Competence of the lead supervisory authority
Without prejudice to Article 55, the supervisory authority of the main or sole establishment of the controller or processor shall be competent to act as the leading supervisory authority for cross-border processing by that controller or processor in accordance with the procedure set out in Article 60.
Notwithstanding paragraph 1, each supervisory authority shall be competent to hear a complaint lodged with it or any breach of this Regulation if the subject matter of that case relates only to an establishment in its Member State or affects substantially only data subjects in its Member State.
In the cases referred to in paragraph 2 of this Article, the supervisory authority shall notify the leading supervisory authority of the case without delay. Within three weeks of being informed, the leading supervisory authority shall decide whether or not to hear the case, in accordance with the procedure laid down in Article 60, taking into account whether or not the controller or processor has an establishment in the Member State of the supervisory authority that notified it.
If the lead supervisory authority decides to hear the case, the procedure in Article 60 shall apply. The supervisory authority that has notified the lead supervisory authority may submit a draft decision to the latter. The lead supervisory authority shall take the utmost account of that draft when preparing the draft decision referred to in Article 60(3).
If the lead supervisory authority decides not to handle the case, it shall be handled in accordance with Articles 61 and 62 by the supervisory authority that notified the lead supervisory authority.
The lead supervisory authority is the sole interlocutor for the controller or processor in the case of cross-border processing by that controller or processor.
