AEPD

Instructions
Obligation
Breach
Responsibility
Competence
Risk
Confidentiality
Availability
Integrity
Notify

Asesora Brecha

Asesora Brecha is an useful resource for any data controller processing personal data to assess the obligation to notify Spanish Data Protection Agency about a personal data breach without undue delay, as established in Article 33 of the General Data Protection Regulation.

Data Protection Officers, Processors and Consultants might use it also to obtain relevant information to assess data controllers.

It is an easy and free tool. Once execution has been completed, data fed to the tool are deleted, and therefore the Spanish Data Protection Agency may not, in any case, come to know the information fed to the tool.

Please note that Asesora Brecha is just an aid to decision making, but the latter inevitably corresponds to the data controller. Under no circumstance does its use represents this Agency opinion on the application of Art. 33 of the GDPR for a specific personal data breach..