Location Amsterdam
Jollemanshof 12
1019 GW Amsterdam
Phone
020 663 1941
E-mail
info@ictrecht.nl
KvK
34216164
BTW
NL8223.30.040.B01
Location Groningen
Leonard Springerlaan 35
9727 KB Groningen
Phone
050 209 34 99
E-mail
info@ictrecht.nl
KvK
68038712
BTW
NL857275835.B01
Location Brussel
Avenue Louise 65
1000 Brussel
Phone
+32 (0)2 535 77 55.
E-mail
info@legalict.com
Ondernemingsnummer
0696.909.465
BTW
BE 0696.909.465
To contact form

ICT Recht| ICT Recht

Back to home
Follow us

Our services / Register of processing activities

Some organisations are required to maintain a register of processing activities under the General Data Protection Regulation (‘GDPR’).  

This register is required for every organisation with more than 250 employees. When your organisation has less than 250 employees, it is still required to have a register of processing activities if:

  • the processing of data you carry out is likely to result in a risk to the rights and freedoms of data subjects, for example profiling or processing large amounts of personal data;
  • the processing is not occasional;
  • the processing includes special categories of data (for example data concerning a persons’ health, religion or other kinds of sensitive information).

What should be included in the register?

The register documents all the processing of personal data within an organisation. This even includes data like your own personnel administration or the personal data that is being processed to send a newsletter. If you are the controller of the processing activities, your register needs to include at least the following information:

  • The name and contact details of your organisation and your Data Protection Officer (if you have one);
  • The different purposes for which each processing takes place;
  • The categories of personal data (names, contact details, dates of birth, payment details, etc.);
  • The categories of data subjects (clients, employees, visitors of your website, etc.);
  • The different recipients to whom the personal data have been or will be disclosed (for example processors);
  • Information about processing that takes place outside the European Union;
  • The retention periods of the different kinds of personal data;
  • A general description of the technical and organisational security measures regarding the personal data.

Legal ICT can help you create and maintain a clear register of processing activities. We can also review your current register, making sure that you comply with all the requirements under the GDPR.

WOULD YOU LIKE MORE INFORMATION? 

Send an e-mail to: info@legalict.com or call us at: +32 (0)2 535 77 55. You can also use the form below: one of our legal advisors will get back to you very soon.

 

Contact



  • Your personal information will only be used to contact you as requested by you. Please read the privacy statement for more information.

Similar services

  • need flexible support

    Privacy by Design

    Before you start a new project, you should consider all possible privacy-aspects of your software. We can make sure your software includes ‘Privacy by Design’.

    Read more about this service

  • Cloud contract

    It is crucial for providers and purchasers to take technical, organizational and legal measures when outsourcing IT to the cloud.

    Read more about this service

Avenue Louise 65, 1000, Brussels, +32 (0)2 535 77 55, info@legalict.com

Contact us

  • Your personal information will only be used to contact you as requested by you. Please read the privacy statement