Everyday Clues | Cybersecurity | Data protection
In many companies, “data protection supervisory authority” is almost a fear term. Likewise, there is often confusion about who the “competent data protection authority” is and what exactly it does. We want to change that with this blog post.
Below you can easily and quickly find out which is your responsible data protection authority and how to contact it. On the other hand, you will learn what the tasks of these authorities are – and how they can help you with information on the subject of data protection.
Data protection supervisory authorities have many tasks. The corresponding article of the GDPR lists 22 (from a – v). For companies, the tasks in the areas of information and supervision are particularly important.
The area of responsibility of supervision is very present in many minds. Among other things, because data protection supervisory authorities can impose high fines for violations of the European General Data Protection Regulation (GDPR).
In addition to the often fearful topic of supervision, it is easy to overlook the fact that data protection supervisory authorities support companies in complying with the GDPR by providing comprehensive information. Among other things, they provide helpful brochures, flyers, short papers, orientation aids, application instructions, etc.
At Perseus, we recommend: Use this information from a trusted source to the best of your ability.
Each federal state has its own independent data protection supervisory authority. Among other things, it is responsible for the non-public companies that have their headquarters in this state. In most cases, these authorities are therefore your contacts.
In addition, there is a data protection supervisory authority at the federal level: the Federal Commissioner for Data Protection and Freedom of Information (BfDI). Among other things, it advises the Bundestag.
All these authorities – those of the individual federal states and those of the federal government – together form the Data Protection Conference.
In most cases, the data protection supervisory authority of the federal state in which your company’s headquarters are located is responsible.
For example, if your company is headquartered in Hanover, your responsible data protection supervisory authority is that of the state of Lower Saxony.
So that you don’t have to search for long, we have compiled a list of the contact details of the data protection supervisory authorities of all federal states at the end of this blog post.
Don’t be surprised: these authorities are often named as the State Commissioner or the Data Protection Commissioner. That sounds like an individual, but behind it is a complete authority.
However, for telecommunications or postal service providers and for companies in a case under the Security Clearance Act, the data protection supervisory authority at the federal level – the Federal Commissioner for Data Protection and Freedom of Information (BfDI) – is responsible.
Sometimes companies have to contact their responsible data protection supervisory authority directly. For example
On the last point: You can clarify many concerns without asking the responsible data protection supervisory authority. But in exceptional cases, information from the authority is a good idea in order to obtain conclusive clarity. An example from the recent past is, for example, the introduction of 2G and 3G regulations in the workplace.
Data protection is a company-wide issue. All employees should be familiar with its basic features. That’s easy to say? It’s also easy to do with our online trainings. In short and understandable videos, we provide your employees with knowledge on many important aspects of data protection in companies.
Test it for yourself. We provide you with our online training courses and other services free of charge for the test period. Enjoy!
