- Classify personal data processing by field and department
- Use models of processing activities that comply with the GDPR
- Duplicate processing easily
- Move processing across departments
- Use the “Article 30 record” mode to check the completion or switch to the “extended record” mode
- Filter your record in ascending/descending order and by keywords
- View the number of processing activities associated with your search criteria and also according to their status
- Export your registers easily in Excel or PDF format
Have you already used Excel for your data processing? A transfer option lets you quickly and securely integrate your data into the Data Legal Drive platform.
The GDPR record of processing activities is an instrument that is essential for your compliance and allows you to identify your personal data processing activities.
The aim is to protect personal data within your company correctly and to help you respect individual rights and freedoms.
Article 30 of the General Data Protection Regulation (GDPR) states the requirement to hold a record of processing activities.
The objective? To make public or private organisations more accountable and to demonstrate compliance with the GDPR.
The requirement for a GDPR processing record applies to all data controllers and their data processors. However, an exception to this obligation applies if the organisation has at most 250 employees.
The processing map enables compliance to be followed over time and to feed the processing record. It is a helpful tool for companies to measure their compliance and take action to maintain it.
It will allow your company to react in any situation and help you in all other essential tasks, such as respecting the rights of data subjects to their data and their privacy.
While completing the record of processing, it is essential to be organised and to follow a structured approach. This exercise requires all personal data processing activities to be recorded and described in detail. It is, therefore, necessary to specify each processing activity, whether it involves sensitive data, for what purposes, who the actors involved (Data Protection Officer, Data Controller, service providers, etc.), whether or not there are data transfers, what legal basis (consent, contract, etc.) is used, the source of the data collected, etc.
That’s why carrying out a data processing map beforehand is recommended.