Article 53 – Powers
|1. Each supervisory authority shall have the power:
(a) to notify the controller or the processor of an alleged breach of the provisions governing the processing of personal data, and, where appropriate, order the controller or the processor to remedy that breach, in a specific manner, in order to improve the protection of the data subject;
(b) to order the controller or the processor to comply with the data subject’s requests to exercise the rights provided by this Regulation;
(c) to order the controller and the processor, and, where applicable, the representative to provide any information relevant for the performance of its duties;
(d) to ensure the compliance with prior authorisations and prior consultations referred to in Article 34;
(e) to warn or admonish the controller or the processor;
(f) to order the rectification, erasure or destruction of all data when they have been processed in breach of the provisions of this Regulation and the notification of such actions to third parties to whom the data have been disclosed;
(g) to impose a temporary or definitive ban on processing;
(h) to suspend data flows to a recipient in a third country or to an international organisation;
(i) to issue opinions on any issue related to the protection of personal data;
(j) to inform the national parliament, the government or other political institutions as well as the public on any issue related to the protection of personal data.
2. Each supervisory authority shall have the investigative power to obtain from the controller or the processor:
The powers referred to in point (b) shall be exercised in conformity with Union law and Member State law.
3. Each supervisory authority shall have the power to bring violations of this Regulation to the attention of the judicial authorities and to engage in legal proceedings, in particular pursuant to Article 74(4) and Article 75(2).
4. Each supervisory authority shall have the power to sanction administrative offences,