GDPR Activities Register

Under the GDPR legislation, you must maintain relevant documentation and internal records of processing activities. You must record the following information:

  • Name and details of your organisation (and where applicable, of other controllers, your representative and data protection officer)
  • Purposes of the processing
  • Description of the categories of individuals and categories of personal data
  • Categories of recipients of personal data
  • Details of transfers to third countries including documentation of the transfer mechanism safeguards in place
  • Retention schedules

You may be required to make these records available to the relevant supervisory authority for purposes of an investigation

The NAVGDPR toolset offers functionality within the setup and configuration to register and capture the above information and demonstrate you’ve implemented appropriate technical measures in your Dynamics NAV application towards GDPR compliance. In addition, all data subject’s requests are logged within the GDPR activities register for audit purposes