Breach Reporting

Self Reporting form

This form is to be used when data controllers wish to report a personal data breach of the Data Protection (Bailiwick of Guernsey) Law, 2017 to the Office of the Data Protection Commissioner (ODPC). It should not take more than 15 minutes to complete.

Please provide as much information as possible and ensure that all mandatory fields are completed. If you do not know the answer, or you are waiting on further information pending the completion of an internal investigation, please set that out in your response.

Our breach reporting guidance can be viewed here.

In the wake of a personal data breach, swift containment and recovery of the situation is vital. Every effort should be taken to minimise the potential impact on affected data subjects, and details of the steps taken to achieve this should be included in this form.

If you have any questions, please contact breach@odpc.gg.

Notification of personal Data Breach

Fields marked with a * are required

Section 1 - Contact details

No Yes

Section 2 - Jurisdiction

No Yes
No Yes
No Yes

Section 3 - Initial information on the breach

A. INFORMATION ABOUT THE BREACH

B. INFORMATION ABOUT THE DATA

C. CONTAINMENT AND RECOVERY

Please send up copies of the following where applicable:

You can chose as many as 20 files at a maximum of 2MB per file

Declaration

  • I have included all the necessary supporting evidence with my breach report
  • The information I have provided is accurate to the best of my knowledge.
  • I understand that the Commissioner will electronically store the information relating to my breach report, including the documents I have provided, and keep those records for 7 years following the conclusion of the enquiry.