In this letter to the European Data Protection Board, ACCIS recalls that – whilst the draft guidelines do not exclude the application of restrictions for the benefit of private entities and for private interests – the examples provided in the draft guidelines do not properly illustrate the full scope of the right to introduce restrictions. Therefore, ACCIS invites the EDPB to add examples regarding private entities and private interest to the description of the alternatives of Article 23 (1) GDPR, such as restrictions protecting private entities from obligations to the extent that they cause a disproportionate effort.