Records of Processing (Article 30) Guidance
The General Data Protection Regulation (GDPR) requires Data Controllers to maintain a Record of Processing Activities (RoPA) containing specific information. Controllers and processors must be able to provide these records to the Data Protection Commission (DPC) upon request. A well-drafted RoPA demonstrates compliance with the principle of accountability set out in Article 5(2) GDPR. The DPC provides guidance to assist with compliance with Article 30 of the GDPR.