EDPB GDPR Compliance Templates Consultation

The European Data Protection Board (EDPB) has launched a public consultation to gather ideas for developing ready-to-use GDPR compliance templates for organizations. The consultation seeks input on the most useful template types and closes on December 3, 2025.

EDPB Consultation on User Accounts for E-commerce Websites

The European Data Protection Board (EDPB) has launched a public consultation on its Recommendations 2/2025 concerning the legal basis for requiring user accounts on e-commerce websites. The consultation is open for comments until February 12, 2026.

EDPB Public Consultation on Processor Binding Corporate Rules

The European Data Protection Board (EDPB) has launched a public consultation on its Recommendations 1/2026 concerning Processor Binding Corporate Rules. The consultation is open until March 2, 2026, and aims to gather feedback on the application, elements, and principles for these rules under GDPR.

Guidance on Reporting Scams Pretending to be Companies House

Companies House has published guidance on how to report scams that impersonate the agency. The guidance details how to identify and report suspicious phone calls and emails, providing examples of known scam tactics.

Companies House Transition Plan for Economic Crime Act

Companies House has published an outline transition plan for the Economic Crime and Corporate Transparency Act 2023. The plan details the indicative timeline for commencing key provisions, with updates indicating potential postponements for certain measures to prioritize identity verification and stakeholder feedback.

Companies House Identity Verification Legal Requirement

Companies House has issued guidance stating that identity verification for directors and persons with significant control will become a legal requirement from November 18, 2025. This marks the start of a 12-month transition period for companies to comply.

Companies House Fees and Powers Update

Companies House will implement new fee structures effective February 1, 2026, with digital filing fees for incorporation, confirmation statements, and voluntary strike-offs increasing. These changes, alongside new powers granted by the Economic Crime and Corporate Transparency Act, aim to enhance the UK's corporate registers and combat economic crime.

Insolvency Service Shuts Down UK Business Registration Services

The UK Insolvency Service has shut down three companies that facilitated the registration of over 11,000 UK businesses for overseas clients, primarily from China. These companies operated without proper registration and failed to conduct anti-money laundering checks, creating a false impression of UK presence for their clients.

S-Bank Fined EUR 1.8 Million for GDPR Violations

The European Data Protection Board reports that the Finnish Supervisory Authority has fined S-Bank EUR 1.8 million for GDPR violations related to a data security vulnerability. The bank failed to implement adequate safeguards, leading to a personal data breach affecting a significant proportion of its customers.

EDPB Strengthens Global Data Protection Cooperation

The European Data Protection Board (EDPB) held a meeting with Data Protection Authorities from countries and organizations with an EU adequacy decision to strengthen global data protection cooperation. This follows up on a previous meeting in October 2024 and focuses on sharing information and experiences in international data protection enforcement.