Svensk version

No data breach notification needed

If the data breach is unlikely to result in a risk to the rights and freedoms of natural persons, you do not have to send a report to us.

However, according to the General Data Protection Regulation (GDPR), you still need to document the breach internally. To verify that a controller has done this, Swedish Authority for Privacy Protection may demand to take part of the documentation.

More information about the documention requirements can be found in the guidelines about personal data breaches from the European Data Protection Board (EDPB).

Guidelines

Learn more

Guidelines on Personal data breach notification under Regulation 2016/679 (pdf, 1 MB)

Latest update: 20 September 2021

Data protection

About IMY

About IMY

About IMY

About IMY

Search suggestions!

No data breach notification needed

Guidelines