Aller au contenu
+352 621 583 116 · Contact us
Luxembourg-based firm · Reply within 1 business day FR
Luxgap
Menu
DPO mandate GDPR + AI Act CISO mandate NIS 2 + DORA
Dark Web monitoringLeaked credentials and lookalike domain detection Counter-espionageBug & camera sweeps, executive protection Audit & penetration testSecurity review, vulnerability testing, incident response Business continuityRecovery plan, DORA compliance Managed SOC 24/7Continuous monitoring, detection and incident response
Internal awarenessFor executives and teams, e-learning + simulated phishing Professional certificationsISO 27001, 27701, 22301, 42001, accredited
Software AI Laws Articles Teams References Contact My quote →
+352 621 583 116 Call now julien.winkin@luxgap.com Reply within 1 business day Passer en Français You are reading the EN version FR
Asti Agilepartner Vbk Generali Ag2r La Mondiale Conseil National des Femmes Adepa Logo Color 460px AFC fiduciaire Cmcm Faymonville Arthur Welter Accumalux 2 Atdomco Inspection du Travail et des Mines Logo Acl Care IT Cfl Fundamentals Arend Fischbach Skeeled Dussmann Commune Sanem kulturpass Swiss Life Square Asti Agilepartner Vbk Generali Ag2r La Mondiale Conseil National des Femmes Adepa Logo Color 460px AFC fiduciaire Cmcm Faymonville Arthur Welter Accumalux 2 Atdomco Inspection du Travail et des Mines Logo Acl Care IT Cfl Fundamentals Arend Fischbach Skeeled Dussmann Commune Sanem kulturpass Swiss Life Square

Whistleblowing · Summary

← All articles Law overview →
CHAPTER I — SCOPE, DEFINITIONS AND CONDITIONS FOR PROTECTION
  • 1. Purpose
  • 2. Material scope
  • 3. Relationship with other Union acts and national provisions
  • 4. Personal scope
  • 5. Definitions
  • 6. Conditions for protection of reporting persons
CHAPTER II — INTERNAL REPORTING AND FOLLOW-UP
  • 7. Reporting through internal reporting channels
  • 8. Obligation to establish internal reporting channels
  • 9. Procedures for internal reporting and follow-up
CHAPTER III — EXTERNAL REPORTING AND FOLLOW-UP
  • 10. Reporting through external reporting channels
  • 11. Obligation to establish external reporting channels and to follow up on reports
  • 12. Design of external reporting channels
  • 13. Information regarding the receipt of reports and their follow-up
  • 14. Review of the procedures by competent authorities
CHAPTER IV — PUBLIC DISCLOSURES
  • 15. Public disclosures
CHAPTER V — PROVISIONS APPLICABLE TO INTERNAL AND EXTERNAL REPORTING
  • 16. Duty of confidentiality
  • 17. Processing of personal data
  • 18. Record keeping of the reports
CHAPTER VI — PROTECTION MEASURES
  • 19. Prohibition of retaliation
  • 20. Measures of support
  • 21. Measures for protection against retaliation
  • 22. Measures for the protection of persons concerned
  • 23. Penalties
  • 24. No waiver of rights and remedies
CHAPTER VII — FINAL PROVISIONS
  • 25. More favourable treatment and non-regression clause
  • 26. Transposition and transitional period
  • 27. Reporting, evaluation and review
  • 28. Entry into force
  • 29. Addressees
Laws  ›  Whistleblowing  ›  Article 29
Official EUR-Lex source ↗
Luxgap coverage GDPR NIS 2 DORA AI Act Whistleblowing CSSF 22/806
Article 29

Addressees

Directive on the protection of persons who report breaches of Union law · UE 2019/1937

Addressees

This Directive is addressed to the Member States.

Luxgap guidance · DPO & CISO

How to comply

Tailored guidance being drafted by our team. Got a specific question on this article? Contact us, we reply within 24 hours.

Need help?

Our team (lawyers + cyber engineers + developers) supports you. Free quote within 48h.

Contact us →
← previous article
28. Entry into force
My quote

They trust us

Arend Fischbach Faymonville Commune Sanem Cfl Skeeled Atdomco Inspection du Travail et des Mines Arthur Welter Conseil National des Femmes Accumalux 2 Logo Acl Agilepartner Adepa Logo Color 460px AFC fiduciaire Dussmann Cmcm Ag2r La Mondiale Asti Care IT kulturpass Swiss Life Square Generali Vbk Fundamentals Arend Fischbach Faymonville Commune Sanem Cfl Skeeled Atdomco Inspection du Travail et des Mines Arthur Welter Conseil National des Femmes Accumalux 2 Logo Acl Agilepartner Adepa Logo Color 460px AFC fiduciaire Dussmann Cmcm Ag2r La Mondiale Asti Care IT kulturpass Swiss Life Square Generali Vbk Fundamentals
See all references →
Luxgap

Luxembourg-based cybersecurity, GDPR and AI firm. External DPO and CISO mandates, Dark Web monitoring, audits, training.

2 rue de l'École, L-8376 Kahler, Luxembourg
Contact us · +352 621 583 116

Services

  • External DPO (GDPR)
  • External CISO (NIS 2)
  • Dark Web monitoring (EEM)
  • Counter-espionage & executives
  • Audit & penetration testing
  • Resilience (BCP / DORA)
  • Training
  • PECB certified trainings
  • AI advisory

Firm

  • AI Act, NIS 2, GDPR…
  • Articles
  • Our teams
  • References
  • Contact
  • Quote
  • Terms of sale
  • Privacy policy

Contact

  • Contact form
  • +352 621 583 116
  • LinkedIn
© 2026 Luxgap · All rights reserved. Lux Gap S.à r.l. · Luxembourg · VAT LU30886939
L
Luxgap · expert online Typically replies within minutes.

Before we chat

Tell us how to reach you, so a human can follow up if needed.

Hi! Ask anything about cybersecurity, GDPR, NIS 2, the AI Act, or our services. A human picks up if needed.
This assistant uses Claude (Anthropic) with a Luxgap framing. Your messages are reviewed by our team.