Skip to content

0485 Data Processing Purposes

Privacy regulations such as the EU's General Data Processing Regulation (GDPR) require data subjects to agree the processing that is permitted on their data. Often the processing is summarized in terms of the outcome (or the "purpose" of the processing) with the option to drill down into the details of how this processing is achieved.

The types below are used to capture the detailed data processing descriptions associated with a DataProcessingPurpose and record who or what has permission to perform the specified processing.

UML

DataProcessingDescription entity

The DataProcessingDescription entity captures the details of the processing that is permitted on a data subject's data. It is type of collection, allowing finer-grained detail to be nested under newoth it using the CollectionMembership relationship.

PermittedProcessing relationship

The PermittedProcessing relationship captures the relationship between a DataProcessingPurpose and the DataProcessingDescription that describes the processing that is permitted on a data subject's data.

DataProcessingAction entity

The DataProcessingAction entity captures an action that is performed on a data subject's data (target). It is type of collection, and can have members that are more fine-grained actions.

DataProcessingAction entities are often members of DataProcessingDescription entities.

Raise an issue or comment below