LEGALAUDIT

Trust

Breach notification SLA

Our commitment to data subject notification timelines under GDPR Article 33 and FADP Article 24.

Our 24-hour commitment

On confirmed Personal Data breach, LegalAudit notifies affected Controllers via security@legalaudit.ch within 24 hours of becoming aware. This exceeds the GDPR 72-hour Article 33 deadline because we believe security teams need lead time, not legal-minimum compliance.

What the notification contains

  • Nature of the breach and categories of data subjects affected.
  • Approximate number of affected records.
  • Likely consequences for data subjects.
  • Containment and remediation measures taken or proposed.
  • Contact point for follow-up (security@ or DPO depending on severity).

How to report a suspected incident

  • Email security@legalaudit.ch with subject "SECURITY INCIDENT — <your org>".
  • Encrypt with our PGP key (fingerprint on request).
  • We acknowledge receipt within 4 hours during business hours, 24 hours otherwise.
  • For affected customers, a dedicated incident channel is opened within 24 hours.

Informational document published by LegalAudit SA. Statements reflect the current state of controls and are reviewed quarterly. They are not a contractual warranty unless incorporated into a signed agreement. For binding terms request the executed DPA at privacy@legalaudit.ch.

Trust Center