Functions & Powers of of Supervisory Authority-Part 1

Article 57 of GDPR mention the functions or tasks which are must for the supervisory authority to perform within its territory, it further clarifies that without prejudicing the other tasks/functions given under GDPR, each supervisory authority must perform the following tasks within its territories:

  1. Monitoring and enforcing the application of rules and procedures given under GDPR;
  2. Promotion of public awareness and understanding of the risks, rules, safeguards and rights  in relation to processing;
  3. Activities involving and addressing children must receive specific attention;
  4. Advising, (in consonance with member state law) the national parliament, the government, and other institutions and bodies on legislative and administrative measures relating to the protection of natural persons’ rights and freedoms with regard to processing;
  5. Promoting the awareness of controllers processors of their obligations under GDPR;
  6. Upon receiving request from data subject provide information to them concerning the exercise of their rights under this regulation and if, appropriate, cooperate with the supervisory authorities in other member states to that end;
  7. Handling of complaints lodged by data subjects and investigate the same, inform the complainant of the progress and the outcome of the investigation within a reasonable period;  
  8. Cooperating and sharing the information and provide mutual assistance to, other supervisory authorities with a view to ensuring the the consistency of application and enforcement of this regulation;
  9. Conducting the investigations on the application of GDPR, and this includes the information received from another supervisory authority or other public authority;
  10. Monitoring relevant developments, insofar as they have an impact on the protection of personal data, in particular the development of information and communication technologies and communication practices;
  11. Adoption of standard contractual clauses;
  12. Establishing and maintaining a list in relation to the requirement for data protection impact assessment;
  13. Giving advice on the processing operations;
  14. Encouraging the drawing up of codes of conduct and provide opinion and approve such codes of conduct which provides sufficient safeguards;
  15. Encouraging the establishment of data protection certification mechanism and of data protection seals and marks, and approve the criteria of certification;
  16. Carrying out periodic review of certification; 
  17. Draft and publish the requirements for accreditation of a body for monitoring codes of conduct 
  18. Approving binding corporate rules;
  19. Contributing to the activities of the Board; 

Picture credit- https://kirkpatrickprice.com