Happy Finish Ltd collects, holds, and processes a range of personal data and non-personal data. The protection of this data is of great importance, both commercially and legally. In the event of a data breach, the Company’s Data Breach Policy should be followed. A data breach may include (but not be limited to):
- the loss or theft of a physical data record;
- the loss or theft of computer equipment (e.g. laptop), mobile devices (e.g. smartphone or tablet), portable data storage devices (e.g. USB drive), or other data storage devices;
- equipment failure;
- unauthorised access to, use of, or modification of data (or inadequate access controls allowing unauthorised access, use, or modification);
- unauthorised disclosure of data;
- human error (e.g. sending data to the wrong recipient);
- unforeseen circumstances such as fire or flood;
- hacking, phishing, and other ‘blagging” offences whereby information is obtained by deception.
If you discover or suspect a data breach, please complete this Data Breach Report Form and send the completed form to the Company’s Data Protection Officer, Sharon McHallum, [email protected] If appropriate, you may need to liaise with your line manager when completing this form.
After sending this form, unless and until instructed to by the Company’s Data Protection Officer, you should not take any further action with respect to a data breach. In particular, you must not take it upon yourself to notify affected data subjects, the Information Commissioner’s Office, or any other individuals or organisations. The Company’s Data Protection Officerwill determine the steps to be taken to address the data breach, whom to notify, and how.
Happy Finish Ltd
Data Breach Report Form
You may complete and submit this form anonymously. If you wish to do so, please put anonymous in each of the fields in this section. Please note that if you are submitting this form anonymously, you should not email it as this may identify you.
|Department (if applicable):|
|Manager or supervisor:|
|Date of this Breach Report:|
Details of Data Breach
Please provide as much detail as you can about the data breach that you have discovered or suspect. The more accurate and specific the information provided in this form, the more quickly and effectively the Company will be able to deal with the data breach.
|Date and time of data breach:|
|Date and time data breach discovered:|
|Is the data breach actual or suspected?|
|Please provide a summary of the data breach:|
|What type(s) of data are involved?|
|Approximately how much data is involved?|
|Is personal data Involved?|
|Is sensitive personal data involved?|
|If personal (or sensitive personal) data is involved, what type(s) of data subject are affected (e.g. customers, employees)? (please do not identify any individual data subjects)|
|Approximately how many data subjects (if any) are likely to be affected (if known)? (please do not identify any individual data subjects)|
|What caused the data breach? (please provide as much detail as you can)|
|Have you or any other member of staff taken any action relating to the breach since discovery other than completing this form? (if yes, please provide as much detail as you can)|
|Is the data breach ongoing?|
|Are you aware of any other data breaches, related or otherwise? (if yes, please provide details)|
For Use by the Data Protection Officer
|Forwarded for action to (if applicable):|
|Date forwarded (if applicable):|