Skip to content

Processing activity

Verarbeitungstätigkeit
Processing activity (example: operation of a DIGA)
Structure and content
  • Person responsible (legal form and contacts)
  •  Purposes, requirements and earmarking, 
  • Persons involved (stakeholders), 
  • Data categories, 
  • Categories of persons, 
  • Legal bases, 
  • Transfers (in EU and outside, with legal bases), 
  • Compliance records (further requirements independent of GDPR), 
  • Technical systems and services involved, 
  • Status and components of order processing or joint responsibility, 
  • Data protection information according to Art. 12-14, 
  • TOMs, 
  • Storage and deletion, 
  • Risks and DSFA threshold analysis, 
  • Tickets, 
  • Tasks, 
  • Dates, 
  • Documents, 
  • Contracts, 
  • PDCA cycles