Skip to content
Contact support
  • There are no suggestions because the search field is empty.

What’s the Difference Between Article 30, Extended and Processor RoPA?

Your platform supports three types of RoPA exports. Each is designed for a different use case or legal role.

change ropa type

1. Standard Article 30 RoPA (Controller)

This is the official version you use for compliance:

  • Follows the structure of GDPR Article 30(1)
  • Includes data subject types, categories, recipients, legal basis and retention

2. Extended RoPA (Internal Use)

Adds helpful internal fields:

  • Linked systems
  • Risk classification
  • Security measures
  • Task/validation info

Tip: Use this version for internal quality checks or management reporting.

3. Processor RoPA (Article 30(2))

If you are a data processor, this version documents:

  • Instructions from the controller
  • Security measures implemented
  • Sub-processors used

Related Articles