| Name of regulation | ||
|---|---|---|
| Period for declaring the personal data breach | ||
| Citation | ||
| In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay. | ||
| Legislative localisation | Chapter IV, Section 2, Article 33, Paragraph 1 | |
| Regulation's subject matter | Notification of a personal data breach to the supervisory authority (Article 33, Section 2, Chapter IV) | |
| Regulation category |
Obligation
Indirect right |
|
| Regulation subcategory |
Prescriptive obligation
|
|
| Actors concerned | ||
| Obligation | Controller |
|
| Indirect right | Supervisory authority |
|
| Knowww link | https://knowww.eu/nodes/5a0595ea4b5b5f00019038b9 | |