ProvePrivacy Logo | Blue Green

Back to home


Supervisory Authorities

Stakeholders | ProvePrivacy | Article Image 11

All of the EU’s member states must provide one or more independent supervisory authorities, which must act independently of the government and must be provided with adequate resources to undertake their duties.

Supervisory authorities’ tasks will include:

  • Monitoring the application of GDPR
  • Promoting public awareness
  • Handling complaints raised
  • Give advice on processing operations when consulted
  • Review certifications and conduct accreditation of certification bodies
  • Approve binding corporate rules

Each supervisory authorities’ powers will include:

  • The power to investigate through data protection audits
  • Corrective powers through:
    • warnings,
    • reprimands,
    • limitations on processing
    • Withdrawal of certifications
    • Impose administration fines
    • Suspend data flows to third countries
  • Authorisation and advisory powers

Entities operating in more than one state can choose a lead supervisory authority for all their pan-EU activities in order that they need liaise with only one SA.  These lead authorities will monitor compliance in respect of cross-border processing by an organisation whose main establishment is in that Member State.

You might also like

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights