National Certification Centre

Incidents and Complaints

1. COMPLAINTS: Relying upon Act of 6th September 2016 on trust services and electronic identification Minister of Digital Affairs is responsible for supervision over trust service providers. Supervision covers both qualified and non qualified services. Compalaints related to providers may be filled on the Ministry of Digital Affairs webpage and on ePUAP platform. Please fill your identification data, add relevant attachment, like document scans, screen snapshots or other essential data related to circumstances and configuration of equipment. In case of technical problems pleas ask providers’s helpdesk first or admins responsible for e-government service.

2. INCIDENTS: Incidents related to trust service providers may be reported to supervisory body by e-mail on: nccert@nccert.pl. According to article 19.2 eIDAS Regulation: “Qualified and non-qualified trust service providers shall, without undue delay but in any event within 24 hours after having become aware of it, notify the supervisory body and, where applicable, other relevant bodies, such as the competent national body for information security or the data protection authority, of any breach of security or loss of integrity that has a significant impact on the trust service provided or on the personal data maintained therein. Where the breach of security or loss of integrity is likely to adversely affect a natural or legal person to whom the trusted service has been provided, the trust service provider shall also notify the natural or legal person of the breach of security or loss of integrity without undue delay. Where appropriate, in particular if a breach of security or loss of integrity concerns two or more Member States, the notified supervisory body shall inform the supervisory bodies in other Member States concerned and ENISA. The notified supervisory body shall inform the public or require the trust service provider to do so, where it determines that disclosure of the breach of security or loss of integrity is in the public interest.”

Please kindly assume Polish language is required for legal procedures in public administration:

xml.png File: Formularz zgłoszenia incydentu (docx)

pdf.gif File: Formularz zgłoszenia incydentu (pdf)

ENISA Technical guideline for Incident Reporting under eIDAS Regulation:

https://www.enisa.europa.eu/publications/article19-incident-reporting-framework

Substantiated mutual assistance requests in reliance upon article 18.1 eIDAS Regulation may be filled by notified supervisory bodies by e-mail on: nccert@nccert.pl or directly to Ministry of Digital Affairs, ul. Królewska 27, 00-060 Warsaw, e-mail: mc@mc.gov.pl

The qualified trust service providers

Archives | Site map | Contact