Last updated: 2026-04-06
Guide
Processing Activities¶
Document and manage your data processing purposes for GDPR Article 30 compliance.
Overview¶
Processing activities in Dxtra represent the purposes for which you process personal data. Each processing purpose links to:
- Business purpose templates (high-level business objectives)
- Operational purpose templates (specific processing operations)
- Data processors (third parties processing data on your behalf)
- Legal basis (consent, contract, legitimate interest, etc.)
- Retention periods
Managing Processing Activities¶
Creating a Processing Purpose¶
- Navigate to Data Mapping in the dashboard
- Click Add Processing Purpose
- Select a business purpose template and operational purpose template
- Choose the legal basis for processing
- Set retention and usage periods
- Mark whether the purpose is essential (cannot be opted out)
- Save the processing purpose
Purpose Templates¶
Business Purpose Templates represent high-level business objectives:
- Customer Relationship Management
- Marketing Communications
- Analytics and Reporting
- Fraud Prevention
- Legal Compliance
Operational Purpose Templates represent specific processing operations:
- Account registration
- Order processing
- Email campaign delivery
- Website analytics
- Customer support interactions
Legal Basis Options¶
The platform supports standard GDPR legal bases:
| Legal Basis | Description | Use Case |
|---|---|---|
| Consent | Data subject has given consent | Marketing, analytics |
| Contract | Processing necessary for contract | Order fulfillment, account management |
| Legal Obligation | Processing required by law | Tax records, regulatory compliance |
| Vital Interests | Protecting vital interests | Emergency contact, health data |
| Public Task | Public interest or official authority | Government services |
| Legitimate Interests | Legitimate business interests | Fraud prevention, security |
Essential vs. Optional Purposes¶
- Essential purposes cannot be opted out by data subjects. The legal basis is typically contract performance or legitimate interest.
- Optional purposes require explicit consent. Users can opt in or out via consent forms linked to these purposes.
Dashboard Interface¶
Purposes Widget¶
Located on the Assurance page, the Purposes widget displays:
- Total number of processing purposes
- Purpose templates associated with each purpose
- Essential vs. optional designation
- Legal basis for each purpose
Data Mapping Section¶
The Data Mapping page includes:
- Record of Processing Activities (RoPA) overview
- Processing purpose configuration
- Data processor associations
- Profiling and automated decision-making flags
Access Control¶
Processing purpose operations are restricted by role:
| Operation | Allowed Roles |
|---|---|
| View | Owner, Admin, Business Owner, DPO, Data Controller, Developer, Auditor |
| Create | Owner, Admin, Business Owner, DPO, Data Controller |
| Update | Owner, Admin, Business Owner, DPO, Data Controller |
| Delete | Owner, Admin, Business Owner, DPO |
Related Documentation¶
- Data Flow Mapping -- Track processing activity logs
- Consent Management -- Link purposes to consent forms
- Data Subject Management -- Track processing per data subject
- API Reference -- GraphQL schema for processing purposes