The EU/DPA is a group of 28 national data protection authorities that are independent of their respective governments. They ensure that the data protection legal framework is applied correctly in practice. They are also called "supervisory authorities".
The EU/DPA was established by the GDPR, which took effect on 25 May 2018. The GDPR replaces the Data Protection Directive 95/46/EC and strengthens and unifies the rules on how companies must process personal information.
The main tasks of the EU/DPAs are:
- to monitor how companies comply with the GDPR;
- to investigate complaints about possible breaches of data protection law;
- to conduct investigations into violations of data protection law; and
- to take enforcement actions against those who break these rules.