Spreadsheet1

Templates for Records of Processing Activities

As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our experience, we have seen a lot of different formats and approaches. Often such spreadsheets don’t respond to GDPR Article 30 requirements or not detailed enough.

Here are examples of the most common challenges our customer were facing before joining with GDPR Register:

  • Wrong definition of processing activities (defining processes or systems instead of processing activities)
  • Lack of overview of data as spreadsheet became too long
  • Reporting to authorities and/or business partners takes too long and there is a high risk of mistakes
  • Multiple sheets for management of multiple companies and not having an overview of what is done and what’s not
  • No overview over Data processing Agreements and hard to understand what data and activities are related to with processing contract

In contrast to a GDPR Register’s approach is basing on templates, which provide a good starting point if you do it from scratch and extensive tool for standardisation of your corporate compliance documentation. Having the possibility of reusing templates of processing activities between all managed companies and organisations, creation of customized templates, we get to great overview and a clear understanding of what is happening within the managed area.

Below you can find a list of most common examples of our templates..

Examples of templates for records of processing activities 

Website and Social Media

  • Events, games, contests and campaigns
  • Social Media
  • Surveys
  • Mobile app administration
  • Facebook “Like” button on the website
  • Chatbot – unauthenticated visitors
  • Chatbot – authenticated visitors
  • Google Universal Analytics with IP Anonymization

Employees, HR and Accounting

  • Employees payroll
  • Employees sick leave administration
  • Employees database
  • Employees training
  • Employees physical access to working premises
  • Employees video surveillance
  • Employees on social media
  • Employees injured during the work accident
  • Employees on website
  • Employees location data
  • Employees’ children
  • Employees medical review
  • Employees family relations
  • Job Applicants Recruitment

Customer operations

Finance and Insurance

  • Customer Due Diligence (KYC)
  • Customer Creditworthiness Assessment
  • Customer Credit File
  • Challenging Payment Defaults
  • Insurance contract administration
  • Insurance fraud prevention
  • Customer’s insurance risk assessment
  • Payments to insurance beneficiaries
  • Broker agreements management

Travel and Hospitality

  • Greeting services
  • Hotel reservation management
  • Restaurant reservation
  • SPA Services
  • Wi-Fi Service
  • Tourist Visa service
  • Travel Agency’s service to a customer
  • Travel Agency’s service to a customer through a representative
  • Travel insurance service

Would you like to find out more?

Sign up for 14-day Free Trial! No credit card needed. No obligations.
Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Try our GDPR Compliance Tool GDPR Register for 14-days.

No credit card required.

Latest Posts
Direct marketing rules and exceptions under the GDPR

Direct marketing rules and exceptions under the GDPR

Direct marketing includes text messages (SMS) and emails that a customer receives from a product or service provider. But activities...
Personal Data Breach Reporting Requirements Under the GDPR

Personal Data Breach Reporting Requirements Under the GDPR

What is Data Breach? A personal data breach is security incident that results in the accidental or unlawful destruction, loss,...
Records of processing activities in GDPR Article 30

Records of processing activities in GDPR Article 30

What do companies have to include in the records of processing activities? GDPR Article 30 requires companies to keep an...
Data Protection Authorities (DPA)

Data Protection Authorities (DPA)

Data Protection Authorities (DPA) Data Protection Authorities (DPA) are independent public authorities that supervise, through investigative and corrective powers, the...
Data Processing Agreement (DPA)

Data Processing Agreement (DPA)

Why businesses need Data Processing Agreement (DPA)? It’s practically not possible to run a business without processing personal data and...
GDPR compliance checklist for controllers

GDPR compliance checklist for controllers

This is a simple GDPR compliance checklist for controllers that you can use to ensure you have considered most important...
GDPR Basics: Are you a Controller or a Processor?

GDPR Basics: Are you a Controller or a Processor?

What are ‘controllers’ and ‘processors’? With this short and simple article, we will try to explain the basics of controllers...
Templates for Records of Processing Activities

Templates for Records of Processing Activities

As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our...
Web plug-in requires visitor’s consent

Web plug-in requires visitor’s consent

In the light of the recent ruling of the European Court of Justice, website owners have to bear in mind...
First GDPR fine issued in Lithuania

First GDPR fine issued in Lithuania

A year after GDPR came into force, the Lithuanian Data Protection Authority (VDAI) has issued its first administrative fine. UAB ‘Mister Tango’,...

Zpracovává vaše společnost osobní údaje?


Zpracovávat vaše společnost osobní údaje fyzických osob, jako jsou:

  • Údaje zaměstnanců, zákazníků, uchazečů o zaměstnání nebo pacientů včetně:
    • Jméno nebo osobní identifikační číslo
    • Kontaktní údaje (e-mailová adresa, telefonní číslo, adresa)
    • Bankovní údaje, plat, údaje o pasu nebo jiné osobní údaje

 

Ar Jūsų įmonė renka ir tvarko fizinių asmenų asmens duomenis? 


Asmens duomenys gali būti:

  • Kliento, darbuotojo. paciento, kandidato į darbo vietą ir kt. 
    • Vardas ar asmens  numeris 
    • Kontaktinė informacija (el.pašto adresas, telefono numeris, adresas ir kt)
    • Banko sąskaitos  duomenys, atlyginimo dydis, paso duomenys ar bet kokia kita asmeninė informacija. 

Onko yrityksessäsi enemmän, kuin 250 työntekijää?


Kas teie ettevõte kogub ja töötleb isikuandmeid?


Kas teie ettevõte kogub ja töötleb füüsiliste isikutega seotud andmeid nagu näiteks:

Töötajate, klientide, tööle kandideerijate, patsientide:

  • Nimi, isikukood
  • E-posti aadress, telefoninumber, kodune aadress
  • Pangakontonumber, palgasumma, krediitkaardiandmed või mõnda muut tüüpi isiklikud andmed

Does your company collect any personal data?


Does your company collect and process any personal data of natural persons such as:

  • Employees, Customers, Job Applicants or Patients including:
    • Name or personal ID number
    • Contact details (Email address, Phone number, Address)
    • Bank details, Salary amounts, Passport details or any other personal data