Supervisory Authority

The supervisory authority has the power to conduct investigations, access company data and premises, impose corrective measures, and levy administrative sanctions in case of non-compliance with the GDPR.

In Italy, the supervisory authority is the Italian Data Protection Authority (DPA), which is responsible for overseeing the compliance of Italian companies with data protection regulations. The Italian DPA is also the primary point of contact for complaints from data subjects, requests for opinions on particularly complex data processing activities, and for issuing guidelines regarding the correct application of the GDPR.

European supervisory authorities collaborate through the European Data Protection Board (EDPB), whose role is to ensure the consistent application of the GDPR across the European Union. The EDPB is also responsible for issuing guidelines and recommendations that assist supervisory authorities and data controllers in interpreting and applying the Regulation.

Inspection Activities of the Italian DPA in Companies
The Italian DPA also has the power to initiate inspections at companies, either directly or by delegating the Guardia di Finanza (the Italian finance police), to verify compliance with data processing rules. These inspections can be aimed at monitoring adherence to data protection regulations and may result in sanctions in case of confirmed violations.

Inspections can be planned or ad hoc and may be initiated in the following ways:

  1. Ex officio: The Italian DPA may decide to carry out random checks on companies deemed to be at risk or operating in particularly sensitive sectors.
  2. Upon report or claim: If the Italian DPA receives a report or claim from a citizen, entity, or organization regarding alleged privacy violations, a targeted inspection may be ordered.
  3. Collaboration with other authorities: Inspections can be coordinated with other law enforcement or administrative authorities to ensure thorough oversight.
  4. Following security incidents: In case of a data breach or other data security violations reported by companies, the Italian DPA may decide to inspect the organization to verify the measures taken and prevent further risks.

Trust Guardian’s approach and the role of the supervisory authority
Trust Guardian supports companies in ensuring GDPR compliance, facilitating interactions with the supervisory authority through its centralized Consent Register and Privacy Black Box. The platform enables accurate documentation of all consents, notices reviewed, and privacy events, from the time personal data is collected to its withdrawal or the expiration of the retention period, allowing for rapid and efficient retrieval of privacy history for each data subject in just a few clicks.

Legal, ICT, marketing: comprendiamo le tue necessità

Vogliamo sollevarti dai grattacapi nella gestione di consensi e privacy dei clienti.

legal1 legal2

Come DPO, Legal & Compliance voglio gestire le contestazioni e recuperare prove e fatti
ict1 ict2

Come ICT voglio mettere ordine nei flussi di gestione della privacy dei clienti
marketer1 marketer2

Come Marketer voglio lavorare in tranquillità e sicurezza

Trust Guardian è perfetto per diversi casi d’uso

Ecommerce basket

Solutions for trade shows and events
Fidelity card

Solutions for Loyalty Cards
Stand

Solutions for Marketers
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.