Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679

SECTION 3  CONTENT OF THE OBJECTION

23. The subject matter of the objection may refer to whether there is an infringement of the GDPR and/or to whether the envisaged action in relation of the controller or the processor complies with the GDPR. The type of content will depend on the specific draft decision at issue and on the circumstances of the case.

24. Additionally, the CSA’s objection will have to clearly demonstrate the significance of the risks posed by the draft decision as regards the fundamental rights and freedoms of data subjects and, where applicable, the free flow of personal data within the Union. The existence of an infringement and/orthe non-compliance of the envisaged action should be assessed in light of the significance of the risks that the draft decision, if left unchanged, poses to the rights and freedoms of data subjects and, ifrelevant, the free flow of personal data.