Processing activity

Structure and content

• Person responsible (legal form and contacts)
•  Purposes, requirements and earmarking, 
• Persons involved (stakeholders), 
• Data categories, 
• Categories of persons, 
• Legal bases, 
• Transfers (in EU and outside, with legal bases), 
• Compliance records (further requirements independent of GDPR), 
• Technical systems and services involved, 
• Status and components of order processing or joint responsibility, 
• Data protection information according to Art. 12-14, 
• TOMs, 
• Storage and deletion, 
• Risks and DSFA threshold analysis, 
• Tickets, 
• Tasks, 
• Dates, 
• Documents, 
• Contracts, 
• PDCA cycles