1. The supervisory authority or authorities of each Member State, as referred to in Article 41(1) of , shall monitor the lawfulness of the processing of personal data under this Regulation by the Member States for law enforcement purposes, including their transmission to and from Eurodac.
2. The processing of personal data by Europol pursuant to this Regulation shall be in accordance with and shall be supervised by the European Data Protection Supervisor.
3. Personal data obtained pursuant to this Regulation from Eurodac for law enforcement purposes shall only be processed for the purposes of the prevention, detection or investigation of the specific case for which the data have been requested by a Member State or by Europol.
4. Without prejudice to Article 24 of , Eurodac, the designated and verifying authorities and Europol shall keep records of searches for the purpose of permitting the national supervisory authorities and the European Data Protection Supervisor to monitor the compliance of data processing with Union data protection rules, including for the purpose of maintaining records in order to prepare the annual reports referred to in Article 57(8) of this Regulation. Other than for such purposes, personal data, as well as the records of the searches, shall be erased in all national and Europol files after a period of one month, unless the data are required for the purposes of the specific ongoing criminal investigation for which they were requested by a Member State or by Europol.
Correlation table
| Regulation (EU) No 603/2013 | This Regulation |
| Article 33(2) | Article 47(1) |
| Article 33(3) | Article 47(2) |
| Article 33(4) | Article 47(3) |
| Article 33(5) | Article 47(4) |