We have implemented a procedure in the event of a personal data protection breach and described examples of personal data protection breaches.
The procedure is one of the components of the Personal Data Protection Policy in our company and is available to all employees in the company's knowledge base to facilitate the use of the procedure in the event of an incident.
We have a register of personal data incidents. Currently, there are three items there, 2 of which did not require reporting to PUODO (low risk) and one required reporting (however, it concerned data that we process as an ADO, and not as a processor for clients).