How to Carry Out a Data Mapping
Article 30 of the General Data Protection Regulation (GDPR) requires organisations with 250 or more employees and organisations, for which data processing is an important part of their business, to provide an overview of their processing activities. However, all organisations are obliged to provide information on processing activities on requests of the supervisory authorities and data subjects. Consequently, your organisation needs a clear overview of its processing activities, even if article 30 does not apply directly to your organisation. Such a clear overview can be reached through a data map.