The Records of Processing Operations (RoPO) allow you as Controlling Service to make an inventory of the data processing and to have an overview of what you are doing with the personal data concerned.

The recording obligation is stated § 46 Operational Circular No. 11 (OC 11), which says that each Controlling Service shall establish one or more RoPOs relating to the Personal Data it processes.

It is therefore not necessary for Processing Services to draw up RoPOs for personal data processing they are doing on behalf of a Controlling Service, as these operations are to be documented by the Controlling Service.

The RoPO is a document with inventory and analysis purposes, which must reflect the reality of your personal data processing and allow you to precisely identify, among others:

• the type(s) of Personal Data being processed;

• the purpose of its collection;

• the period for which it will be retained;

• where applicable, details regarding the use of profiling and automated decision-making tools; and

• where applicable, details regarding transfers of Personal Data

The RoPO is not only a legal obligation but also an internal control tool and a way to demonstrate your compliance with OC 11. It allows you to document your data processing and to know what questions you must ask yourself before and while processing the data: do I really need a certain data for this specific processing? Is it relevant to retain all this data for so long? Are the data sufficiently protected? Creating and updating the record are occasions to identify and to hierarchize the processing risks in light of OC 11. These considerations will allow you to draft an action plan of your processing complying with data protection rules.

The RoPO plays a central role amongst the obligations of Controlling Services and is the basis for:

• the generation of privacy notices for your processing activities,
• the conduct of Data Privacy Impact Assessments, and
• the application of the Privacy by Design and by Default approach.