Looking for an external Data Protection Officer?DATUREX GmbH Dresden
DATUREXData Protection Laws
LDSG RP — Table of Contents

§ 54 LDSG RP

Notification of Personal Data

(1)Breaches
(2)The controller shall notify a personal data breach to the State Commissioner for Data Protection and Freedom of Information without undue delay and, where feasible, no later than 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights of natural persons. Where the notification to the State Commissioner for Data Protection and Freedom of Information is not made within 72 hours, the delay shall be justified.
(3)A processor shall notify any personal data breach to the controller without undue delay.
(4)The notification referred to in paragraph 1 shall at least contain the following information: 1. a description of the nature of the personal data breach including, where possible, information on the categories and approximate number of the affected personal data records, 2. the name and contact details of the data protection officer or other contact point for further information, 3. a description of the likely consequences of the breach, and 4. a description of the measures taken or proposed by the controller to address the breach and the measures taken to mitigate its possible adverse effects.
(5)Where the information referred to in paragraph 3 cannot be provided at the same time as the notification, the controller shall provide this information without undue further delay as it becomes available.
(6)The controller shall document any personal data breaches. The documentation shall contain all facts relating to the incidents, their effects and the remedial measures taken.
(7)Where a personal data breach affects personal data that have been transmitted by or to a controller in another Member State of the European Union, the information referred to in paragraph 3 shall be transmitted to the controller in that state without undue delay.
(8)Section 42(4) BDSG shall apply accordingly.
(9)Further obligations of the controller to provide notifications about personal data breaches shall remain unaffected. zur Einzelansicht § 54
Source:
https://landesrecht.rlp.de/bsrp/document/jlr-DSGRLPV3rahmen
Citation:
GVBl. RLP 2018 S. 94
As of:
2024-01-01
Retrieved:
2026-02-28