Location Amsterdam
Jollemanshof 12
1019 GW Amsterdam
Phone
020 663 1941
E-mail
info@ictrecht.nl
KvK
34216164
BTW
NL8223.30.040.B01
Location Groningen
Leonard Springerlaan 35
9727 KB Groningen
Phone
050 209 34 99
E-mail
info@ictrecht.nl
KvK
68038712
BTW
NL857275835.B01
Location Brussel
Avenue Louise 65
1000 Brussel
Phone
+32 (0)2 535 77 55.
E-mail
info@legalict.com
Ondernemingsnummer
0696.909.465
BTW
BE 0696.909.465
To contact form

ICT Recht| ICT Recht

Back to home
Follow us

Our services / Register of processing activities

Some organisations are required to maintain a register of processing activities under the General Data Protection Regulation (‘GDPR’).  

This register is required for every organisation with more than 250 employees. When your organisation has less than 250 employees, it is still required to have a register of processing activities if:

  • the processing of data you carry out is likely to result in a risk to the rights and freedoms of data subjects, for example profiling or processing large amounts of personal data;
  • the processing is not occasional;
  • the processing includes special categories of data (for example data concerning a persons’ health, religion or other kinds of sensitive information).

What should be included in the register?

The register documents all the processing of personal data within an organisation. This even includes data like your own personnel administration or the personal data that is being processed to send a newsletter. If you are the controller of the processing activities, your register needs to include at least the following information:

  • The name and contact details of your organisation and your Data Protection Officer (if you have one);
  • The different purposes for which each processing takes place;
  • The categories of personal data (names, contact details, dates of birth, payment details, etc.);
  • The categories of data subjects (clients, employees, visitors of your website, etc.);
  • The different recipients to whom the personal data have been or will be disclosed (for example processors);
  • Information about processing that takes place outside the European Union;
  • The retention periods of the different kinds of personal data;
  • A general description of the technical and organisational security measures regarding the personal data.

Legal ICT can help you create and maintain a clear register of processing activities. We can also review your current register, making sure that you comply with all the requirements under the GDPR.

WOULD YOU LIKE MORE INFORMATION? 

Send an e-mail to: info@legalict.com or call us at: +32 (0)2 535 77 55. You can also use the form below: one of our legal advisors will get back to you very soon.

 

Contact



  • Your personal information will only be used to contact you as requested by you. Please read the privacy statement for more information.

Similar services

  • need flexible support

    Data Protection Officer (DPO)

    Under the GDPR, your organisation may be required to appoint a Data Protection Officer (DPO). You may wish to hire a DPO via Legal ICT.

    Read more about this service

  • Legal advice on Brexit

    Now that the UK Parliament has rejected the withdrawal agreement which was prepared by the UK Government and the EU institutions, questions are mounting about what to expect now and which preparations may be in order. Does your organisation need legal advice on Brexit?

    Read more about this service

Avenue Louise 65, 1000, Brussels, +32 (0)2 535 77 55, info@legalict.com

Contact us

  • Your personal information will only be used to contact you as requested by you. Please read the privacy statement