List of datasets
|Purpose of processing:|
|Data storage and access:|
|Personal data processed:|
|Data item||Is personal data (DPO fills in)||Comment|
Description of fields
The details of service related datasets (data collections) should be filled with a list of all kinds of data which is collected or processed by this service. The table should be filled by the Service Manager and afterwards reconciled with the GEANT Data Protection Officer in order to address GDPR requirements. One service often incorporates several datasets.
<dataset_name> - name of dataset (collection of data processed in similar way).
Dataset description - brief explanation of the kind of information or entities the dataset contains.
Data source - what are source(s) of data - list of services, systems, applications, databases or similar source components, including user's input, from which data are being received. E.g. RIPE database, service ABC, organisation LDAP directory...
Data storage and access: describe where the data are stored, backup-ed etc. and who has access to the data.
Data transfer: list of other services, systems, applications, databases or similar destinations to which data are being sent. E.g. RIPE database, service ABC, GÉANT's database XYZ...
Data retention: describe data retention policy ie. for how long data are stored before being deleted. E.g. 1 year, 2 years after contract ending, forever...
Dataset size: describe dataset size in term of number or persons concerned. E.g. about 100 persons.
Personal data processed: based on Dataset content could be "Yes" if dataset contains personal data, or "No" if not.
|Version of document|
|Date of approval|
|Status (draft, approved, obsolete)||draft|
|Document owner (Service Manager?)|
|Date of resubmission|
|Intervall of resubmission|
|Type of document (policy, procedure, Information)|