States that do not recognize this possibility of amicable settlement of the complaints of the persons concerned at the SA level, in the other EU or EEA Member States, this procedure is applicable, being fully recognized and validly carried out.

Articolul precedentMGA certificate for 7777 gaming
Articolul următorAggregators make online casino operators’ lives easier