Data Breach Notification Letters — Writing Vocabulary
Learn to write legally sound, empathetic data breach notification letters.
0 / 5 completed
1 / 5
Under GDPR, within how many hours must a personal data breach be reported to the supervisory authority (if it risks individuals' rights)?
GDPR Article 33 requires notification to the supervisory authority within 72 hours of becoming aware of a personal data breach that risks individuals' rights and freedoms.
2 / 5
Which information is required in a GDPR Article 34 breach notification to affected individuals?
GDPR Article 34 requires: nature of the breach, DPO contact details, likely consequences, and measures taken or proposed to address the breach.
3 / 5
Which language register is appropriate for a data breach notification letter?
A breach notification must be clear and plain for the recipient to understand their risk, empathetic in tone, legally complete, and include concrete steps the recipient should take.
4 / 5
What is 'customer reassurance language' in breach communication?
Reassurance language describes what you have done to secure systems and protect users, and offers concrete support (credit monitoring, dedicated helpline) — without minimising the event.
5 / 5
What should you NOT do in a data breach notification letter?
Using passive voice to obscure responsibility ('data was accessed by an unauthorised party') undermines trust. Be direct about what happened and take responsibility.