GDPR-30-16
Documentation
30 — Records of processing activities
Records must be maintained in written form
Description
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
GDPR-30-01
Documentation
Controller must maintain record of processing activities
GDPR-30-02
Documentation
Controller's representative must maintain record of processing activities
GDPR-30-03
Documentation
Controller record must contain contact details and organizational information
GDPR-30-04
Documentation
Controller record must contain purposes of processing
GDPR-30-05
Documentation
Controller record must describe data subjects and personal data categories
GDPR-30-06
Documentation
Controller record must list recipients of personal data
GDPR-30-07
Documentation
Controller record must document international transfers
GDPR-30-08
Documentation
Controller record must include data retention time limits
GDPR-30-09
Documentation
Controller record must describe technical and organisational security measures
GDPR-30-10
Documentation
Processor must maintain record of processing activities
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started