With regard to data protection in companies, knowledge of both the existing data sources and the data storage locations used is of central importance.
Data sources are the systems or locations from which personal data originates. At a superficial level, it is worth distinguishing between direct collection and external collection. These typically include
Data subjects / direct collection
External sources, e.g. from marketing companies or data brokers
Other sources, e.g. software
Data storage locations include both physical and digital storage options. Usually specified here:
Software solutions used, in particular Saas solutions (“products”)
Physical storage locations (file folders or similar)
Digital, internal storage locations
By handling data sources and storage locations correctly and complying with GDPR requirements, companies ensure that personal data is processed and protected in accordance with data protection regulations.