BUILD YOUR ORGANISATION’S ARTICLE 30-COMPLIANT RECORD OF PROCESSING ACTIVITIES

  • Organise personal data processing activities by area and division
  • Apply GDPR-compliant processing activity templates
  • Duplicate processing activities
  • Transfer processing activities between divisions
  • Work in “Article 30 record” mode to check completeness, or activate “extended record” mode
    Sort the record by ascending/descending order or keyword
  • View the number of processing activity search results according to status
  • Export record to Excel or PDF

FURTHER
INFORMATION

Import your data in 1 click!

All your processing activities are already stored in an Excel file? Our import feature allows you to quickly and securely import your data onto the Data Legal Drive platform.

A CLOSER LOOK AT…
THE RECORD OF PROCESSING ACTIVITIES

What is a record?

The data processing record is at the core of the GDPR. It identifies your personal data processing activities and allows you to monitor compliance.

The record is designed to ensure full protection of the personal data processed by your organisation, and to help you protect individual rights and freedoms.

What does the GDPR say?

Article 30 of the General Data Protection Regulation requires that public and private organisations keep a record of their data processing activities.

The goal of this record is to make organisations accountable, and to allow them to demonstrate compliance.

Who is required to keep a GDPR record?

All data controllers and their processors are required to keep a record of their processing activities. Organisations with fewer than 250 employees may be exempt from this obligation.

What is the purpose of the record?

Data mapping allows you to monitor your compliance and regularly update the record of processing activities. The record allows organisations to take stock of their compliance and to take actions to ensure it is maintained.

It allows your organisation to respond to any situation, and will help you in the essential task of protecting the rights of data subjects and their privacy.

How do you build a record?

To build a faithful record of your personal data processing activities, you must be methodical and organised. All processing activities must be listed and described in detail. This means identifying each processing activity, determining whether it concerns sensitive data, describing its purposes, persons and/or entities involved (Data Protection Officer, Data Controller, service providers, etc.), whether there are data transfers and what their legal basis is (consent, contract, etc.), where the collected data comes from, and more.

For best results, you are advised to begin by mapping your data processing activities.

SEE MORE FEATURES