Powers of the supervisory authority

Each supervisory authority has the investigative powers, including but not limited to:

  • carrying out investigations in the form of data protection audits
  • notifying the controller or processor of infringements of the GDPR
  • obtaining from the controller and processor, certain information, including access to any relevant personal data or premises or equipment

Each supervisory authority has corrective powers, including but not limited to:

  • issuing warnings to a controller or processor that intended processing operations are likely to cause infringements
  • issuing reprimands to a controller or processor where processing operations have infringed the provisions of the GDPR
  • ordering the controller or processor to comply with the data subject's requests to exercise his or her rights
  • ordering the controller to communicate a personal data breach to the data subject
  • imposing a temporary or definitive limitation including ban on processing

Each supervisory authority has authorisation and advisory powers, including but not limited to:

  • advising the controller in accordance with the prior consultation procedure
  • issuing an opinion and approving draft codes of conduct
  • accrediting certification bodies
  • authorising contractual clauses and approving binding corporate rules

The content herein is provided for your convenience and does not constitute legal advice.
Compliance Technology Solutions B.V. 2018

Russell is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.