The Council of the EU has introduced new rules to harmonise and speed up cross-border data protection complaint handling under GDPR. Admissibility conditions for complaints are standardised across the EU, complainants and companies have common procedural rights, and straightforward cases may use a simplified process. Investigations now have set deadlines: 15 months for standard cases (extendable for complex matters), and 12 months for simple procedures. The law takes effect 20 days after publication and is enforceable 15 months later.
