GDPR Art. 33 breach notification — how do you hit the 72-hour clock when the breach is discovered on a Friday?

Jurisdiction: EU, DE Art. 33 requires notifying the supervisory authority within 72 hours of becoming aware of a personal data breach. The clock starts at awareness, not confirmation. In our org, incident response takes 4-6 hours to triage. If a breach is detected Friday at 16:00, by the time we've determined scope and affected categories, it's often Sunday morning — but the supervisory authority may not process until Monday. How have teams handled the 72-hour clock when discovery happens near weekends or holidays? Do you file an initial notification with limited information and supplement later? Do you have pre-approved notification templates for the supervisory authority? Looking for operational experience from teams who've been through actual Art. 33 notifications.