Article 57 of the GDPR: Missions of supervisory authorities

Article 57 of the GDPR lists the missions that the supervisory authorities must carry out to guarantee the effective application of the regulation. These missions cover public information, advice, control and cooperation.

Article 57 of the GDPR explained

The supervisory authorities are responsible for:

Inform and raise awareness among data controllers and citizens;
Advise public institutions and businesses;
Respond to complaints filed by data subjects;
Control and investigate data processing;
Issue the authorizations provided for by the GDPR (e.g. transfers, codes of conduct);
Cooperate with other EU authorities and with the EDPS.

Why is this article important for your GDPR compliance?

Knowing the missions of your supervisory authority allows you to interact better with her, whether for advice, a statement, a check or a complaint. This also strengthens the transparency and the security of your compliance procedures.

How to comply with Article 57 of the GDPR?

Consult the official publications of your authority (guides, recommendations, models);
Respond diligently to any request or complaint transmitted by the authority;
Implement the corrective measures requested following an inspection;
Respect the deadlines for declaration or cooperation.

Examples of application of Article 57 of the GDPR

The CNIL publishes a guide to help SMEs draft their processing register;
An authority investigates misuse of geolocation data;
A company is interviewed after a complaint filed by an employee;
The authority publishes an opinion on a draft decree impacting digital freedoms.