In document (10.3 Data Breach Notification Form to the Supervisory Authority) there is a reference to the supervisory authority address, could you please explain what we would enter here?
Would it be the DPA (Data Protection Authority) agency within the European Union country that is responsible for GDPR assistance and enforcement? Or the Information Commissioner's Office (ICO) in the UK's supervisory authority for the GDPR that is responsible for promoting and enforcing the legislation?
We also have a question regarding document (10.1 section 11, Data breach response and notification procedure) it calls for us to provide “Call lists & substitution “ and “contact details”, would this be the persons withing our organization that are responsible for acting upon a data breach, “Indecent response team”? Do you have a template for these?