List of documents EU GDPR Documentation Toolkit EN

June 9, 2018 | Author: H 106 | Category: Documents
Share
Report this link


Comments



Description

EU GDPR Documentation Toolkit Note: The documentation should ideally be implemented in the order in which it is listed here. No.

Document code

Relevant articles in EU GDPR

Document name

1

1 1.1

2

1.2

3

2 2.1

4

2.2

5

2.3

General Data Protection Notice

6

2.4

Register of General Data Protection Notices

7

2.5

Data Retention Policy

8 9

2.6 2.7 3

10

3.1

11

3.2

Appendix – Data Retention Schedule Data Protection Officer Job Description Inventory of Processing Activities Guidelines for Processing Activities Inventory Appendix – Inventory of Processing Activities Managing Data Subject Rights

4

Preparations for the Project EU GDPR Readiness Assessment Project Plan for Complying with the EU GDPR Personal Data Policy Framework General Personal Data Protection Policy Employee Personal Data Protection Policy

Article 24(2) Article 24(2) Articles 12, 13 and 14

Articles 5(1)(e), 13(1), 17, 30 Articles 37, 38, 39

*

Article 30 Article 30

12

4.1

Data Subject Consent Form

13 14

4.2 4.3

Data Subject Consent Withdrawal Form Parental Consent Form

Articles 6(1)(a), 7(1), 9(2) Article 7(3) Article 8

15

4.4

Parental Consent Withdrawal Form

Article 8

16

4.5

Data Subject Access Request Procedure

Articles 7(3), 15, 16, 17, 18, 20, 21, 22

17 18

4.6 4.7 5

19

5.1

20

5.2 6

Data Subject Access Request Form Data Subject Disclosure Form Data Protection Impact Assessment Data Protection Impact Assessment Methodology DPIA Register Personal Data Transfers

List of documents for EU GDPR Documentation Toolkit

Mandatory according to EU GDPR

Article 35 Article 35

ver 2.0 from 2017-10-23

Page 1 of 2

No.

Document code

21

6.1

22

6.2

23

6.3 7

24

7.1

25 26 27 28 29 30 31 32

7.2 8 8.1 8.2 8.3 8.4 8.5 8.6 8.7

33

8.8

34 35 36

8.9 8.10 8.11

37

8.12 9

38

9.1

39

9.2

40

9.3

41

9.4

Relevant articles in EU GDPR

Document name Cross Border Personal Data Transfer Procedure Annex 1 – Standard Contractual Clauses for the Transfer of Personal Data to Controllers Annex 2 – Standard Contractual Clauses for the Transfer of Personal Data to Processors Third Party Compliance Processor GDPR Compliance Questionnaire Supplier Data Processing Agreement Security of Personal Data IT Security Policy Access Control Policy Security Procedures for IT Department Bring Your Own Device (BYOD) Policy Mobile Device and Teleworking Policy Clear Desk and Clear Screen Policy Information Classification Policy Anonymization and Pseudonymization Policy Policy on the Use of Encryption Disaster Recovery Plan Internal Audit Procedure Appendix – ISO 27001 Internal Audit Checklist Personal Data Breaches Data Breach Response and Notification Procedure Data Breach Register Data Breach Notification Form to the Supervisory Authority Data Breach Notification Form to Data Subjects

Mandatory according to EU GDPR

Articles 1(3), 44, 45, 46, 47, 49 Article 46(5)

Articles 28, 32, 82 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32 Article 32

Articles 4(12), 33, 34 Article 33(5) Article 33 Article 34

* This document is mandatory if (a) the processing is carried out by a public authority or body, except for courts

acting in their judicial capacity; or (b) the core activities of the legal entity consist of processing operations which, by their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or (c) the core activities of the legal entity of processing on a large scale of special categories of data pursuant to Article 9 of the EU GDPR and personal data relating to criminal convictions and offences referred to in Article 10 of the EU GDPR. List of documents for EU GDPR Documentation Toolkit

ver 2.0 from 2017-10-23

Page 2 of 2

Copyright © 2024 DOKUMEN.SITE Inc.