General Data Protection Regulation (GDPR) requires that Organizations processing personal data (Data Controllers and Data Processors) maintain a register of processing activities.

Article 30 describes in detail the information that needs to be in the register of processing activities. Organizations need to define the purpose of personal data processing and understand the lawful basis for processing, as stated in GDPR Article 5 and 6. According to Article 6 there can be 6 possible lawful basis for personal data processing, and for Organizations to be able to declare a lawful basis for a specific processing activity an assessment needs to be done…

Would you like to continue reading? Fill-in the required information and receive this E-book.