The Irish Data Protection Commission (DPC) opened a probe into Google’s data collection practices through online advertising, to establish if it is in breach of the European Union’s (EU) General Data Protection Regulation (GDPR).

In a statement, the DPC said the inquiry related to Google’s processing of data in the context of its online Ad Exchange. “The GDPR principles of transparency and data minimisation, as well as Google’s retention practices, will also be examined,” it said.

DPC is the lead authority covering Google in the EU, and its investigation is in line with GDPR rules adopted by the bloc in 2018, designed to give people more control over how companies use their personal data.

Google’s Ad Exchange is a platform companies can use to target audiences on different websites, with adverts personalised based on the data Google has collected.

In response to the probe, a Google representative said: “We will fully engage with DPC’s investigation and welcome the opportunity for further clarification of Europe’s data protection rules for real-time bidding. Authorised buyers using our systems are subject to stringent policies and standards.”

Google has already been hit with a GDPR-related penalty, when France’s privacy regulatory CNIL fined the company €50 million for lack of transparency and lack of valid consent regarding ad personalisation. Google is appealing the decision.