GDPR Glossary Also known as: data protection authority, DPA
The independent national regulator that enforces the GDPR and handles complaints.
Each EU member state has one or more independent supervisory authorities (DPAs) — such as the Dutch AP or the Irish DPC — that monitor and enforce the GDPR.
They handle complaints, run investigations, and can issue orders and fines of up to €20 million or 4% of global turnover.
In the Regulation
Related terms
One-stop-shopThe mechanism that lets cross-border businesses deal with a single lead supervisory authority.European Data Protection BoardThe EU body of national regulators that ensures the GDPR is applied consistently and issues guidance.Breach notificationThe duty to report a risky personal data breach to the regulator within 72 hours, and to affected people without undue delay.
Need this applied to your business?
Our data-protection lawyers turn GDPR terms into a working plan.