Explore European Union Legislation by Asking a Legal Question
assisted-checkbox
filter-instruction-1
positive-filters
negative-filters
act-filter tabs-all
parameters-title
query
assisted-checkbox: ✅
result-title
total 2
Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (Text with EEA relevance.) article 31 CELEX: 32018R1725 Records of processing activities
1. Each controller shall maintain a record of processing activities under its responsibility. That record shall contain all of the following information: (a) the name and contact details of the controller, the data protection officer and, where applicable, the processor and the joint controller; (b) the purposes of the processing; (c) a description of the categories of data subjects and of the categories of personal data; (d) the categories of recipients to whom the personal data have been or will be disclosed including recipients in Member States, third countries or international organisations; (e) where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and the documentation of suitable safeguards; (f) where possible, the envisaged time limits for erasure of the different categories of data; (g) where possible, a general description of the technical and organisational security measures referred to in Article 33. |
Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (Text with EEA relevance.) article 31 CELEX: 32018R1725 2. Each processor shall maintain a record of all categories of processing activities carried out on behalf of a controller, containing: (a) the name and contact details of the processor or processors and of each controller on behalf of which the processor is acting, and of the data protection officer; (b) the categories of processing carried out on behalf of each controller; (c) where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and the documentation of suitable safeguards; (d) where possible, a general description of the technical and organisational security measures referred to in Article 33. 3. The records referred to in paragraphs 1 and 2 shall be in writing, including in electronic form. 4. Union institutions and bodies shall make the record available to the European Data Protection Supervisor on request. 5. Unless it is not appropriate taking into account the size of the Union institution or body, Union institutions and bodies shall keep their records of processing activities in a central register. They shall make the register publicly accessible. |