Frequently Asked Questions and Answers from Termly’s Legal Experts

Who do I report a breach of GDPR to?

You report a breach of GDPR to the relevant supervisory authority within 72 hours of the breach. You can find contact information for supervisory authorities in the European Data Protection Board directory. Notify users affected by the breach as soon as possible.

A data breach notification to the supervisory authority should describe:

  • the number of users affected
  • consequences of the breach
  • the actions taken to mitigate the consequences
  • the contact details of your data protection officer

Related Questions

Are email addresses personal data? Do I need a cookie policy on my website? Do you need consent for cookies? Does CCPA apply to B2B businesses? Does GDPR apply to companies or individuals? Does GDPR apply to EU citizens in the US?

Data breach protocol is key to GDPR compliance.

One of the core tenets of GDPR compliance is reporting any data breaches that occur to the appropriate people as soon as possible.

Trusted by Thousands

Trusted by thousands of companies worldwide, Termly’s intuitive software generates legal policies and handles consent management for any business in minutes.

Brand Logo FIS Brand Logo Eggland Brand Logo Veeps Brand Logo Hertz Brand Logo K2 Sports Brand Logo Law Insider
Termly Bolt
Try Termly’s Compliance Solutions For Free!
Get Compliant
Jona, Senior Product Manager @ Termly

Termly allows our users to focus more on their business instead of spending countless hours figuring out data privacy compliance. - Jona, Senior Product Manager @ Termly