Key Definitions

Personal Data
 Any information relating to an identified or identifiable natural person (data subject); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Sensitive Personal Data
Personal data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade- union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data. Data relating to criminal offences and convictions are addressed separately (as criminal law lies outside the EU's legislative competence).
Anonymous Data
Data from which no individuals can be identified or re-identified. These are outside the scope of GDPR.
Pseudonymous Data
Data that is altered in such a way that no individuals can be identified from those data (whether directly or indirectly) without a "key" that allows the data to be re-identified. The key should be stored separately from the pseudonymous data. Pseudonymizing data can be a way to comply with the "Privacy by design / default" requirement. 
Consent
A freely given, specific, informed and unambiguous indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed.
Displaying pre-checked checkboxes and forcing customers to uncheck these, in order to revoke consent is not allowed, since this is no longer a clear affirmative action.
Processing
Anything that is done to, or with, personal data (such as collecting, storing, deleting)
​
The information provided in this resource base and on the Datawallet website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information. This website contains links to other third-party websites. Such links are only for the convenience of the reader, user or browser. No reader, user, or browser of this site should act or refrain from acting on the basis of information on this site without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. All liability with respect to actions taken or not taken based on the contents of this site are hereby expressly disclaimed. The content on this posting is provided “AS IS;” no representations are made that the content is error-free.

EU-GDPR OVERVIEW - Previous

Actions and Fines for Violations of the GDPR

Next - EU-GDPR Deep Dive

In-Depth Legal Summary of the GDPR

Last modified 2yr ago

Copy link

Outline

Personal Data

Sensitive Personal Data