European Data Protection Supervisor
European Data Protection Supervisor

Records Register

Records Register

All EU institutions have the legal obligation to keep a central register of records of activities processing personal data (Article 31 of Regulation 2018/1725).
 
The register shall contain at least the following information (Article 31(1) of the Regulation):

  • name and contact details of the controller, the data protection officer and, where applicable, the processor and the joint controller;
  • the purposes of the processing;
  • description of the categories of data subjects and of the categories of personal data;
  • the categories of recipients to whom the personal data have been or will be disclosed;
  • where applicable, transfers of personal data to a third country or an international organisation and the documentation of suitable safeguards;
  • where possible, the envisaged time limits for erasure of the different categories of data;
  • where possible, a general description of the technical and organisational security measures to protect those personal data.

The list of records of EDPS activities processing personal data, with hyperlinks to the relevant record, follows.

 

Record Number

Activity Description

 

1

Selection of trainees and staff

 

2

Recruitment of staff and trainees

 

3

Selection of seconded national experts (SNEs)

 

4

Recruitment of seconded national experts (SNEs)

 

5

Selection and management of interim staff

 

6

Anti-harassment procedure

 

7

Whistleblowing procedure

 

8

Underperformance procedure

 

9

Administrative enquiries and disciplinary procedure

 

10

Lodging appeals by the EDPS Appointing Authority

 

11

Missions

 

12

Procurement procedures

 

13

Financial management/transactions

 

14

Staff appraisal, promotion and certification procedures

 

15

Management of flexitime requests from staff

 

16

Enrolment to the Early Childhood Centre

 

17

Leaves

 

18

Sick leaves

 

19

Telework requests

 

20

Billing of telephone consumptions

 

21

Exceptional leaves, absences and permanencies

 

22

Transfer of data to Eurostat

 

23

Transfer of data to permanent representations

 

24

Management of user accounts of the IT administrative infrastructure

 

25

Mobile device management

 

26

Training of staff

 

27

Staff satisfaction survey

 

28

Financial contribution to cost of subscriptions to public transport

 

29

Complaints to the EDPS

 

30

Access to documents requests

 

31

EDPS audits (inspections)

 

32

Personal Data Breach Notifications by the EU Institutions

 

33

Business Continuity Plan

 

34

Access to building and parking policy for staff

 

35

EDPS website

 

36

ICDPPC18 website and mobile app

 

37

GDPR mobile app

 

38

Access to building and parking policy for visitors

 

39

Requests for info or advice

 

40

Subscriptions to EDPS newsletters

 

41

Journalists' mailing list

 

42

Template record for events and conferences organised by the EDPS

 

43 Staff Committee - general  
44 Personal data breaches at the EDPS  
45 Case Management System (CMS)