Step 6: Document compliance

To prove your compliance with the regulations, you need to compile and consolidate the necessary documentation. The actions and documents carried out at each stage must be regularly reviewed and updated to ensure ongoing data protection.

Your application must include the following information:

Category

Documentation

DOCUMENTATION ON YOUR PERSONAL DATA PROCESSING

Record of processing activities (for data controllers) or categories of processing activities (for data processors)

DOCUMENTATION ON YOUR PERSONAL DATA PROCESSING

Data Protection Impact Assessments (DPIAs) for processing operations likely to generate high risks for the rights and freedoms of individuals.

DOCUMENTATION ON YOUR PERSONAL DATA PROCESSING

The framework for data transfers outside the European Union (in particular, standard contractual clauses, BCRs and certifications)

INFORMING PEOPLE

Information notices

INFORMING PEOPLE

Models for obtaining the consent of the persons concerned

INFORMING PEOPLE

Procedures for exercising rights

CONTRACTS THAT DEFINE THE ROLES AND RESPONSIBILITIES OF PLAYERS

Contracts with subcontractors

CONTRACTS THAT DEFINE THE ROLES AND RESPONSIBILITIES OF PLAYERS

Internal procedures in the event of a data breach

THE RIGHTS OF INDIVIDUALS AND THE EXERCISE OF THEIR RIGHTS

Proof that data subjects have given their consent when their data is processed on this basis.

If your documentation shows that you meet the obligations laid down by the European regulation, then you've passed this stage. Congratulations!

Dernière mise à jour