OVHcloud Help centre

Hello. How can we help you?

What is a personal data breach?

Article 4(12) of the GDPR defines “personal data breach” as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.”

Therefore, if infrastructures in the Strasbourg datacentre on which you hosted personal data were affected by the fire and are not recoverable, and you do not otherwise hold such data (on another backup environment or another), the destruction or loss of this data constitutes a loss of availability or integrity of the data and falls under the remit of a personal data breach.

Please note that if you have experienced a temporary unavailability of services without any loss of personal data, where either the services could be restored (e.g. OVHcloud email services) or you could restart your services on other infrastructures and restore your data’s accessibility, without this significantly impacting the data subjects, this is a data breach under the GDPR that must be logged in a register maintained by the controller, but it does not necessarily and in principle constitute a data breach likely to be notified to the CNIL, or the competent data protection authority. Such notification shall be subject to specific assessment criteria as described in point 3 below.

Did you find this advice helpful? or
Great! We're glad we could help.
Thanks for your help! Your feedback will be reviewed as soon as possible by our teams.
Tell us why you didn't find your answer. Your support requests will not be processed through this form. To do this, please use the create a ticket form.