Defining Legal Entity Properties
To specify information on an entity:
1. In the navigation menu of HOPEX Privacy Management, click Organization > Legal entities & DPO.
2. Select an entity.
General properties of entities
Indication about the Status of the entity can be found on the top right-hand side:
• "Live": the entity has been created or validated by the DPO / GDPR team
• "Candidate": someone without the proper rights created the entity; it needs to be validated by the DPO or GDPR team
• "Obsolete": the entity no longer exists
The Status is available for all main HOPEX Privacy Management concepts.The property page offers more opportunities to describe legal entities.
• Legal Entity Name
• Acronym
• DPO: who the DPO is for the legal entity
• Reporting to DPO: who the main DPO is within a hierarchy of DPOs.
It is important to fill in this field on entities to be able to display the organizational charts of DPOs. For more information, see Viewing the DPO Organizational Chart.• Group HQ: indicates whether the legal entity represents the headquarters (read-only).
Only the legal entity created by default is considered as headquarters.• EU: indicates whether the legal entity is located in the European Union or not (read-only).
Managing establishments
For more information, see Defining Establishments.
Managing national representatives
Consequently, national representatives must be appointed when:
• the legal entity headquarters are based outside the European Union, and
• the legal entity processes personal data of people in the European Union.
If this is not the case, no national representatives are required.
The national representative acts on behalf of the controller or processor with regard to their obligations under GDPR.
To specify national representatives for an entity:
In the entity property page, select the National representatives tab.For each representative you may specify:
• the EU coverage: what part of Europe the national representative covers (for example All EU countries)
• the Last audit date: when the national representative was last audited by the legal entity.
Managing contractual agreements
To specify contractual agreements applicable to an entity:
In the entity property page, select the Contractual agreements tab.This section displays the list of existing contractual agreements that the legal entity signed with third parties.
A contractual agreement can be specified within the context of a Processing activity when a third party is involved. For more information, see Managing Third Parties.
The following information can be provided on a contractual agreement:
• Contract name
• Reference ID: can be defined from another tool (SAP for instance)
• Contract scope: enables you to specify which legal entities and departments are covered by the contract
• Expiration Date
• GDPR Specific clause: enables you to specify whether the contract contains data protection specific clauses
• Subcontracting: enables you to indicate whether the contract authorizes the third party to sub-contract its services.
You may indicate if the agreement can be audited.Managing users
To assign users to a legal entity:
1. In the navigation menu, click Organization > Legal entities and DPOs.
2. In the properties of a legal entity, select the Users tab and add the relevant users.
This section enables you to connect users who should access the information related to the current legal entity, for example its processing activities.
The users assigned have read/write permissions on objects associated to the legal entity. See also: Managing Processing Activity Visibility.
If no specific users are listed, everyone will be able to view all the processing activities of the legal entity.