Here are some key terms you may have heard of, or will have to get to know in order to get to grips with the General Data Protection Regulation (GDPR). Once you start getting it everyone doesn't sound like they're speaking another language. Enjoy!
‘controller’ means the legal person, public authority, agency or another organisation which, alone or jointly with others, determines the purposes and means of processing personal data.
‘processor’ means a natural or legal person, public authority, agency or another organisation which processes personal data on behalf of the controller.
A data subject is a natural person. In "legal speak" a natural person is a living indivdual. For example, a data subject can be an individual, a client, patient, customer, employee, prospect etc.
‘Processing’ means any operation, or set of operations, which is performed on personal data. It is considered processing whether these operations occur by automated or manual means. Processing includes the following activities: collecting, recording, organising, using, structuring, storing, adapting, retrieving, consulting, destroying and more.
A legal body or authority other than the data subject, controller or processor who is authorised to process personal data under the authority of the data controller or processor. For example, a solicitor acting on behalf of a customer (Data Subject).
Any direct or indirect information relating to an identified person that could be used as a means of identifying them. This includes their name, email address, location data or an online identifier, photograph etc.
# of Recitals