Before the inventory began, the state sports association's register of procedures was already quite extensive, but we wanted to check whether the processing activities were complete and also legally compliant.
are. The first step was a joint review of the existing documentation.
All relevant documents, such as guidelines, procedural instructions and contracts, were scrutinised and evaluated. Robin Data gained an overview of the LSB's procedures and processes through discussions with the employees responsible for data processing. In addition, a review of the IT systems used was carried out.
The focus here was on identifying the systems in which personal data is stored and processed. Finally, the identified processes and IT systems were systematically compared with the requirements of the General Data Protection Regulation.
(GDPR) and other relevant legal provisions.
As a result of this analysis, existing processing activities were optimised and missing processing activities were added. We particularly like the fact that the procedure directory is digitally mapped in Robin Data ComplianceOS. This gives us a centralised overview of all processing activities.