In addition to the rules stated in the GDPR, a data controller may have to notify sectoral regulators in case of a data breach. For example, financial-services firms may be required to inform the Danish Financial Supervisory Agency (Finanstilsynet) of any breach.
Notification of data breaches to the Danish supervisory authority
The Danish Data Protection Agency provides for guidance and enables data breaches to be registered online:
- A guideline on data breaches can be found here: https://www.datatilsynet.dk/media/6558/haandtering-af-brud-paa-persondatasikkerheden.pdf (in Danish)
- Data breaches can be registered online here: https://www.datatilsynet.dk/anmeld-brud-paa-persondatasikkerheden/ (in Danish)