GDPR Compliance: How to declare a passbolt instance

Hi there !

I’ve set up a Passbolt instance for my company, and I’ve been told that since Passbolt collects personal data, I should declare it to the authorities. Is it true ? If yes, how would one go about it ?

I’m really curious to know if anyone has ever done that for a passbolt instance ?

Of course it depends on your situation and this is not a legal advise, but normally you shouldn’t have to declare anything to authorities unless there was a breach.

Hello @Caesarovich,

it depends from where you are from and where it is hosted. The GDPR is broken down in multiple parts.

EU-GDPR and Country-GDPR (Example: D-GDPR stands for Germany-GDPR and that is broken down in L-GDPR for State-GDPR)

So, like I mentioned before it depends where you are from and how your GDPR is constructed. Normally your Data-Protection-Officer can help here. Usually, the Data processing part is covered by your Compliance and data Protection Agreement for Employees.

Like that I am sorry to inform it raises more questions than answer and like @remy mentioned too if legal advice is needed ask there.

Best regards
Val. → security officer :wink: