Understanding the Article 30 Record of Processing Activities
Your Record of Processing Activities (RoPA) is your official documentation under Article 30 of the GDPR. It’s a required register of how personal data is processed across your organisation.
The platform automatically generates RoPA documents based on your completed processing activities.
What Is Included?
Your Article 30 RoPA contains:
- Name and purpose of each processing activity
- Categories of data subjects and personal data
- Recipients of data (e.g. vendors, joint controllers)
- Retention periods and legal basis
- Technical and organisational security measures
The RoPA follows GDPR’s official structure and terminology
Compliance Relevance
This document is required by:
- Article 30(1) for data controllers
- Article 30(2) for data processors
It should be available upon request by your supervisory authority.
Related Articles