Records of Processing Activities

2 hour(s)
10 lessons
1 quiz

About topic

In this theoretical sub-module, small and medium-sized entrepreneurs (users) will be able to learn and understand:

  • what are the activities of processing personal data and how to maintain their records
  • when they are obligated to keep records of processing activities
  • what must be included in the record of processing activities
  • the differences between the record of processing maintained by the data controller and the one maintained by the data processor
  • what the categories of data subjects and categories of personal data mean
  • who the recipients of personal data are
  • what the purposes of processing personal data are
  • what the role of the Data Protection Officer is (if appointed)


The objective of this sub-module is to familiarize entrepreneurs (data controllers and data processors) with the content of the record of processing activities and how to maintain such records.

Learning outcomes

  • Identifying whether there is a legal obligation to maintain records of processing activities
  • understanding that the record of processing activities is a tool for demonstrating compliance with the GDPR and that it is advisable to keep records even when it is not a legal obligation
  • describing what the record of processing activities must contain.

Certification information

After watching the video and studying the theoretical part, the user will be able to take a quiz to test their knowledge. The user will be presented with statements and will have to indicate whether they consider them true or false. Once the user answers all the quiz questions, a section called RESULTS will appear with explanations for the answers from the quiz. The system will generate a certificate as proof of passing the theoretical sub-module if the user achieves a minimum of 80% correct answers.