European Data Protection Supervisor
European Data Protection Supervisor

Records Register

Records Register

All EU institutions have the legal obligation to keep a central register of records of activities processing personal data (Article 31 of Regulation 2018/1725).
 
The register shall contain at least the following information (Article 31(1) of the Regulation):

  • name and contact details of the controller, the data protection officer and, where applicable, the processor and the joint controller;
  • the purposes of the processing;
  • description of the categories of data subjects and of the categories of personal data;
  • the categories of recipients to whom the personal data have been or will be disclosed;
  • where applicable, transfers of personal data to a third country or an international organisation and the documentation of suitable safeguards;
  • where possible, the envisaged time limits for erasure of the different categories of data;
  • where possible, a general description of the technical and organisational security measures to protect those personal data.

The list of records of EDPS activities processing personal data, with hyperlinks to the relevant record, follows.

Record Number

Activity Description

1

Selection of trainees and staff

2

Recruitment of staff and trainees

3

Selection of seconded national experts (SNEs)

4

Recruitment of seconded national experts (SNEs)

5

Selection and management of interim staff

6

Anti-harassment procedure

7

Whistleblowing procedure

8

Underperformance procedure

9

Administrative enquiries and disciplinary procedure

10

Lodging appeals by the EDPS Appointing Authority

11

Missions

12

Procurement procedures

13

Financial management/transactions

14

Staff appraisal, promotion and certification procedures

15

Management of flexitime requests from staff

16

Enrolment to the Early Childhood Centre

17

Leaves

18

Sick leaves

19

Telework requests

20

Billing of telephone consumptions

21

Exceptional leaves, absences and permanencies

22

Transfer of data to Eurostat

23

Transfer of data to permanent representations

24

Management of user accounts of the IT administrative infrastructure

25

Mobile device management

26

Training of staff

27

Staff satisfaction survey

28

Financial contribution to cost of subscriptions to public transport

29

Complaints to the EDPS

30

Access to documents requests

31

EDPS audits (inspections)

32

Personal Data Breach Notifications by the EU Institutions

33

Business Continuity Plan

34

Access to building and parking policy for staff

35

EDPS website

36

ICDPPC18 website and mobile app

37

GDPR mobile app

38

Access to building and parking policy for visitors

39

Requests for info or advice

40

Subscriptions to EDPS newsletters

41

Journalists' mailing list

42

Template record for events and conferences organised by the EDPS

43 Staff Committee - general
44 Personal data breaches at the EDPS
45 Case Management System (CMS)