How to Report data protection breaches of dead relation data set
Dear European Data Protection Supervisor,
Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information
:How to Report data protection breaches of dead relation data set
How to report data protection breaches of dead mothers data set.
Yours faithfully,
Madeline O'Brien
Dear Mrs O'Brien,
I am writing in reply to your email of 6 April 2022 to the European Data
Protection Supervisor (EDPS), regarding your specific request on reporting
personal data breaches of deceased people.
Dead people are not covered by the scope of the General Data Protection
Regulation (GDPR). See Recital 27 of the GDPR: "This Regulation does not
apply to the personal data of deceased persons. Member States may provide
for rules regarding the processing of personal data of deceased persons."
Therefore, there is no legal obligation under the GDPR or Regulation (EU)
2018/1725 to report personal data breaches related to deceased people.
In case there has been a data breach related to a dataset of dead people
that also includes personal data of living natural persons, the controller
must assess its risks to their rights and freedoms and, where necessary,
notify the competent supervisory authority, in accordance with Article 33
of the GDPR. The competent supervisory authority is determined based on
the establishment of the controller (Articles 55 and 27 of the GDPR). In
case the controller is a European Union institution, body or agency, the
EDPS is the competent supervisory authority, and the notification should
be addressed to the EDPS, in accordance with Article 34 Regulation (EU)
2018/1725.
The following link lists the contact details of all of the supervisory
authorities in the European Union:
[1]https://edpb.europa.eu/about-edpb/board/...
Best regards,
Agnieszka Nyka
Information and Communication
[2]cid:image001.png@01D08819.F93340B0 EDPS Secretariat
Tel.
+32
2
283
19
00
|
Fax
+32
2
283
19
50
[3]Description: Description:
Email[4][EDPS request email]
European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1040 Brussels
[5]Description: [7]Description: Description:
Description: Website[8]www.edps.europa.eu
Twitter[6]@EU_EDPS
This email
(and any
attachment)
may contain
information
that is
internal or
confidential.
Unauthorised
access, use or
other
processing is
not permitted.
If you are not
the intended
recipient
please inform
the sender by
reply and then
delete all
copies. Emails
are not secure
as they can be
intercepted,
amended, and
infected with
viruses. The
EDPS therefore
cannot
guarantee the
security of
correspondence
by email.
[9]Privacy statement