GDPR Data Protection Supervisory Authority Listing

The DPA (Data Protection Authority) is the agency within each European Union country that is responsible for GDPR (General Data Protection Regulation) assistance and enforcement.

What’s the difference between a Data Protection Authority and a Supervisory Authority?

A Data Protection Authority handles reports of data breaches, mediates issues like data subject access requests and works to educate their country about best practices in keeping digital data secure. The Supervisory Authority is which particular Data Protection Authority has jurisdiction over a particular matter.

Because online services are so intertwined it’s quite common to have situations where it’s a German citizens data that is being held by a French company.

Who should have jurisdiction over the matter? Should it be France’s Commission Nationale de l’Informatique et des Libertés (CNIL) or the German Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit?

The answer: it’s complicated (and in truth would rely upon some factors not presented in this extremely simplified example). However, whichever agency ends up with jurisdiction would be the DPA that was acting as the Supervisory Authority for the matter.

Why you need every DPA’s Contact Information

As either a data controller or data processor, you will be responding to requests for data from users’ of your system. Per Article 12 of the GDPR you may need to inform them of which supervisory authority they can escalate to if you exceed the initial 30 day grace period for a request.

Additionally, at the time of consent (when the user says: ‘I do’ to you collecting their personal information) you need to inform them their right to lodge a complaint with a supervisory authority. This and other consent requirements are spelled out in Article 13.

Austria

Österreichische Datenschutzbehörde

Hohenstaufengasse 3
1010 Wien
Tel. +43 1 531 15 202525
Fax +43 1 531 15 202690
dsb@dsb.gv.at
http://www.dsb.gv.at/

Belgium

Commission de la protection de la vie privée

Commissie voor de bescherming van de persoonlijke levenssfeer
Rue de la Presse 35 / Drukpersstraat 35
1000 Bruxelles / 1000 Brussel
Tel. +32 2 274 48 00
Fax +32 2 274 48 35
commission@privacycommission.be
http://www.privacycommission.be/

Bulgaria

Commission for Personal Data Protection

2, Prof. Tsvetan Lazarov blvd.
Sofia 1592
Tel. +359 2 915 3580
Fax +359 2 915 3525
kzld@cpdp.bg
http://www.cpdp.bg/

Croatia

Croatian Personal Data Protection Agency

Martićeva 14
10000 Zagreb
Tel. +385 1 4609 000
Fax +385 1 4609 099
azop@azop.hr or info@azop.hr
http://www.azop.hr/

Cyprus

Commissioner for Personal Data Protection

1 Iasonos Street,
1082 Nicosia
P.O. Box 23378, CY-1682 Nicosia
Tel. +357 22 818 456
Fax +357 22 304 565
commissioner@dataprotection.gov.cy
http://www.dataprotection.gov.cy/

Czech Republic

The Office for Personal Data Protection

Urad pro ochranu osobnich udaju
Pplk. Sochora 27
170 00 Prague 7
Tel. +420 234 665 111
Fax +420 234 665 444
posta@uoou.cz
http://www.uoou.cz/

Denmark

Datatilsynet

Borgergade 28, 5
1300 Copenhagen K
Tel. +45 33 1932 00
Fax +45 33 19 32 18
dt@datatilsynet.dk
http://www.datatilsynet.dk/

Estonia

Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)

Väike-Ameerika 19
10129 Tallinn
Tel. +372 6274 135
Fax +372 6274 137
info@aki.ee
http://www.aki.ee/en

Finland

Office of the Data Protection Ombudsman

P.O. Box 315
FIN-00181 Helsinki
Tel. +358 10 3666 700
Fax +358 10 3666 735
tietosuoja@om.fi
http://www.tietosuoja.fi/en/

France

Commission Nationale de l’Informatique et des Libertés – CNIL

8 rue Vivienne, CS 30223
F-75002 Paris, Cedex 02
Tel. +33 1 53 73 22 22
Fax +33 1 53 73 22 00
http://www.cnil.fr/

Germany

Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit

Husarenstraße 30
53117 Bonn
Tel. +49 228 997799 0; +49 228 81995 0
Fax +49 228 997799 550; +49 228 81995 550
poststelle@bfdi.bund.de
http://www.bfdi.bund.de/
Germany splits complaints among a number of different agencies, to sort out which one applies, use: https://www.bfdi.bund.de/DE/Home/home_node.html 

Greece

Hellenic Data Protection Authority

Kifisias Av. 1-3, PC 11523
Ampelokipi Athens
Tel. +30 210 6475 600
Fax +30 210 6475 628
contact@dpa.gr
http://www.dpa.gr/

Hungary

National Authority for Data Protection and Freedom of Information

Szilágyi Erzsébet fasor 22/C
H-1125 Budapest
Tel. +36 1 3911 400
peterfalvi.attila@naih.hu
http://www.naih.hu/

Ireland

Data Protection Commissioner

Canal House
Station Road
Portarlington
Co. Laois
Lo-Call: 1890 25 22 31
Tel. +353 57 868 4800
Fax +353 57 868 4757
info@dataprotection.ie
http://www.dataprotection.ie/

Italy

Garante per la protezione dei dati personali

Piazza di Monte Citorio, 121
00186 Roma
Tel. +39 06 69677 1
Fax +39 06 69677 785
garante@garanteprivacy.it
http://www.garanteprivacy.it/

Latvia

Data State Inspectorate

Director: Ms Daiga Avdejanova
Blaumana str. 11/13-15
1011 Riga
Tel. +371 6722 3131
Fax +371 6722 3556
info@dvi.gov.lv
http://www.dvi.gov.lv/

Lithuania

State Data Protection

Žygimantų str. 11-6a
011042 Vilnius
Tel. + 370 5 279 14 45
Fax +370 5 261 94 94
ada@ada.lt
http://www.ada.lt/

Luxembourg

Commission Nationale pour la Protection des Données

1, avenue du Rock’n’Roll
L-4361 Esch-sur-Alzette
Tel. +352 2610 60 1
Fax +352 2610 60 29
info@cnpd.lu
http://www.cnpd.lu/

Malta

Office of the Data Protection Commissioner

Data Protection Commissioner: Mr Joseph Ebejer
2, Airways House
High Street, Sliema SLM 1549
Tel. +356 2328 7100
Fax +356 2328 7198
commissioner.dataprotection@gov.mt
http://www.dataprotection.gov.mt/

Netherlands

Autoriteit Persoonsgegevens

Prins Clauslaan 60
P.O. Box 93374
2509 AJ Den Haag/The Hague
Tel. +31 70 888 8500
Fax +31 70 888 8501
info@autoriteitpersoonsgegevens.nl
https://autoriteitpersoonsgegevens.nl/nl

Poland

The Bureau of the Inspector General for the Protection of Personal Data – GIODO

ul. Stawki 2
00-193 Warsaw
Tel. +48 22 53 10 440
Fax +48 22 53 10 441
kancelaria@giodo.gov.pl; desiwm@giodo.gov.pl
http://www.giodo.gov.pl/

Portugal

Comissão Nacional de Protecção de Dados – CNPD

R. de São. Bento, 148-3°
1200-821 Lisboa
Tel. +351 21 392 84 00
Fax +351 21 397 68 32
geral@cnpd.pt
http://www.cnpd.pt/

Romania

The National Supervisory Authority for Personal Data Processing

President: Mrs Ancuţa Gianina Opre
B-dul Magheru 28-30
Sector 1, BUCUREŞTI
Tel. +40 21 252 5599
Fax +40 21 252 5757
anspdcp@dataprotection.ro
http://www.dataprotection.ro/

Slovakia

Office for Personal Data Protection of the Slovak Republic

Hraničná 12
820 07 Bratislava 27
Tel.: + 421 2 32 31 32 14
Fax: + 421 2 32 31 32 34
statny.dozor@pdp.gov.sk
http://www.dataprotection.gov.sk/

Slovenia

Information Commissioner

Ms Mojca Prelesnik
Zaloška 59
1000 Ljubljana
Tel. +386 1 230 9730
Fax +386 1 230 9778
gp.ip@ip-rs.si
https://www.ip-rs.si/

Spain

Agencia de Protección de Datos

C/Jorge Juan, 6
28001 Madrid
Tel. +34 91399 6200
Fax +34 91455 5699
internacional@agpd.es
https://www.agpd.es/

Sweden

Datainspektionen

Drottninggatan 29
5th Floor
Box 8114
104 20 Stockholm
Tel. +46 8 657 6100
Fax +46 8 652 8652
datainspektionen@datainspektionen.se
http://www.datainspektionen.se/

United Kingdom

The Information Commissioner’s Office

Water Lane, Wycliffe House
Wilmslow – Cheshire SK9 5AF
Tel. +44 1625 545 745
international.team@ico.org.uk
https://ico.org.uk

EUROPEAN FREE TRADE AREA (EFTA)

Iceland

Icelandic Data Protection Agency

Rauðarárstíg 10
105 Reykjavík
Tel. +354 510 9600; Fax +354 510 9606
postur@personuvernd.is

Liechtenstein

Data Protection Office

Kirchstrasse 8, P.O. Box 684
9490 Vaduz
Principality of Liechtenstein
Tel. +423 236 6090
info.dss@llv.li

Norway

Datatilsynet

The Data Inspectorate
P.O. Box 8177 Dep
0034 Oslo
Tel. +47 22 39 69 00; Fax +47 22 42 23 50
postkasse@datatilsynet.no

Switzerland

Data Protection and Information Commissioner of Switzerland

Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
Mr Adrian Lobsiger
Feldeggweg 1
3003 Bern
Tel. +41 58 462 43 95; Fax +41 58 462 99 96
contact20@edoeb.admin.ch