ODO24 Logo
ODO24 Logo
ODO24 Logo
GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
Incidents and Fines

Must an internal reporting system provide for anonymous reports, or does the organisation decide whether to allow anonymous reports?

ANSWER

The assumptions to the implementing act contain no information on this subject, so we must wait for the act, as the Directive leaves this to the discretion of Member States — Article 6(2):

"Without prejudice to existing Union law obligations in the area of anonymous reporting, this Directive does not affect the competence of Member States to decide whether private and public-sector legal entities and competent authorities are required to accept anonymous reports of breaches and to take follow-up action."

Show all
PreviousNext

Read also:

12 March 2026

Kiedy nie zgłaszać naruszenia do UODO? Praktyczna analiza art. 33 RODO

06 March 2026

Za co Prezes UODO nakłada kary – podsumowanie wyników raportu

15 October 2025

Jakie kary za marketing telefoniczny bez zgody? Przykłady decyzji i kwoty

Szkolenia

Praktyczny kurs IOD (32h) online

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.
Anonymous reports in whistleblower systems: are they mandatory? | ODO 24 | ODO 24