The GDPR establishes a consistency mechanism to ensure the regulation is consistently applied throughout the Member States, whereby the supervisory authorities cooperate with each other and, where relevant, with the Commission. The consistency mechanism is used in two situations. The first concerns EDPB opinions in cases where a competent supervisory authority intends to adopt measures, such as a list of processing operations requiring a Data Protection Impact Assessment (DPIA), or to determine standard contractual clauses. The second concerns EDPB binding decisions for supervising authorities in one-stop-shop cases and where a supervising authority does not follow or does not request an opinion from the EDPB.
