GDPR-33-08
Reporting
33 — Notification of a personal data breach to the supervisory authority
Provide breach information in phases if necessary
Description
Where it is not possible to provide all required breach notification information at the same time, the information may be provided in phases without undue further delay.
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
GDPR-33-01
Reporting
Notify supervisory authority of personal data breach within 72 hours
GDPR-33-02
Transparency
Provide reasons for delayed breach notification
GDPR-33-03
Reporting
Processor must notify controller of personal data breach
GDPR-33-04
Transparency
Describe nature of personal data breach in notification
GDPR-33-05
Transparency
Provide contact details in breach notification
GDPR-33-06
Transparency
Describe likely consequences of breach in notification
GDPR-33-07
Transparency
Describe remedial measures in breach notification
GDPR-33-09
Documentation
Document all personal data breaches
GDPR-33-10
Documentation
Maintain breach documentation for supervisory authority verification
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started