Under the GDPR, breach notification are mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. 

Data processors will also be required to notify their customers, the controllers, “without undue delay” after first becoming aware of a data breach.


We will inform our customers of any data breach that is likely to “result in a risk for the rights and freedoms of individuals” within 72 hours of the discovery of the breach.