Records of Processing Activities: Why the RoPA should be at the center of your privacy management efforts. As a GDPR compliant company, you should record every piece of personal data that is being processed. Processing personal data means not only collecting it, but also – amongst others - aggregating, analyzing, sorting, distributing, storing, viewing,… Continue reading Why the RoPA should be at the center of your privacy management efforts
A lot of organizations are struggling with international data transfers. Rules are strict, and companies can’t just transfer personal data from EEA data subjects outside of this region. Look at Google. Even they are in a tight spot with Google Analytics and Google Fonts after the Austrian Data Protection Authority (Datenschutzbehörde or DSB)… Continue reading How to: International Data Transfers
Records of Processing Activities: What is it and how to approach its development? What is a RoPA (or Record of Processing Activities)? Article 30 of the General Data Protection Regulation (GDPR) states that controllers and processors are required to maintain Records of Processing Activities, in short RoPA or “Records”. This obligation helps your company achieve… Continue reading RoPa: What is it and how to approach its development?