Shows the GDPR articles where this template may be used
| Article Ref | Title | Template Section | Section Description |
|---|---|---|---|
| 5.1.a | Principles - Lawfulness, fairness and transparency | All | All sections describes how the company shall collect, handle and store personal data to meet the data protection standards |
| 5.1.c | Principles – Data Minimisation | Data Minimization | Limit the collection of personal information to what is directly relevant and necessary to accomplish a specified purpose |
| 5.1.d | Principles – Data Accuracy | Data Accuracy | Covers policies that ensure that personal data is kept accurate, complete and up to date. |
| 5.1.e | Principles – Storage Limitation | Data Retention | Records management considerations for meeting regulatory and archival requirements |
| 5.1.f | Principles – Integrity and Confidentiality | Integrity and Confidentiality | Limiting data access and maintaining consistency, accuracy and trustworthiness of data over its entire lifecycle |
| 11.1 | Data Pseudonymization | Integrity and Confidentiality | Limiting data access and maintaining consistency, accuracy and trustworthiness of data over its entire lifecycle |
| 19.1 | Notification of Right of Access | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
| 24.1 | Technical and Organizational Measures | All | All sections describes how the company shall collect, handle and store personal data to meet the data protection standards |
| 24.2 | Data Protection Policies | All | All sections describes how the company shall collect, handle and store personal data to meet the data protection standards |
| 27.1 | Appointment of a Representative | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
| 30.1 | Records of Processing Activities by the Controller | ROPA | The maintenance of the detailed descriptions of an organization's data processing practices |
| 30.2 | Record of Processing Activities by the Processor | ROPA | The maintenance of the detailed descriptions of an organization's data processing practices |
| 30.3 | Format of Records of Processing Activities | ROPA | The maintenance of the detailed descriptions of an organization's data processing practices |
| 31 | Cooperation with Authorities | Supervisory Authorities | Independent public authorities that supervise the application of general data protection laws |
| 32.2 | Security Risk Assessments | Scope | Defines the various functions and methods with which an organisation processes personal data |
| 32.4 | Security Access Measures | Unauthorised Processing | Ensures that persondal data is processed by authorised persons and the penalty for default thereof |
| 37.1 | Requirement for a Data Protection Officer | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
| 37.6 | Contracting a Data Protection Officer | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
| 38.1 | DPO Involvement in Data Protection Issues | Roles and Responsibilities | GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers |
| 44.1 | International Data Transfers | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
| 45.1 | Data Transfer on Basis of Adequacy Decision | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
| 46.1 | Data Transfers on Basis of Appropriate Safeguards | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |
| 49.1 | Data Transfers on Basis of Legal Considerations | Data Transfers | Covers the management of the sharing of personal data across various jurisdictions |