Create record of technical and organisational measures (TOM)
With this tool, you generate a record of technical and organisational measures for your company as a .docx template.
Once you have completed the questionnaire and clicked the send button, the generated template filled with your inputs will be sent via email to the email address of your user account.
How to use the TOM record generator
Having trouble filling out the form? Here are a few tips.
1What does pseudonymisation mean?
Pseudonymisation is an encryption technique in which a data set is split into two separate parts. One part contains the assignment of keys to individuals, while the other contains the attributes and the key symbols/ID values. This ensures that the characteristics can no longer be passed on as personal data.
2Why do I need the record (of processing activities)?
The record becomes relevant whenever two parties wish to exchange confidential information—whether related to data protection or trade secrets. A typical scenario is the engagement of a subcontractor. Such a subcontractor is often required to provide evidence of compliance with confidentiality standards. A record like this can serve as that proof.
3I filled out the form. Where can I download the contract?
The contract is automatically sent via email to the email address you registered with. If nothing has arrived, please check your spam folder.
4Is its creation legally required?
Yes, alongside data protection impact assessments and the record of processing activities, the record of technical and organisational measures is the third central component in the implementation of the GDPR.
5How legally compliant is the provided contract?
The contract is a template that already covers many areas. However, to ensure legal certainty, it is recommended to have it reviewed by a data protection lawyer.