GDPR implements new notification requirements on both controllers and processors for data breaches that lead to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data. While Intrro has a comprehensive Incident Response Policy in place already, we have updated this Policy to align with the new notification requirements which will ensure that we can update our clients without undue delay, to further allow our clients to meet their obligations under GDPR in the unlikely event of a personal data breach.