Spreadsheet1

Templates for Records of Processing Activities

As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our experience, we have seen a lot of different formats and approaches. Often such spreadsheets don’t respond to GDPR Article 30 requirements or not detailed enough.

Here are examples of the most common challenges our customer were facing before joining with GDPR Register:

  • Wrong definition of processing activities (defining processes or systems instead of processing activities)
  • Lack of overview of data as spreadsheet became too long
  • Reporting to authorities and/or business partners takes too long and there is a high risk of mistakes
  • Multiple sheets for management of multiple companies and not having an overview of what is done and what’s not
  • No overview over Data processing Agreements and hard to understand what data and activities are related to with processing contract

In contrast to a GDPR Register’s approach is basing on templates, which provide a good starting point if you do it from scratch and extensive tool for standardisation of your corporate compliance documentation. Having the possibility of reusing templates of processing activities between all managed companies and organisations, creation of customized templates, we get to great overview and a clear understanding of what is happening within the managed area.

Below you can find a list of most common examples of our templates..

Examples of templates for records of processing activities 

Website and Social Media

  • Events, games, contests and campaigns
  • Social Media
  • Surveys
  • Mobile app administration
  • Facebook “Like” button on the website
  • Chatbot – unauthenticated visitors
  • Chatbot – authenticated visitors
  • Google Universal Analytics with IP Anonymization

Employees, HR and Accounting

  • Employees payroll
  • Employees sick leave administration
  • Employees database
  • Employees training
  • Employees physical access to working premises
  • Employees video surveillance
  • Employees on social media
  • Employees injured during the work accident
  • Employees on website
  • Employees location data
  • Employees’ children
  • Employees medical review
  • Employees family relations
  • Job Applicants Recruitment

Customer operations

Finance and Insurance

  • Customer Due Diligence (KYC)
  • Customer Creditworthiness Assessment
  • Customer Credit File
  • Challenging Payment Defaults
  • Insurance contract administration
  • Insurance fraud prevention
  • Customer’s insurance risk assessment
  • Payments to insurance beneficiaries
  • Broker agreements management

Travel and Hospitality

  • Greeting services
  • Hotel reservation management
  • Restaurant reservation
  • SPA Services
  • Wi-Fi Service
  • Tourist Visa service
  • Travel Agency’s service to a customer
  • Travel Agency’s service to a customer through a representative
  • Travel insurance service

Would you like to find out more?

Sign up for 14-day Free Trial! No credit card needed. No obligations.
Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Try our GDPR Compliance Tool GDPR Register for 14-days.

No credit card required.

Latest Posts
Data Processing Agreement (DPA)

Data Processing Agreement (DPA)

It’s practically not possible to run a business without processing personal data and exchanging it with other businesses. It may...
Templates for Records of Processing Activities

Templates for Records of Processing Activities

As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our...
Web plug-in requires visitor’s consent

Web plug-in requires visitor’s consent

In the light of the recent ruling of the European Court of Justice, website owners have to bear in mind...
First GDPR fine issued in Lithuania

First GDPR fine issued in Lithuania

A year after GDPR came into force, the Lithuanian Data Protection Authority (VDAI) has issued its first administrative fine. UAB ‘Mister Tango’,...
Finnish DPA ordered a company to change their data processing practises

Finnish DPA ordered a company to change their data processing practises

An article was published recently in the Helsingin Salomat about the Finnish Data Protection Authority who had ordered a payment and...
Data Protection Officer’s role and responsibilities

Data Protection Officer’s role and responsibilities

In light of the latest survey conducted by the CPO Magazine, we are looking into the role of the Data...
GDPR Compliance Checklist for 2019

GDPR Compliance Checklist for 2019

Just recently, a report was published based on a survey of 252 global privacy professionals working for a wide range...
Records of processing activities in GDPR Article 30

Records of processing activities in GDPR Article 30

What do companies have to include in the records of processing activities? GDPR requires companies to keep an internal record,...
GDPR in B2B Marketing

GDPR in B2B Marketing

There are two separate EU level regulations to follow when processing personal data for direct marketing in B2B and B2C...
Data Protection Impact Assessment Guide

Data Protection Impact Assessment Guide

The General Data Protection Regulation (GDPR) has introduced a new obligation, which requires companies and organizations to carry out data...

Zpracovává vaše společnost osobní údaje?


Zpracovávat vaše společnost osobní údaje fyzických osob, jako jsou:

  • Údaje zaměstnanců, zákazníků, uchazečů o zaměstnání nebo pacientů včetně:
    • Jméno nebo osobní identifikační číslo
    • Kontaktní údaje (e-mailová adresa, telefonní číslo, adresa)
    • Bankovní údaje, plat, údaje o pasu nebo jiné osobní údaje

 

Ar Jūsų įmonė renka ir tvarko fizinių asmenų asmens duomenis? 


Asmens duomenys gali būti:

  • Kliento, darbuotojo. paciento, kandidato į darbo vietą ir kt. 
    • Vardas ar asmens  numeris 
    • Kontaktinė informacija (el.pašto adresas, telefono numeris, adresas ir kt)
    • Banko sąskaitos  duomenys, atlyginimo dydis, paso duomenys ar bet kokia kita asmeninė informacija. 

Onko yrityksessäsi enemmän, kuin 250 työntekijää?


Kas teie ettevõte kogub ja töötleb isikuandmeid?


Kas teie ettevõte kogub ja töötleb füüsiliste isikutega seotud andmeid nagu näiteks:

Töötajate, klientide, tööle kandideerijate, patsientide:

  • Nimi, isikukood
  • E-posti aadress, telefoninumber, kodune aadress
  • Pangakontonumber, palgasumma, krediitkaardiandmed või mõnda muut tüüpi isiklikud andmed

Does your company collect any personal data?


Does your company collect and process any personal data of natural persons such as:

  • Employees, Customers, Job Applicants or Patients including:
    • Name or personal ID number
    • Contact details (Email address, Phone number, Address)
    • Bank details, Salary amounts, Passport details or any other personal data