15/02/24 (Agence Europe) – On Thursday 15 February, the European Data Protection Board (EDPB) issued an opinion in which, at the request of the French data protection authority, it clarifies the concept of a data controller’s ‘principal place of business’ in the EU under the GDPR, particularly in cases where decisions concerning processing are taken outside the EU. According to the EDPB, the ‘place of central administration’ should only be considered as a main establishment if...