The Dutch Privacy Authority (DPA, Autoriteit Persoonsgegevens) checks, collects reports on data breaches, assigns fines, and gives advice / performs advocacy. The DPA communicates with the CEO and DPO of PNO. All entities under PNO Group holding B.V. report to DPA.
The GDPR enforces PNO to take technical and/or organizational measures and perform a DPIA (light).
A Data breach must be relayed to the PNO Servicedesk ServiceDesk@pnoconsultants.com and a copy to the DPO at gdpr@pnoconsultants.com. PNO uses the form by the DPA for registering a Data Breach. See https://datalekken.autoriteitpersoonsgegevens.nl (Dutch) and https://autoriteitpersoonsgegevens.nl/en/about-dutch-dpa/tasks-and-powers-dutch-dpa.