18 Dec, 2023 | Accountability, Controller, GDPR Hero blog, Integrity and confidentiality, Lawfulness, fairness and transparency, Personal data, Personal data breach, Processor, Record of processing activities, The Supervisory Authorities
According to the GDPR, data controllers are required to notify their competent supervisory authority in case of a personal data breach. Notification must be made within 72 hours of the controller becoming aware of the breach. Within this relatively slim time period,...
27 Sep, 2023 | Accountability, GDPR Hero blog, Purpose limitation
A common question we receive is “For how long can we store personal data?” The short answer is: “As long as you can motivate and justify your need of the personal data”. It is not possible to specify a specific time limit for all types of personal data, because the...