GDPR process description and purpose
In the GDPRWise App data processes or activities have a name, description and purpose. GDPR requires all data processing activities to have a clear business purpose to avoid data being captured just for the sake of it, or for any not yet defined future use. Data subjects (i.e. those providing their data) should at all time be informed of what data is being collected for what purpose and there should not be any ambiguity. Only then, data subjects can make an informed decision to allow the processing or not.
Example – GDPR process, name, description, purpose and data items
Process Name: Customer invoicing
Process Description: Provision of formal invoices to customers
Purpose: To satisfy legal obligations and comply with general accounting standards
Data Items: Customer name, Customer Address, Bank account