Contact Us

EDPB and EDPS Support GDPR Record-Keeping Simplification, Call for Clarifications

Written by Jeremy Werner

Jeremy is an experienced journalist, skilled communicator, and constant learner with a passion for storytelling and a track record of crafting compelling narratives. He has a diverse background in broadcast journalism, AI, public relations, data science, and social media management.
Posted on 07/11/2025
In News

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have welcomed targeted modifications to the EU General Data Protection Regulation (GDPR) that aim to reduce the administrative burden for smaller businesses, while calling for greater clarity on key aspects of the proposal.

 

In a joint opinion released today, the EDPB and EDPS responded to the European Commission’s proposed amendments to the GDPR, part of the broader fourth Omnibus package aimed at simplifying EU rules. The proposed changes would extend the current exemption from maintaining records of data processing operations to enterprises with fewer than 750 employees—up from the current 250—provided the processing does not pose high risks to individuals’ rights.

 

“We support the general objective of the Proposal to reduce the administrative burden for SMEs and SMCs, as long as this does not lower the protection of individuals’ fundamental rights,” said EDPS Wojciech Wiewiórowski. The exemption, he added, must remain limited and not compromise core GDPR principles.

 

EDPB Chair Anu Talus agreed, noting that the current derogation “did not always achieve its goal.” She emphasized that while record-keeping supports compliance and transparency, the simplification offers flexibility to small and mid-sized enterprises (SMEs and SMCs) in choosing how to comply.

 

The joint opinion also calls for clarification on the rationale behind the new 750-employee threshold, as opposed to an earlier 500-employee benchmark. The EDPB and EDPS recommend aligning the exemption with newly introduced definitions of SMEs and SMCs, which include financial criteria.

 

Additionally, they urge legislators to clarify that public authorities are not covered by the proposed exemption under Article 30(5).

 

The joint opinion signals broad support for easing GDPR burdens, but with safeguards to ensure fundamental rights remain protected.

 

Need Help?

 

If you have questions or concerns about any global guidelines, regulations and laws, don’t hesitate to reach out to BABL AI. Their Audit Experts can offer valuable insight, and ensure you’re informed and compliant.

 

What’s New?

Stay up to date with the latest updates.

DeepSeek Upgrades AI Model to Support China’s Domestic Chips Amid Tech Push

DeepSeek Upgrades AI Model to Support China’s Domestic Chips Amid Tech Push

08.29.2025
Nikkei and Asahi Sue Perplexity AI in Japan Over Copyright, Seek $30M in Damages

Nikkei and Asahi Sue Perplexity AI in Japan Over Copyright, Seek $30M in Damages

08.28.2025
Anthropic Reaches Settlement in High-Profile Author Lawsuit Over AI Training Data

Anthropic Reaches Settlement in High-Profile Author Lawsuit Over AI Training Data

08.28.2025

Subscribe to our Newsletter

Keep up with the latest on BABL AI, AI Auditing and
AI Governance News by subscribing to our news letter
By subscribing, you agree with our privacy policy and our terms of service.