controller-ropa-creation

Installation
SKILL.md

Controller RoPA Creation

Overview

GDPR Article 30(1) requires every controller to maintain a written record of processing activities carried out under its responsibility. This skill provides a complete methodology for creating controller RoPA entries that satisfy all seven mandatory field requirements specified in Art. 30(1)(a) through (g), ensuring the organisation can demonstrate accountability under Art. 5(2) and respond to supervisory authority requests under Art. 30(4).

Mandatory Field Requirements

Field 1: Controller Identity and Contact Details — Art. 30(1)(a)

This field must identify:

  • Legal entity name: The registered name of the controller as it appears in the national business register (e.g., Companies House, Handelsregister, Registre du Commerce).
  • Registered address: The official registered office address.
  • Contact details: General contact email and telephone for data protection inquiries.
  • Joint controller(s): Where processing is jointly determined under Art. 26, the identity and contact details of each joint controller and a reference to the Art. 26 arrangement.
  • EU Representative: Where the controller is not established in the EEA, the identity and contact details of the Art. 27 representative.
  • Data Protection Officer: Name, email, and telephone of the DPO appointed under Art. 37, or a statement that no DPO is required with justification.
Installs
10
GitHub Stars
187
First Seen
May 25, 2026
controller-ropa-creation — mukul975/privacy-data-protection-skills