You are here
Data Protection Records Register
All EU institutions have the legal obligation to keep a central register of records of activities processing personal data (Article 31 of Regulation 2018/1725).
The register shall contain at least the following information (Article 31(1) of the Regulation):
- name and contact details of the controller, the data protection officer and, where applicable, the processor and the joint controller;
- the purpose(s) of the processing;
- description of the categories of data subjects and of the categories of personal data;
- the categories of recipients to whom the personal data have been or will be disclosed;
- where applicable, transfers of personal data to a third country or an international organisation and the documentation of suitable safeguards;
- where possible, the envisaged time limits for erasure of the different categories of data;
- where possible, a general description of the technical and organisational security measures to protect those personal data.
The list of records of EUISS activities processing personal data follows:
Appointment of Appeals Board Members & Auditors
Appointment of the Secretary of the Appeals Board
Distribution List Africa Portfolio
Evaluation – Promotion of staff
Establishment of Staff Committee
Pre-recruitment and annual medical check-ups
Registration with Private Insurer
Registration of contract staff with the French Social Security
Registration of staff with the Protocol Service (Belgium)
Registration of staff with the Protocol Service (France)
'What's to come' events invitations