On December 22, 2021, the Austrian Supervisory Authority (“Authority”) found that an Austrian website that implemented the (free version of) Google analytics violated the GDPR’s rules on international data transfers (see here).
The Authority decided that the Standard Contractual Clauses, combined with the Austrian website operator’s supplementary measures to transfer personal data to Google