GDPR Recitals

Recital 122Responsibility of the Supervisory Authorities

All 173 Recitals Regulation (EU) 2016/679

A recital is part of the preamble to the GDPR — it explains the reasoning and intent behind the enacting articles. Recitals are not binding in themselves but are used to interpret the Regulation.

Each supervisory authority should be competent on the territory of its own Member State to exercise the powers and to perform the tasks conferred on it in accordance with this Regulation. 2 This should cover in particular the processing in the context of the activities of an establishment of the controller or processor on the territory of its own Member State, the processing of personal data carried out by public authorities or private bodies acting in the public interest, processing affecting data subjects on its territory or processing carried out by a controller or processor not established in the Union when targeting data subjects residing on its territory. 3 This should include handling complaints lodged by a data subject, conducting investigations on the application of this Regulation and promoting public awareness of the risks, rules, safeguards and rights in relation to the processing of personal data.

* This title is an unofficial description.

Recital 121

Recital 123

All recitals

Report error

Source: Regulation (EU) 2016/679 (OJ L 119, 4.5.2016, p. 1), preamble. Official text reproduced from EUR-Lex — © European Union.

Looking for the binding rules? Browse the 99 GDPR articles — the recitals explain the intent behind them.

Need to apply the GDPR in practice?

Our data-protection lawyers turn the text into a plan.

Talk to a lawyer