group-structure-ropa
Installation
SKILL.md
Group Structure RoPA
Overview
GDPR Art. 30 applies to each controller and each processor individually. In a corporate group comprising a holding company, operating subsidiaries, shared service centres, and joint ventures, each entity that independently determines purposes and means of processing must maintain its own Art. 30(1) records. Entities acting as processors for group companies must maintain Art. 30(2) records. This skill addresses the complexities of group-level RoPA management including entity hierarchy, intra-group data flows, shared processing activities, and consolidated governance.