The flow ensures you meet GDPR requirements, including your Article 30 record.
The 8 Documentation Steps
- General information – Name, tags, and purpose
- Data subjects and security – Who is affected, and how they’re protected
- Organisational details – Owner, company, business area
- Personal data categories – What types of data are used
- Legal basis and retention – Why you’re allowed to process and how long
- Linked systems (assets) – Tools or software used
- Data sharing – Vendors, recipients, controllers
- Policies and references – Linked documents or audits
Navigation and Flexibility
You can jump between steps freely. Incomplete steps are highlighted so you know what still needs attention. Document what you know and return later to complete.
Complete steps in any order — progress is saved as you go
Related Articles