Supervisory Authorities

< Back
You are here:

All of the EU’s member states must provide one or more independent supervisory authorities, which must act independently of the government and must be provided with adequate resources to undertake their duties.

Supervisory authorities’ tasks will include:

  • Monitoring the application of GDPR
  • Promoting public awareness
  • Handling complaints raised
  • Give advice on processing operations when consulted
  • Review certifications and conduct accreditation of certification bodies
  • Approve binding corporate rules

Each supervisory authorities’ powers will include:

  • The power to investigate through data protection audits
  • Corrective powers through:
    • warnings,
    • reprimands,
    • limitations on processing
    • Withdrawal of certifications
    • Impose administration fines
    • Suspend data flows to third countries
  • Authorisation and advisory powers

Entities operating in more than one state can choose a lead supervisory authority for all their pan-EU activities in order that they need liaise with only one SA.  These lead authorities will monitor compliance in respect of cross-border processing by an organisation whose main establishment is in that Member State.

Mark Roebuck

Mark Roebuck

Building a career around data led programme management Mark recognised that existing data compliance solutions were complex and difficult for clients to use. Frustrated with the options he founded ProvePrivacy to provide an effective and simple to use data protection compliance solution.

Copyright:  All information and articles provided represent the views of ProvePrivacy Limited and our contributors.  They do not constitute legal or data protection advice. All rights reserved.

You Might Also Like