1.The EPPO shall maintain a record of all categories of processing activities under its responsibility. That record shall contain all of the following information:
(a)its contact details and the name and the contact details of the data protection officer;
(b)the purposes of the processing;
(c)a description of the categories of data subjects and of the categories of operational personal data;
(d)the categories of recipients to whom the operational personal data have been or will be disclosed including recipients in third countries or international organisations;
(e)where applicable, transfers of operational personal data to a third country or an international organisation, including the identification of that third country or international organisation;
(f)where possible, the envisaged time limits for erasure of the different categories of data;
(g)where possible, a general description of the technical and organisational security measures referred to in Article 73.
2.The records referred to in paragraph 1 shall be in writing, including in electronic form.
3.The EPPO shall make the record available to the European Data Protection Supervisor on request.