The European Commission has been reprimanded for breaching its own data protection rules when using Microsoft 365.
New EU data protection rules – doing business just got easier
The reprimand came from the European Data Protection Supervisor (EDPS) and is the culmination of an investigation that started in May 2021, following the Schrems II ruling.
According to the data supervisor, the EC has violated several data protection regulations, including rules for the transfer of personal data outside the EU/European Economic Area (EEA).
According to the organisation, “In particular, the Commission has failed to provide adequate safeguards to ensure that personal data transferred outside the EU/EEA is afforded an essentially equivalent level of protection to that guaranteed in the EU/EEA.
