GDPR Requirements for Supervisory Authority
Under the GDPR, the supervisory authority is to have the following investigative powers:
to order a controller, processor, or their representative to provide any information it requires for the performance of its tasks;
to carry out investigations in the form of data protection audits;
to carry out a review of certifications issued;
to notify a controller and processor of an alleged infringement;
to obtain and access all personal data and information necessary for the performance of its tasks;
to obtain access to any premises of the controller, including processing equipment and means, in accordance with the requirements of EU or domestic law.…
Read the rest More →