GDPR-33-07
Transparency
33 — Notification of a personal data breach to the supervisory authority
Describe remedial measures in breach notification
Description
The notification must describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible...
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
GDPR-33-01
Reporting
Notify supervisory authority of personal data breach within 72 hours
GDPR-33-02
Transparency
Provide reasons for delayed breach notification
GDPR-33-03
Reporting
Processor must notify controller of personal data breach
GDPR-33-04
Transparency
Describe nature of personal data breach in notification
GDPR-33-05
Transparency
Provide contact details in breach notification
GDPR-33-06
Transparency
Describe likely consequences of breach in notification
GDPR-33-08
Reporting
Provide breach information in phases if necessary
GDPR-33-09
Documentation
Document all personal data breaches
GDPR-33-10
Documentation
Maintain breach documentation for supervisory authority verification
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started