Which regulations reference Supervisory Authority?

Supervisory Authority is referenced in or relevant to: gdpr, dpdpa, dpa-2018-uk.

Compliance

What is Supervisory Authority?

A supervisory authority is an independent public body established by a country to monitor and enforce compliance with data protection laws, such as the ICO in the UK or the CNIL in France.

A supervisory authority (also known as a data protection authority or DPA) is an independent public body established by law in each jurisdiction to oversee the application of data protection legislation. Under the GDPR, each EU member state must establish at least one supervisory authority with investigative powers, corrective powers (including issuing fines), and authorization and advisory powers.

Supevisory authorities play a central role in the data protection ecosystem. They handle complaints from data subjects, conduct investigations and audits, issue guidance and codes of practice, approve Binding Corporate Rules, maintain registers of DPOs, and cooperate with authorities in other jurisdictions through consistency mechanisms. Notable supervisory authorities include the Information Commissioner's Office (ICO) in the UK, the Commission Nationale de l'Informatique et des Libertes (CNIL) in France, and the Data Protection Board of India under the DPDPA.

ComplyIQ helps organizations track which supervisory authorities have jurisdiction over their processing activities, manage interactions with authorities including breach notifications, and stay current with guidance and enforcement decisions from relevant authorities.

Relevant Regulations

GDPR (General Data Protection Regulation)DPDPA (Digital Personal Data Protection Act)DPA 2018 (UK Data Protection Act)

How IQWorks Helps

ComplyIQ

Privacy Compliance, Simplified

Related Terms

Data Protection Board

A Data Protection Board is a regulatory body established to oversee and enforce data protection laws, such as the Data Protection Board of India under the DPDPA or the European Data Protection Board under the GDPR.

Enforcement Action

An enforcement action is a measure taken by a supervisory authority or regulatory body against an organization for non-compliance with data protection laws, ranging from warnings to substantial fines.

Data Breach Notification

Data breach notification is the legal requirement for organizations to inform supervisory authorities and affected individuals when a security incident results in unauthorized access to, or loss of, personal data.

Accountability Principle

The accountability principle requires organizations to demonstrate their compliance with data protection principles through proper documentation, policies, procedures, and technical measures.

Explore More Terms

Browse our complete data protection glossary with 107+ terms.

View Full Glossary