As we see every day, most companies and organisations still keep their Records of Processing Activities in spreadsheets. Through our experience, we have seen a lot of different formats and approaches. Often such spreadsheets don’t respond to GDPR Article 30 requirements or not detailed enough.

Here are examples of the most common challenges our customer were facing before joining with GDPR Register:

• Wrong definition of processing activities (defining processes or systems instead of processing activities)
• Lack of overview of data as spreadsheet became too long
• Reporting to authorities and/or business partners takes too long and there is a high risk of mistakes
• Multiple sheets for management of multiple companies and not having an overview of what is done and what’s not
• No overview over Data processing Agreements and hard to understand what data and activities are related to with processing contract

In contrast to a GDPR Register’s approach is basing on templates, which provide a good starting point if you do it from scratch and extensive tool for standardisation of your corporate compliance documentation. Having the possibility of reusing templates of processing activities between all managed companies and organisations, creation of customized templates, we get to great overview and a clear understanding of what is happening within the managed area.

Below you can find a list of most common examples of our templates..

Examples of templates for records of processing activities 

Website and Social Media

• Events, games, contests and campaigns
• Social Media
• Surveys
• Mobile app administration
• Facebook “Like” button on the website
• Chatbot – unauthenticated visitors
• Chatbot – authenticated visitors
• Google Universal Analytics with IP Anonymization

Employees, HR and Accounting

• Employees payroll
• Employees sick leave administration
• Employees database
• Employees training
• Employees physical access to working premises
• Employees video surveillance
• Employees on social media
• Employees injured during the work accident
• Employees on website
• Employees location data
• Employees’ children
• Employees medical review
• Employees family relations
• Job Applicants Recruitment

Customer operations

• Customer invoicing
• Customer marketing campaigns
• Customer debt management
• Customer loyalty card management
• Customer direct marketing by e-mail
• Customer payment processing
• Customer feedback management
• Customer orders management
• Customer profiled direct marketing by e-mail
• E-commerce client administration (without an account)
• E-commerce client administration (with account)
• E-commerce customer profile analysis

Finance and Insurance

• Customer Due Diligence (KYC)
• Customer Creditworthiness Assessment
• Customer Credit File
• Challenging Payment Defaults
• Insurance contract administration
• Insurance fraud prevention
• Customer’s insurance risk assessment
• Payments to insurance beneficiaries
• Broker agreements management

Travel and Hospitality

• Greeting services
• Hotel reservation management
• Restaurant reservation
• SPA Services
• Wi-Fi Service
• Tourist Visa service
• Travel Agency’s service to a customer
• Travel Agency’s service to a customer through a representative
• Travel insurance service