Register of data processing activities

In compliance with Regulation (EU) 2018/1725, ENISA maintains a central register of data processing activities. This register includes all records of processing activities relevant to ENISA and provides information on the following aspects:

  • Controller(s), processor, data protection officer
  • Purpose of the personal data processing
  • Categories of data subjects (persons concerned)
  • Categories of personal data processed
  • Time limits (i.e. how long the data is kept)
  • Recipients of the data (to whom the data is disclosed)
  • Possible transfers of personal data to third countries (i.e. outside EU/EEA)
  • General description of security measures

The records can be viewed in detail through the list presented below.

ENISA’s register of data processing activities

For further information, please contact the ENISA Data Protection Officer (DPO).