Schrems II, a framework traditionally focused on companies and organisations that are subject to the GDPR, is now being applied to supervisory authorities challenging institutions and bodies subject to other data protection laws, such as Regulation (EU) 2018/1725-the EU's data protection standard for EU institutions, bodies, offices, and agencies.