GDPR requires a personal data breach to be notified to the supervisory authority within 72 hours. But most breaches start technically — an exposed database, a leaked key. We help you find them before they become a notification.
Run a free domain scan All checks →We help you on both sides of a personal data breach: the technical security measures (art. 32) that prevent leaks, and the detection capability to spot a breach in time for the 72-hour notification under art. 33.
A personal data breach can lead to notification, informing data subjects and administrative fines. The vast majority have a technical root — exposed storage, weak encryption, leaked credentials — and they're both predictable and fixable in advance.
Is this legal advice?
No — we cover the technical side (art. 32 and detection for art. 33). The legal assessment of the notification duty rests with you or your DPO.
When must we notify?
Within 72 hours of becoming aware, if the breach is likely to result in a risk to data subjects. Detection decides when the clock starts.
Do you help during an ongoing incident?
Our strength is prevention and building the detection capability. We find the technical flaws before they become an incident.
Run a free scan or order a full Security Assessment — prioritised, not noise.
Run a free domain scan