What should you consider in the GDPR ?
The controller within the company shall establish a processing register that includes the following processing operations. The processing activity and a description of the purpose. The categories of data subjects and these of personal data kept and for how long. The legal basis for the processing such as consent or contractual agreement … and if it involves sensitive data, Article 10 can be invoked and it is indicated whether technical and organizational measures have been taken. There are still numerous obligations to get an organization GDPR compliant. For questions, please contact me anytime!
Ref: GDPR Rev 82 + Art 30:
In order to demonstrate compliance with this regulation, the
controller or processor to keep records of processing activities that have taken place under its responsibility. Each controller and processor should be required to cooperate with the supervisory authority and provide this register upon request for the purpose of using it to monitor processing activities.
Who may consult it ?
The registry is primarily an internal tool to help VV and processors get in line with the GDPR. The register is also intended to serve as a source of information for the privacy committee which serves as the
supervisory authorities can conduct audits of GDPR compliance. You must be able to submit the register and make it available when requested by the committee. This register is NOT for the public or for the data subjects whose personal data your organization processes. However, it may be useful to both the controller and the FG when they are questioned by affected persons in the exercise of their rights.
IretoGDPRRegulationhashtag#processorhashtag#controllerhashtag#purposehashtag#categoryhashtag#personaldatahashtag#rightshashtag#consenthashtag#AVGhashtag#website#gdpr #GDPR #generaldata protection regulation
