Tasks and Competences

The tasks of the European Data Protection Supervisor comprise, in particular:

  • hearing and investigating complaints, and informing the data subject of the outcome within a reasonable period;
  • conducting inquiries either on his or her own initiative or on the basis of a complaint, and informing the data subjects of the outcome within a reasonable period;
  • monitoring and ensuring the application of the provisions of this Regulation and any other Community act relating to the protection of natural persons with regard to the processing of personal data by a Community institution or body with the exception of the Court of Justice of the European Communities acting in its judicial capacity;
  • advising all Community institutions and bodies, either on his or her own initiative or in response to a consultation, on all matters concerning the processing of personal data, in particular before they draw up internal rules relating to the protection of fundamental rights and freedoms with regard to the processing of personal data;
  • monitoring relevant developments, insofar as they have an impact on the protection of personal data, in particular the development of information and communication technologies;
  • cooperation with the national supervisory authorities referred to in Article 28 of Directive 95/46/EC in the countries to which that Directive applies to the extent necessary for the performance of their respective duties, in particular by exchanging all useful information, requesting such authority or body to exercise its powers or responding to a request from such authority or body;
  • cooperation with the supervisory data protection bodies established under Title VI of the Treaty on European Union particularly with a view to improving consistency in applying the rules and procedures with which they are respectively responsible for ensuring compliance;
  • participating in the activities of the Working Party on the Protection of Individuals with regard to the Processing of Personal Data set up by Article 29 of Directive 95/46/EC;
  • keeping a register of processing operations notified to him or her by virtue of Article 27(2) of the Regulation and registered in accordance with Article 27(5) of the Regulation, and providing means of access to the registers kept by the Data Protection Officers under Article 26 of the Regulation;
  • carrying out a prior check of processing notified to him or her;
  • submitting an annual report on his or her activities to the European Parliament, the Council and the Commission and at the same time making it public;
  • giving advice to data subjects in the exercise of their rights;
  • referring the matter to the controller in the event of an alleged breach of the provisions governing the processing of personal data, and, where appropriate, making proposals for remedying that breach and for improving the protection of the data subjects;
  • ordering that requests to exercise certain rights in relation to data be complied with where such requests have been refused in breach of Articles 13 to 19 of the Regulation;
  • warning or admonishing the controller;
  • ordering the rectification, blocking, erasure or destruction of all data when they have been processed in breach of the provisions governing the processing of personal data and the notification of such actions to third parties to whom the data have been disclosed;
  • imposing a temporary or definitive ban on processing;
  • referring the matter to the Community institution or body concerned and, if necessary, to the European Parliament, the Council and the Commission;
  • referring the matter to the Court of Justice of the European Communities under the conditions provided for in the Treaty;
  • intervening in actions brought before the Court of Justice of the European Communities.
2018-07-31 Metadane artykułu
;