An independent public body that enforces data protection law, handles complaints, and can impose fines under the GDPR.
Each EU member state has one or more supervisory authorities, often called data protection authorities, responsible for monitoring and enforcing the GDPR. They investigate complaints, provide guidance, approve certain transfers, and can issue corrective measures and significant fines.
Organizations must be able to identify their lead authority and cooperate with it, including notifying certain personal data breaches within 72 hours.
Related frameworks
KaitoSec