Pursuant to Art. 37 Para. 7, Data Protection Officers shall notify supervisory authorities as follows:
Who is responsible for reporting?
The responsible person or the order processor will pass the contact details of the Data Protection Officer on to the responsible supervisory authority, i.e. company management (Art. 37 Para. 7 GDPR).
What data must be reported?
– Company name
– Company address
– Tel. No. of the company
– First name and surname of the Data Protection Officer
– E-mail address of the Data Protection Officer
Most supervisory authorities provide an online reporting form that, however, often exceeds the legally prescribed scope. Reporting may alternatively also be via mail or fax.