Modal
Menu

5.3 Customization of the Processing sheet for all Processing entity

In order to document the functionalities purchased by a given Processing entity and capture its needs for customization of the Processing sheet, we will proceed together to the configuration of TPOmap, for which we will organize a call of 1h30 to complete the following information: 

  • Area of activities: these are defined within TPOmap as the names of the operational units of a Processing entity (ex. Marketing department).
    You can add/modify/delete the area of activities by clicking on “Various” and then “Areas of Activities”.
  • Custom potential purposes: purposes are defined within TPOmap as the objective of a given personal data processing activity. However, if an organization has specific processing purposes which should be available on the Processing sheets and displayed as such on the TPOmap Dashboard, it is possible to add/modify/delete these purposes by clicking on “Various” and then “Potential purposes”.
  • Custom categories of ordinary and vulnerable data subjects: in line with GDPR, data subjects are defined within TPOmap as individuals about whom personal data are processed. Data protection laws foresee that certain data subjects such as children, employees, etc. require special protection. For that reason, they are defined within TPOmap as “vulnerable” data subjects, while the data subjects that do not benefit from such specific protection are defined as “ordinary” data subjects. As a standard, the TPOmap Processing sheet comes with a series of general categories of vulnerable and ordinary data subjects. However, if an organization has specific categories of data subjects which should be available on the Processing sheets and displayed as such on the TPOmap Dashboard, it is possible to add/modify/delete these purposes by clicking on “Various” and then “Cat. Of Ord. Data Subj.” or “Cat. Of. Vuln. Data Subj.”.
  • Potential recipients : in line with GDPR, recipients of personal data are defined in TPOmap as a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. To make the data input easier of the different recipients in the processing sheets, we encourage you to encode here your different potential recipients of personal data (i.e. on the basis of your supplier’s list) to eliminate a maximum of orthographic error and be able to reutilize them in the different processing sheets. 
    To add/modify/delete the different recipients by clicking on “Various” and then “Potential recipients”.
  • Personal data: in line with GDPR, personal data are defined within TPOmap as any information relating to an identified or identifiable natural person (‘data subject’). For your facilities, we have pre-established a list a personal data that can be used in the processing sheet. However, if an organization has specific personal data which should be available on the Processing sheets and displayed as such on the TPOmap Dashboard, it is possible to add/modify/delete these personal data by clicking on “Various” and then “Personal data”.