Powers of the supervisory authority

Each supervisory authority has the investigative powers, including but not limited to:

  • carrying out investigations in the form of data protection audits
  • notifying the controller or processor of infringements of the GDPR
  • obtaining from the controller and processor, certain information, including access to any relevant personal data or premises or equipment

Each supervisory authority has corrective powers, including but not limited to:

  • issuing warnings to a controller or processor that intended processing operations are likely to cause infringements
  • issuing reprimands to a controller or processor where processing operations have infringed the provisions of the GDPR
  • ordering the controller or processor to comply with the data subject's requests to exercise his or her rights
  • ordering the controller to communicate a personal data breach to the data subject
  • imposing a temporary or definitive limitation including ban on processing

Each supervisory authority has authorisation and advisory powers, including but not limited to:

  • advising the controller in accordance with the prior consultation procedure
  • issuing an opinion and approving draft codes of conduct
  • accrediting certification bodies
  • authorising contractual clauses and approving binding corporate rules


The content herein is provided for your convenience and does not constitute legal advice.
Compliance Technology Solutions B.V. 2018

R
Russell is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.