(1) If a controller becomes aware of a serious personal data breach in relation to personal data for which the controller is responsible, the controller must notify the Commissioner of the breach without undue delay.
(2) Where the notification to the Commissioner is not made within 72 hours, the notification must be accompanied by reasons for the delay.
(3) Subject to subsection (4), the notification must include—
(a) a description of the nature of the personal data breach including, where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records
**Trials are provided to all LexisPSL and LexisLibrary content, excluding Practice Compliance, Practice Management and Risk and Compliance, subscription packages are tailored to your specific needs. To discuss trialling these LexisPSL services please email customer service via our online form. Free trials are only available to individuals based in the UK. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
To view the latest version of this document and millions of others like it, sign-in to LexisLibrary or register for a free trial.
Existing user? Sign-in
Take a free trial
Take a free trial
This Practice Note considers the nature and scope of arbitration agreements with a particular focus on arbitration agreements pursuant to the law of England and Wales, although it also discusses the concept from an international perspective and includes some comparative examples from other
The right to notice means a right for the employee to remain in employment for the period of notice, not simply to be paid for it. An employer will therefore often include in the contract an express right to make a payment in lieu of notice ('PILON') as an alternative to giving notice, to ensure
This Practice Note discusses the common law doctrine of privity of contract; the equitable and statutory exceptions to it; how the doctrine affects enforcing a contract against a third party and what happens when, notwithstanding the lack of privity, a contract has an indirect effect on a third
This Practice Note considers proprietary estoppel from a generic standpoint.For industry specific guidance on proprietary estoppel, see Practice Notes:•Estoppel and property law•Mortgages by estoppelProprietary estoppel—what is it?Unlike the other forms of estoppel (see Practice Note: Estoppel—what,
0330 161 1234