CDPA (Zimbabwe)
Cyber & Data Protection Act [Chapter 12:07] — POTRAZ compliance.
ahgCDPAPlugin
0
cdpa_audit_log0
cdpa_breach8
cdpa_config0
cdpa_consent0
cdpa_controller_license0
cdpa_data_subject_request0
cdpa_dpia0
cdpa_dpo0
cdpa_processing_activityEntity Relationship Diagram
Open Full Size
Foreign Key Relationships
| Constraint | Table | Column | References | Referenced Column | |
|---|---|---|---|---|---|
cdpa_consent_ibfk_1 |
cdpa_consent |
processing_activity_id | cdpa_processing_activity |
id | |
cdpa_dpia_ibfk_1 |
cdpa_dpia |
processing_activity_id | cdpa_processing_activity |
id |
cdpa_audit_log
8 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
action_type |
varchar(100) | NOT NULL | - | |||
| FK | entity_type |
varchar(100) | NOT NULL | - | ||
entity_id |
bigint unsigned | NULL | - | |||
| FK | user_id |
int | NULL | - | ||
details |
json | NULL | - | |||
ip_address |
varchar(45) | NULL | - | |||
| FK | created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED |
cdpa_breach
24 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
| UQ | reference_number |
varchar(50) | NOT NULL | - | ||
| FK | incident_date |
datetime | NOT NULL | - | When the breach occurred | |
discovery_date |
datetime | NOT NULL | - | When breach was discovered | ||
description |
text | NOT NULL | - | |||
breach_type |
varchar(92) | NOT NULL | - | unauthorized_access, data_loss, data_theft, accidental_disclosure, system_breach, other | ||
data_affected |
text | NULL | - | Types of data affected | ||
records_affected |
int | NULL | - | Number of records affected | ||
data_subjects_affected |
int | NULL | - | Number of individuals affected | ||
| FK | severity |
varchar(34) | NULL |
medium
|
low, medium, high, critical | |
potraz_notified |
tinyint(1) | NULL |
0
|
|||
potraz_notified_date |
datetime | NULL | - | Must be within 72 hours | ||
potraz_reference |
varchar(100) | NULL | - | |||
subjects_notified |
tinyint(1) | NULL |
0
|
|||
subjects_notified_date |
datetime | NULL | - | |||
notification_method |
text | NULL | - | How subjects were notified | ||
root_cause |
text | NULL | - | |||
remediation |
text | NULL | - | Actions taken to address breach | ||
prevention_measures |
text | NULL | - | Measures to prevent recurrence | ||
| FK | status |
varchar(50) | NULL |
investigating
|
investigating, contained, resolved, ongoing | |
reported_by |
int | NULL | - | |||
closed_date |
datetime | NULL | - | |||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_config
7 columns
8 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
| UQ | setting_key |
varchar(100) | NOT NULL | - | ||
setting_value |
text | NULL | - | |||
setting_type |
varchar(37) | NULL |
string
|
string, integer, boolean, json | ||
description |
text | NULL | - | |||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_consent
17 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
data_subject_name |
varchar(255) | NOT NULL | - | |||
data_subject_email |
varchar(255) | NULL | - | |||
| FK | data_subject_id |
varchar(100) | NULL | - | ID or unique identifier | |
purpose |
varchar(255) | NOT NULL | - | Purpose consent was given for | ||
| FK | processing_activity_id |
bigint unsigned | NULL | - | Link to processing activity | |
| FK | consent_date |
datetime | NOT NULL | - | ||
consent_method |
varchar(42) | NULL |
electronic
|
written, electronic, verbal, opt_in | ||
withdrawal_date |
datetime | NULL | - | |||
withdrawal_reason |
text | NULL | - | |||
is_biometric |
tinyint(1) | NULL |
0
|
Consent for biometric data | ||
is_children |
tinyint(1) | NULL |
0
|
Consent for children data (guardian consent) | ||
guardian_name |
varchar(255) | NULL | - | Guardian name if children consent | ||
evidence_path |
varchar(500) | NULL | - | Path to consent evidence document | ||
| FK | is_active |
tinyint(1) | NULL |
1
|
||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_controller_license
15 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
| FK | license_number |
varchar(100) | NOT NULL | - | POTRAZ license number | |
tier |
varchar(33) | NOT NULL | - | tier1, tier2, tier3, tier4 | ||
organization_name |
varchar(255) | NOT NULL | - | |||
registration_date |
date | NOT NULL | - | |||
issue_date |
date | NOT NULL | - | |||
| FK | expiry_date |
date | NOT NULL | - | ||
potraz_ref |
varchar(100) | NULL | - | POTRAZ reference number | ||
certificate_path |
varchar(500) | NULL | - | Path to license certificate document | ||
data_subjects_count |
int | NULL | - | Estimated number of data subjects | ||
renewal_reminder_sent |
tinyint(1) | NULL |
0
|
|||
| FK | status |
varchar(50) | NULL |
active
|
active, expired, suspended, pending_renewal | |
notes |
text | NULL | - | |||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_data_subject_request
19 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
| FK | request_type |
varchar(69) | NOT NULL | - | access, rectification, erasure, object, portability, restriction | |
| UQ | reference_number |
varchar(50) | NOT NULL | - | Internal reference number | |
data_subject_name |
varchar(255) | NOT NULL | - | |||
data_subject_email |
varchar(255) | NULL | - | |||
data_subject_phone |
varchar(50) | NULL | - | |||
data_subject_id_number |
varchar(50) | NULL | - | National ID or passport number | ||
| FK | request_date |
date | NOT NULL | - | ||
| FK | due_date |
date | NOT NULL | - | 30 days from request date | |
description |
text | NULL | - | Details of the request | ||
| FK | status |
varchar(57) | NULL |
pending
|
pending, in_progress, completed, rejected, extended | |
completed_date |
date | NULL | - | |||
handled_by |
int | NULL | - | User ID who handled the request | ||
response_notes |
text | NULL | - | |||
rejection_reason |
text | NULL | - | |||
extension_reason |
text | NULL | - | Reason if deadline was extended | ||
verification_method |
varchar(100) | NULL | - | How identity was verified | ||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_dpia
20 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
name |
varchar(255) | NOT NULL | - | |||
| FK | processing_activity_id |
bigint unsigned | NULL | - | Link to processing activity | |
description |
text | NULL | - | |||
necessity_assessment |
text | NULL | - | Why is this processing necessary? | ||
| FK | risk_level |
varchar(34) | NULL |
medium
|
low, medium, high, critical | |
assessment_date |
date | NOT NULL | - | |||
assessor_name |
varchar(255) | NULL | - | |||
| FK | next_review_date |
date | NULL | - | ||
| FK | status |
varchar(46) | NULL |
draft
|
draft, in_progress, completed, approved | |
findings_json |
json | NULL | - | Detailed risk findings | ||
risks_identified |
text | NULL | - | |||
mitigation_measures |
text | NULL | - | |||
residual_risk_level |
varchar(34) | NULL | - | low, medium, high, critical | ||
dpo_approval |
tinyint(1) | NULL |
0
|
|||
dpo_approval_date |
date | NULL | - | |||
dpo_comments |
text | NULL | - | |||
created_by |
int | NULL | - | |||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_dpo
14 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
name |
varchar(255) | NOT NULL | - | |||
email |
varchar(255) | NOT NULL | - | |||
phone |
varchar(50) | NULL | - | |||
qualifications |
text | NULL | - | Professional qualifications | ||
hit_cert_number |
varchar(100) | NULL | - | Harare Institute of Technology certification number | ||
appointment_date |
date | NOT NULL | - | |||
term_end_date |
date | NULL | - | End of appointment term | ||
form_dp2_submitted |
tinyint(1) | NULL |
0
|
Form DP2 submitted to POTRAZ | ||
form_dp2_date |
date | NULL | - | Date Form DP2 was submitted | ||
form_dp2_ref |
varchar(100) | NULL | - | POTRAZ reference for Form DP2 | ||
| FK | is_active |
tinyint(1) | NULL |
1
|
||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
cdpa_processing_activity
20 columns
0 rows
| Column | Type | Nullable | Default | Extra | Comment | |
|---|---|---|---|---|---|---|
| PK | id |
bigint unsigned | NOT NULL | - | auto_increment | |
name |
varchar(255) | NOT NULL | - | Name of processing activity | ||
| FK | category |
varchar(100) | NOT NULL | - | Category of data subjects (employees, customers, etc.) | |
data_types |
text | NOT NULL | - | Types of personal data processed (JSON array) | ||
purpose |
text | NOT NULL | - | Purpose of processing | ||
legal_basis |
varchar(94) | NOT NULL | - | consent, contract, legal_obligation, vital_interest, public_interest, legitimate_interest | ||
storage_location |
varchar(37) | NULL |
zimbabwe
|
zimbabwe, international, both | ||
international_country |
varchar(100) | NULL | - | Country if stored internationally | ||
retention_period |
varchar(100) | NULL | - | How long data is retained | ||
safeguards |
text | NULL | - | Security safeguards description | ||
cross_border |
tinyint(1) | NULL |
0
|
Involves cross-border transfer | ||
cross_border_safeguards |
text | NULL | - | Safeguards for cross-border transfer | ||
automated_decision |
tinyint(1) | NULL |
0
|
Involves automated decision-making | ||
children_data |
tinyint(1) | NULL |
0
|
Processes children data | ||
biometric_data |
tinyint(1) | NULL |
0
|
Processes biometric data | ||
health_data |
tinyint(1) | NULL |
0
|
Processes health data | ||
| FK | is_active |
tinyint(1) | NULL |
1
|
||
created_by |
int | NULL | - | |||
created_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED | ||
updated_at |
datetime | NULL |
CURRENT_TIMESTAMP
|
DEFAULT_GENERATED on update CURRENT_TIMESTAMP |
Notes
Log in to add notes.
Legend
PK Primary Key
FK Foreign Key / Index
UQ Unique Constraint
Table structures are read live from the database. Row counts reflect current data.