Each supervisory authority should be competent on the territory of its own Member State to exercise the powers and to perform the tasks conferred on it in accordance with this Regulation. This should cover in particular the processing in the context of the activities of an establishment of the controller or processor on the territory of its own Member State, the processing of personal data carried out by public authorities or private bodies acting in the public interest, processing affecting data subjects on its territory or processing carried out by a controller or processor not established in the Union when targeting data subjects residing on its territory. This should include handling complaints lodged by a data subject, conducting investigations on the application of this Regulation and promoting public awareness of the risks, rules, safeguards and rights in relation to the processing of personal data.
GDPR Recital EN
Recital 122
Related across sources
Guidance Version history Guidance Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement Guidance Guidelines 10/2020 on restrictions under Article 23 GDPR Guidance Guidelines 03/2022 on Deceptive design patterns in social media platform interfaces: how to recognise and avoid them Guidance Guidelines 01/2022 on data subject rights - Right of access Guidance Guidelines 3/2019 on processing of personal data through video devices