Openli logo

Supervisory Authority

A supervisory authority is a public authority in charge of supervising the application of GDPR. Each EU Member State has a supervisory authority.

What is a Supervisory Authority?

The GDPR requires data controllers to report personal data breaches to the relevant supervisory authority, where the breach presents a risk to the affected individuals.

A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.

In the case of a personal data breach, you must without undue delay and, where feasible no later than 72 hours after having become aware of it, notify the personal data breach to the Supervisory Authority, unless the personal data breach is unlikely to present a risk to the affected individuals

The competent supervisory authority is the authority that is located in the state of your company’s headquarters. You can find the contact details of the different national authorities on the website of the European Data Protection Board.

Read more about the different roles and their respective responsibilities.

Watch a free video on Data Controller

Visit our Complaince School and learn about the different GDPR-related terms, including data controller, data processor and data subject, through a series of free video lectures.

image Watch now

Join our free GDPR & compliance webinars

Ask question, learn from experts and become smarter about GDPR and privacy compliance by joining our free webinars.

See upcoming webinars

Vet vendors with Privacy Hub

Find GDPR information about all your vendors in one place.

Learn more about Privacy Hub

Join our newsletter

Join our free bi-weekly newsletter focused on news and updates from the legal landscape of data privacy.