+31 (0)73 - 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
Brand Compliance
  • A certification body
    • Accreditations, Conditions & Regulations
  • ISO 27701 certification & audit
  • Directions
Buy the BC 5701 (GDPR) standard
  • About us
    • Accreditations
    • Vacancies
    • Compliment, complaint or tip
    • Privacy Statement
  • Knowledge base
  • News
  • Quality
    • Application certification process
    • ISO 9001
    • ISO 22301
    • Private Lease Quality Mark
    • Compliance Audits
    • Gap analysis
  • Information Security
    • Application certification process
    • ISO 19770-1
    • ISO 27001
    • ISO 27017 and ISO 27018
    • Baseline Information Security Government (BIO)
    • NEN 7510
    • ISAE 3402
    • SOC 2 statement
    • Gap analysis
  • Privacy
    • Application certification process
    • White paper GDPR certification mechanism
    • GDPR certification standard BC 5701 EN
    • GDPR certification standard BC 5701 NL
    • BC 5701 | GDPR Certification
    • ISO 27701
    • Gap analysis
  • Academy
    • BC5701 Implementation Professional (GDPR)
    • Online training ISO 27001:2022
    • ISO 27001 Lead Implementer training (version 2022)
    • ISO/IEC 19770-1 Practitioner course
    • Request training
  • Contact
    • Contact Form
    • Application certification process
    • Introductory meeting
    • Directions

Certification process

10
  • Checklist certification
  • Do you have your first audit soon?
  • How long does ISO certification take?
  • What is a certification cycle?
  • Applying for a certification process
  • Initial audit Stage 1
  • Initial audit Stage 2
  • Nonconformities management system
  • Certificate suspended or revoked? This is how you solve it!
  • Transfer of certification

BC 5701

4
  • BC 5701 certification: where do you start?
  • Your record of processing activities and the GDPR
  • Your Data Protection Officer and the GDPR
  • Checklist for your BC 5701 certification

General

8
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Find out more about internal audits
  • Tips to describe a proper scope
  • Accreditation versus certification
  • The differences between ISO 27001 and NEN 7510
  • The use of certification logos

ISO 27001:2022

2
  • ISO 27001:2022 – FAQ transition
  • ISO 27001:2022 – Transition process

White papers

2
  • White paper management system audits
  • White paper GDPR-certification mechanism

Best practices

3
  • Mastering GDPR compliance: best practices
  • Excelling in information security: best practices
  • Quality Management: best practices for success

Your record of processing activities and the GDPR

An indispensable part of the BC 5701 certification is setting up and maintaining a record of processing activities. Under the GDPR, certain obligations are imposed on organizations that process personal data. These obligations include keeping a record of processing activities. Maintaining this record of processing activities is very important as it allows you to prove that your organization is operating in accordance with GDPR regulations, also known as the principle of accountability.

record of processing activitiesHow do you create a record of processing activities?

Below we describe a number of steps. By following the steps you can set up and maintain a record of processing activities. This ensures transparency and compliance with data protection laws.

Identify the organization and those responsible

First of all, you need to record the name and contact details of your organization. If applicable, please also provide the details of any joint controllers and the representative of your organization and the Data Protection Officer (DPO).

Describe processing activities

For any processing that takes place under your responsibility, please document the following data:

  • The name and contact details of the controller, joint controllers, representative of the controller, and the DPO if applicable;
  • The processing purposes;
  • The categories of data subjects;
  • The categories of personal data;
  • The categories of recipients;
  • Intended periods for data erasure (if possible);
  • A general description of the technical and organizational security controls relating to the processing (if possible).

Ensure that registrations are complete, correct and current. All processing must be clearly recorded in the register.

Record processing activities

If your organization carries out processing on behalf of data controllers, you also record the following information:

  • The name and contact details of the organization and of any controller on behalf of which your organization carries out processing activities;
  • The categories of processing activities that your organization carries out on behalf of each controller;
  • Transfers of personal data to third countries or international organizations, including appropriate safeguards;
  • A general description of the technical and organizational security controls of the processing activities.

Ensure traceability

Ensure that the processing activities included in the register are clearly defined and can be traced back to documented processes or process steps.

The importance

In a world where data protection and GDPR compliance are vital, setting up and maintaining a detailed GDPR record of processing activities is key. This is not only an obligation under the law, but also the key to proving your organization’s commitment to data protection.

Follow the above steps carefully and ensure that your register is up to date so that you are always ready to respond to requests from data subjects and supervisory authorities.

Continue working on data protection for a strong and secure digital future.

 

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
Updated on 16 November 2023
BC 5701 certification: where do you start?Your Data Protection Officer and the GDPR

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, NEN 7510 and ISO 9001 scope 33 information technology and 35 other services.

Brand Compliance B.V.

Hambakenwetering 8D2
5231 DC ‘s-Hertogenbosch

+31 (0)73 220 2000
info@brandcompliance.com

Chamber of Commerce nr.: 32101659
VAT nr.: NL8130.78.854.B01

Brand Compliance Belgie B.V.

Uitbreidingstraat 66
2600 Berchem (Antwerpen)

+32 (0)14 48 0730
be-info@brandcompliance.com

VAT nr.: BE0735.675.516

Brand Compliance Nordics AB

Vasagatan 16 2 TR
111 20 Stockholm

+46 73 157 7805
info@brandcompliance.com

Org.nr: 559238-1387

© Copyright 2023 Brand Compliance
Thank you for your rating!
Thank you for your rating and comment!
This page was translated from: Dutch
Please rate this translation:
Your rating:
Change
Please give some examples of errors and how would you improve them: