Google’s main regulator in the European Union, Ireland’s Data Protection Commissioner, is investigating the technology giant over its handling of personal data for marketing uses.

Lately, there have been a number of submissions against the company, the IDP Commissioner said, according to a Reuters report. These include web browser Brave, which complained last year that Google and other digital advertising firms were misusing people’s data.

The point that Brave made was that with any visitor to the website, highly personal data that describe them and what they are doing online is broadcast to tens or hundreds of companies, without permission or even their knowledge, to sell for the use of marketing companies and their targeted adverts.

“A statutory inquiry pursuant to section 110 of the Data Protection Act 2018 has been commenced in respect of Google Ireland’s processing of personal data in the context of its online Ad Exchange,” the Irish DPC said in a statement.

The inquiry would establish whether these allegations were valid and if the processing of personal data for advertising complied with the GDPR.

Google would not be the first to submit to the DPC, many large technology firms that have their European headquarters in Ireland, will come under the watch of the Irish DPC. Earlier this month there had been  51 large-scale investigations underway, 17 of which related to large technology firms including Twitter, LinkedIn, Apple and a number into Facebook and its WhatsApp and Instagram subsidiaries.

If indicted, GDPR has provisions for fines for violations of up to 4% of a company’s global revenue or 20 million euros ($22 million), whichever is higher.

Google seems unfazed with the situation, saying, “We will engage fully with the DPC’s investigation and welcome the opportunity for further clarification of Europe’s data protection rules for real-time bidding. Authorized buyers using our systems are subject to stringent policies and standards,” a spokesperson for Google said on Wednesday.