Legal ICT

  • Avenue Louise 65
  • 1000 Brussels
+32 (0)2 535 77 55
BE 0696.909.465

Our services / Register of processing activities

Some organisations are required to maintain a register of processing activities under the General Data Protection Regulation (‘GDPR’).  

This register is required for every organisation with more than 250 employees. When your organisation has less than 250 employees, it is still required to have a register of processing activities if:

  • the processing of data you carry out is likely to result in a risk to the rights and freedoms of data subjects, for example profiling or processing large amounts of personal data;
  • the processing is not occasional;
  • the processing includes special categories of data (for example data concerning a persons’ health, religion or other kinds of sensitive information).

What should be included in the register?

The register documents all the processing of personal data within an organisation. This even includes data like your own personnel administration or the personal data that is being processed to send a newsletter. If you are the controller of the processing activities, your register needs to include at least the following information:

  • The name and contact details of your organisation and your Data Protection Officer (if you have one);
  • The different purposes for which each processing takes place;
  • The categories of personal data (names, contact details, dates of birth, payment details, etc.);
  • The categories of data subjects (clients, employees, visitors of your website, etc.);
  • The different recipients to whom the personal data have been or will be disclosed (for example processors);
  • Information about processing that takes place outside the European Union;
  • The retention periods of the different kinds of personal data;
  • A general description of the technical and organisational security measures regarding the personal data.

Legal ICT can help you create and maintain a clear register of processing activities. We can also review your current register, making sure that you comply with all the requirements under the GDPR.


Send an e-mail to: or call us at: +32 (0)2 535 77 55. You can also use the form below: one of our legal advisors will get back to you very soon.



  • Your personal information will only be used to contact you as requested by you. Please read the privacy statement for more information.

Similar services

  • Confidentiality agreement (NDA)

    If you wish to share a smart idea or company-sensitive information but do not wish to disclose this publicly, you will need a confidentiality agreement.

  • Partnership agreements

    Looking to join powers with an other company? Then a clear contract is a prudent idea.