National Data Protection Law
-
General
Supplements the GDPR and ensures the proper implementation of the Regulation in Austria. It was published on 31 July 2017 and went into effect on 25 May 2018. This law provides comprehensive data protection rights to individuals in line with the without diverting much from the GDPR strict rules. It lowers the consenting age of minors to 14 years of age in the context of the offering of information society services and includes specific provisions on the processing of information revealing criminal records.
Related Resources
Austrian DPA (dsb)
-
DatabreachPedia
Overview
In Austria, there is a general requirement under the General Data Protection Regulation for data controllers to notify personal data breaches to their regulator and in cases of likely high risk to the rights and freedoms of natural persons, also to them.
Is it Mandatory to Notify Individuals?
Yes, if the personal data breach is likely to result in a high risk to their rights and freedoms.
Is it Mandatory to Notify Regulator?
Yes, if the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
Notification Deadline
72 hours
Responsible Regulator
Austrian Data Protection Authority
Österreichische Datenschutzbehörde
Hohenstaufengasse 3
1010 WienTel. +43 1 531 15 202525
Fax +43 1 531 15 202690
E-mail: [email protected]
Website: https://www.dsb.gv.at/Breach Notification Format
Minimum requirements: nature of the breach, categories and approx. number of data subjects concerned, name and contact details of the DPO, likely consequences, measures taken/proposed to be taken. Austrian regulator provides a non-binding PDF notification form that covers a broader range of questions.
Europe
National Data Protection Law
“Datenschutzgesetz” is national legislation implementing the GDPR in Austria. It was published on 31 July 2017 and went into effect on 25 May 2018.
Last Updated: July 30, 2019
About OneTrust
OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by more than 3,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. OneTrust's three primary offerings include OneTrust Privacy Management Software, OneTrust PreferenceChoice™ consent and preference management software, and OneTrust Vendorpedia™ third-party risk management software and vendor risk exchange. To learn more, visit OneTrust.com or connect on LinkedIn, Twitter and Facebook.