02.09 – Breach Management

<<organisation name>> will set up a process for managing and dealing with data breaches for ensuring the security of the processing of personal data.

The GDPR requires Controllers to notify any Personal Data Breach to the applicable regulator.

We have put in place procedures to deal with any suspected Personal Data Breach and will notify Data Subjects or any applicable regulator where we are legally required to do so.

If you know or suspect that a Personal Data Breach has occurred, do not attempt to investigate the matter yourself. Immediately contact the person or team designated as the key point of contact for Personal Data Breaches and you should preserve all evidence relating to the potential Personal Data Breach.

<<Refer to the Data Breach Policy>>