This guidance discusses documentation in detail. Read it if you have detailed questions not answered in the Guide, or if you need a deeper understanding to help you apply documentation in practice. DPOs and those with specific data protection responsibilities in larger organisations are likely to find it useful.
If you haven’t yet read documentation in brief in the Guide to GDPR, you should read that first. It sets out the key points you need to know, along with practical checklists to help you comply.
Contents
What is documentation?What does the GDPR say about documentation? Why is documentation important? |
Who needs to document their processing activities?Do all organisations need to document their processing activities? |
What do we need to document under Article 30 of the GDPR? |
Should we document anything else?Are there other things that need documenting? |
How do we document our processing activities?What steps should we take next? How should we document our findings? What should we document first? Is there a template we can use? |