1. European
  2. Legislation (EU)
  3. EU Regulations
  4. 2018
Date-stamp loading
  1. Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (Text with EEA relevance)
  2. Chapter IV Controller and processor (arts. 26-45)
  3. Section 2 Security of personal data (arts. 33-35)
  4. Article 34 Notification of a personal data breach to the European Data Protection Supervisor
Previous Next
Version status: Applicable | Document consolidation status: No known changes
Version date: 12 December 2019 - onwards
  Version 3 of 3    

Article 34 Notification of a personal data breach to the European Data Protection Supervisor

1. In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the European Data Protection Supervisor, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the European Data Protection Supervisor is not made within 72 hours, it shall be accompanied by reasons for the delay.

2. The processor shall notify the controller without undue delay after becoming aware of a personal data breach.

3. The notification referred to in paragraph 1 shall at least:

(a) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;

(b) communicate the name and contact details of the data protection officer;

(c) describe the likely conseque

Comparing proposed amendment...
Previous Next