Reading Time: 2 mins Context: The GDPR requires organisations to maintain a detailed record of their processing activities. This requirement applies to organisations that process data for themselves and on behalf of others. The records created need to be made available to the supervisory authority on their request.
Post archive - reporting
Reading Time: < 1 min Context: The GDPR acknowledges that data breaches can and do occur. It seeks to have processes and controls put in place to minimise the possibility of a breach, but when there is a breach to minimise the impact and to ensure that those affected are kept informed.
Reading Time: 2 mins Context: In order to prove that your organisation meets the requirement to not subject data subjects to decisions based solely on automation of profiling you need to be able to report how those decisions and profiles are created.