(1) Each controller must maintain a record of all categories of processing activities for which the controller is responsible.
(2) The controller's record must contain the following information -
(a) the name and contact details of the controller;
(b) where applicable, the name and contact details of the joint controller;
(c) where applicable, the name and contact details of the data protection officer;
(d) the purposes of the processing;
(e) the categories of recipients to whom personal data has been or will be disclosed (including recipients in third countries or international organisations);
(f) a description of the categories of -
(i) data subject, and
(g) where applicable, details of the use of profiling;
(h) where applicable, the categories of transfers of personal data to a third country or an international organisation;
(i) an indication of the legal basis for the processing operations, including transfers, for which the personal data is intended;
(j) where
…