Step 5: ROPA

Summary: This article will help you set up your Records of Processing Activities by explaining every bullet point seen on the Dashboard.

Step5_Dashboard

How to Add a Controller

Step5_dashboard1

  1. Click on the link highlighted in the picture above. Alternatively, you can click on ROPA in the navigation panel.

Step5_addcontroller

  1. Click +Controller to add a controller
  2. We will go over every substep of adding a new controller.

Step5_setprocessingname

  1. Set a processing activity name.

If you’re an independent controller click on this option (default option), if not click on joint controller.Clicking on Joint Controller will open up a new popup.

Step5_jointcontrollerpopup

In this popup you can select a previously set stakeholder from the dropdown menu.

Click add.

Note: You can select multiple stakeholders.

Step5_addpurposestakeholder

Click on the pencil icon to add a Purpose. You can also delete this joint controller by clicking the cross. Clicking on the pencil will open up a popup.

Step5_jointcontrollerpurpose

In here you can add a purpose and then save it exit the popup by clicking on save.

Step5_Generalinfo

  1. Fill in the required general data.

Note: The data protection officer is the one set in this article. This option will the data from the compliance settings.

Step5_addpurpose

  1. Fill in the purpose of the data processing.

Step5_tickboxesaffectedgroups

  1. Tick off the boxes of the affected groups.

    ​ Optionally you can delete or create new groups

Step5_personaldata

  1. Tick off the boxes of affected personal data.

    ​ Optionally you can add different data types.

Step5_specialpersonaldata

  1. Tick off the categories of special personal data, if there is none tick off no.

    ​ Optionally you can delete or create new categories.

Step5_internalrecipients

  1. Tick off the internal data recipients.

    ​ Optionally you can delete or create new data recipients.

Step5_legalbasis

  1. Tick off the applicable option and enter the data into the box.

Note: Only one option can be ticked.

Step5_externalrecipient

  1. Tick off the applicable options.

    ​ Optionally you can delete or create new external recipients.

Step5_addapplications

  1. Click +Applications

Step5_addapplicationpopup

  1. This is the popup that will open up, enter the category and choose the application used in this dropdown menu.

Note: You can only select applications entered in the stakeholder management.

Fill in the purpose this application serves.

  1. Click add.

Step5_uploaddocuments

  1. You can upload documents via drag & dropping them into the box or selecting the browse option and choose your documents there. If you have already uploaded a file into the DPMS, you can look for them using the existing files dropdown menu seen below the highlighted box.

Alternatively, you can use the contracts section on the bottom of the page and enter the info as text or via link (if you’re using sharepoint for example).

Step5_deletionconcept

  1. Fill in your deletion concept.

  2. Click save.

You’ve successfully set up a Controller.

How to Set Up A Processor

Step5_dashboard1

  1. Click on the link highlighted in the picture above. Alternatively, you can click on ROPA in the navigation panel.

Step5_arrowprocessor

  1. Select the processor tab and then click +Processor to add a processor.

  2. We will go over every substep of adding a new processor.

Step5_processingactivityname

  1. Set a processing activity name.

Step5_Generalinfo

  1. Fill in the required general data.

Note: The data protection officer is the one set in this article. This box will take the data from the compliance settings.

Step5_addpurpose

  1. Fill in the purpose of the data processing.

Step5_tickboxesaffectedgroups

  1. Tick off the boxes of the affected groups.

    ​ Optionally you can delete or create new groups

Step5_personaldata

  1. Tick off the boxesof affected personal data.

    ​ Optionally you can add different data types.

Step5_specialpersonaldata

  1. Tick off the categories of special personal data, if there is none tick off no.

​ Optionally you can delete or create new categories.

Step5_internalrecipients

  1. Tick off the internal data recipients.

​ Optionally you can delete or create new data recipients.

Step5_DPA

  1. Fill in the DPA.

Step5_externalrecipient

  1. Tick off the applicable options.

​ Optionally you can delete or create new external recipients.

Step5_addapplications

  1. Click +Applications

Step5_addapplicationpopup

  1. This is the popup that will open up, enter the category and choose the application used in this dropdown menu.

Note: You can only select applications entered in the stakeholder management.

Fill in the purpose this application serves.

  1. Click add.

Step5_uploaddocuments

  1. You can upload documents via drag & dropping them into the box or selecting the browse option and choose your documents there. If you have already uploaded a file into the DPMS, you can look for them using the existing files dropdown menu seen below the highlighted box.

Alternatively, you can use the contracts section on the bottom of the page and enter the info as text or via link (if you’re using sharepoint for example).

Step5_deletionconcept

  1. Fill in your deletion concept.

  2. Click save.

You’ve successfully set up a Processor.

For more information on ROPA check out the dedicated article.