This guide will walk you through the first step in the processing activity flow.
1. Processing activity flow
2. Processing activity
Here you will find the name of your activity.
A good way to organise your processing activities by name is to use business processes such as Payroll, Newsletter, and HR Management. Name your processing activities in a way that your colleagues will understand.
Assess the level of detail needed—avoid descriptions that are too broad, such as "HR", but also those that are too specific, such as "Sending the weekly newsletter via Mailchimp".
Get inspiration for the appropriate level of detail by exploring our catalog of templates:
3. Fill description of activities
Enter description of your process - in your business language write the internal description about what you do in this process.
4. Purpose
Go to the Purpose tab.
5. Choose tag or create a new (or leave blank)
Select one or more purposes for the handling of personal data.
What is a Purpose?
A purpose is the reason why personal data is processed. Under the GDPR, organisations must define and document the purpose of each processing activity to ensure transparency and compliance. The purpose should be clear, specific, and legitimate.
When Do You Have Multiple Purposes in One Processing Activity?
In some cases, a single processing activity may serve multiple purposes. For example:
- Employee data in HR systems: Used both for payroll processing and performance management.
- Customer data in a CRM system: Used for handling orders, providing customer support, and marketing communications (if consent is given).
- Website analytics: Used to improve user experience and track marketing performance.
When multiple purposes exist, organisations must document each one and ensure there is a lawful basis for processing in every case.
6. You have now finished step 1 and are ready to proceed with the next steps
Navigate to the specified section.
