GDPR Article 33 breach notification
A controller must notify the supervisory authority of a personal-data breach without undue delay and within 72 hours of becoming aware, unless the breach is unlikely to risk individuals' rights. The notification must state the nature, categories and rough number affected, likely consequences, and measures taken; a late filing must carry reasons for the delay.
- Protocol
- Proseid_v1.0
- Version
- v2025.01.01
- Applies in
- European Economic Area
- Fields
- 10
Legal references
Schema fields
10 fieldscontroller_namebecame_aware_atbreach_naturerisk_to_individualsdata_categoriesindividuals_affectedlikely_consequencesmeasures_takenauthority_notifiednotified_within_72hExample payload
{
"controller_name": "",
"became_aware_at": "",
"breach_nature": "",
"risk_to_individuals": "unlikely",
"data_categories": "",
"individuals_affected": 0,
"likely_consequences": "",
"measures_taken": "",
"authority_notified": false,
"notified_within_72h": false
}A blank payload matching this schema's fields. Fill it in and POST to validate.
API usage
POST your payload to validate against the latest version. Returns 200 if valid, 422 with structured field-level errors otherwise.
curl -X POST https://proseid.com/api/v1/validate/proseid/gdpr-article-33-breach-notification \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d @payload.json{
"status": "READY",
"schema": "proseid/gdpr-article-33-breach-notification",
"version": "2025.01.01",
"errors": []
}{
"status": "INVALID",
"errors": [{
"field_id": "controller_name",
"kind": "required",
"message": "This field is required."
}]
}Release history
Immutable versionsTrust ledger
Crowd → credentialedNo votes yet.
No attestations yet. A verified professional can vouch for a specific version.