Article 30.01
1 Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility. 2 That record shall contain all of the following information:
(a) the name and contact de...
Article 30.02
Each processor and, where applicable, the processor’s representative shall maintain a record of all categories of processing activities carried out on behalf of a controller, containing:
(a) the name and contact details of the processor or processors a...
Article 30.03
The records referred to in paragraphs 1 and 2 shall be in writing, including in electronic form.
Article 30.04
The controller or the processor and, where applicable, the controller’s or the processor’s representative, shall make the record available to the supervisory authority on request.
Article 30.05
The obligations referred to in paragraphs 1 and 2 shall not apply to an enterprise or an organisation employing fewer than 250 persons unless the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the...