- Latest available (Revised)
- Original (As adopted by EU)
Regulation (EU) 2016/794 of the European Parliament and of the CouncilShow full title
Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA
You are here:
What Version
More Resources
Legislation originating from the EU
When the UK left the EU, legislation.gov.uk published EU legislation that had been published by the EU up to IP completion day (31 December 2020 11.00 p.m.). On legislation.gov.uk, these items of legislation are kept up-to-date with any amendments made by the UK since then.
This item of legislation originated from the EU
Legislation.gov.uk publishes the UK version. EUR-Lex publishes the EU version. The EU Exit Web Archive holds a snapshot of EUR-Lex’s version from IP completion day (31 December 2020 11.00 p.m.).
Status:
This is the original version as it was originally adopted in the EU.
This legislation may since have been updated - see the latest available (revised) version
Article 35Communication of a personal data breach to the data subject
1.Subject to paragraph 4 of this Article, where a personal data breach as referred to in Article 34 is likely to severely and adversely affect the rights and freedoms of the data subject, Europol shall communicate the personal data breach to the data subject without undue delay.
2.The communication to the data subject referred to in paragraph 1 shall describe, where possible, the nature of the personal data breach, recommend measures to mitigate the possible adverse effects of the personal data breach, and contain the identity and contact details of the Data Protection Officer.
3.If Europol does not have the contact details of the data subject concerned, it shall request the provider of the data to communicate the personal data breach to the data subject concerned and to inform Europol about the decision taken. Member States providing the data shall communicate the breach to the data subject concerned in accordance with the procedures of their national law.
4.The communication of a personal data breach to the data subject shall not be required if:
(a)Europol has applied to the personal data concerned by that breach appropriate technological protection measures that render the data unintelligible to any person who is not authorised to access it;
(b)Europol has taken subsequent measures which ensure that the data subject's rights and freedoms are no longer likely to be severely affected; or
(c)such communication would involve disproportionate effort, in particular owing to the number of cases involved. In such a case, there shall instead be a public communication or similar measure informing the data subjects concerned in an equally effective manner.
5.The communication to the data subject may be delayed, restricted or omitted where this constitutes a necessary measure with due regard for the legitimate interests of the person concerned:
(a)to avoid obstructing official or legal inquiries, investigations or procedures;
(b)to avoid prejudicing the prevention, detection, investigation and prosecution of criminal offences or for the execution of criminal penalties;
(c)to protect public and national security;
(d)to protect the rights and freedoms of third parties.
Options/Help
Print Options
PrintThe Whole Regulation
PrintThe Whole Chapter
PrintThis Article only
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.
Opening Options
Different options to open legislation in order to view more content on screen at once
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the EU Official Journal
- lists of changes made by and/or affecting this legislation item
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.