Step 2: Map your personal data processing and draw up a register
Dernière mise à jour
Dernière mise à jour
After training in data processing mapping and interviewing data processing managers, you will identify your first data processing operations below:
#
Department
Personal data processing
Support / application
DPIA required?
1
HR
Recruitment management
Linkedin (external)
No
2
HR
Payroll management
Payfit (external)
No
3
HR
Staff management
Microsoft Office
No
4
Central secretariat
Works Council data management
Internal application
No
5
Output
Quality control
Microsoft Office
No
6
Marketing & Sales
Customers management
Salesforce (external)
No
7
Marketing & Sales
Sending promotional emails
Mailjet (external)
No
8
Marketing & Sales
Prospect profiling
Salesforce
Yes
9
Security
Building entry/exit management
IBM
Yes
10
Security
Anteriority check
Microsoft Office
No
11
IT
Software development
Microsoft Azure (external)
No
12
IT
Application maintenance
CGI (external)
No
13
Legal
Contract management
Microsoft Office
No
14
Purchases
Suppliers management
SAP (external)
No
Then complete your record in Dastra:
A good way to start designing your record is to first import your existing records in excel format, if available, as well as your repositories of actors, applications, subcontractors, data and retention rules. This way, once all your repositories have been integrated, you'll save time during data entry.
Then fill in all the information required for treatment by following the steps described in the link below.
You share the record with all data controllers as well as your network of GDPR correspondents and ask for validation from all stakeholders.
That's it, your record is set up and your treatments are ready to be protected!