Bavarian data protection authority shows Mailchimp users yellow card - no fine, but final warning

While the majority of data privacy users in Germany is still waiting for a signal from the supervisory authorities as to what a practically implementable compromise between modern cloud services on the one hand and data protection post Schrems-II on the other might look like, the first decision in this regard on the part of the Bavarian Supervisory Authority for Data Protection (BayLDA) has now become public. On March 15, 2021, the authority informed an individual plaintiff that the transmission of his e-mail address by a data controller to the popular US newsletter provider Mailchimp was inadmissible due to a lack of additional data protection measures (Ref. LDA-1085.1-12159/20-IDV).