Explore European Union Legislation by Asking a Legal Question
assisted-checkbox
filter-instruction-1
positive-filters
negative-filters
act-filter tabs-all
parameters-title
query
assisted-checkbox: ✅
result-title
total 2
Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA article 24 CELEX: 02016L0680-20160504 Records of processing activities
1. Member States shall provide for controllers to maintain a record of all categories of processing activities under their responsibility. That record shall contain all of the following information: (a) the name and contact details of the controller and, where applicable, the joint controller and the data protection officer; (b) the purposes of the processing; (c) the categories of recipients to whom the personal data have been or will be disclosed including recipients in third countries or international organisations; (d) a description of the categories of data subject and of the categories of personal data; (e) where applicable, the use of profiling; (f) where applicable, the categories of transfers of personal data to a third country or an international organisation; (g) an indication of the legal basis for the processing operation, including transfers, for which the personal data are intended; (h) where possible, the envisaged time limits for erasure of the different categories of personal data; (i) where possible, a general description of the technical and organisational security measures referred to in Article 29(1). |
Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA article 24 CELEX: 02016L0680-20160504 2. Member States shall provide for each processor to maintain a record of all categories of processing activities carried out on behalf of a controller, containing: (a) the name and contact details of the processor or processors, of each controller on behalf of which the processor is acting and, where applicable, the data protection officer; (b) the categories of processing carried out on behalf of each controller; (c) where applicable, transfers of personal data to a third country or an international organisation where explicitly instructed to do so by the controller, including the identification of that third country or international organisation; (d) where possible, a general description of the technical and organisational security measures referred to in Article 29(1). 3. The records referred to in paragraphs 1 and 2 shall be in writing, including in electronic form.
The controller and the processor shall make those records available to the supervisory authority on request. |