Personal data breaches (also known as “data breaches”) must be reported to the FDPIC if they are likely to result in a high risk for the personality or the fundamental rights of the data subjects.
The FDPIC provides the data controllers with an online form with which they reports can be submitted in a digital and secure manner. After submitting the report, the data controller can download a confirmation with the submitted data.
Only personal data breaches that result in the unintentional or wrongful loss, deletion, destruction or alteration of personal data, or made accessible or disclosed to unauthorised persons, and that are likely to result in a high risk to the personality or fundamental rights of the data subjects must be reported.
If it is necessary for the protection of the data subjects, the data controllers must inform them of the personal data breach. Further information on notifications is available on the online form:
Last modification 11.09.2023