Here are some key terms you may have heard of, or will have to get to know in order to get to grips with the General Data Protection Regulation (GDPR). Once you start getting it everyone doesn't sound like they're speaking another language. Enjoy!
Data Controller
‘controller’ means the legal person, public authority, agency or another organisation which, alone or jointly with others, determines the purposes and means of processing personal data.
Data Processor
‘processor’ means a natural or legal person, public authority, agency or another organisation which processes personal data on behalf of the controller.
Data Subject
A data subject is a natural person. In "legal speak" a natural person is a living indivdual. For example, a data subject can be an individual, a client, patient, customer, employee, prospect etc.
Data Processing
‘Processing’ means any operation, or set of operations, which is performed on personal data. It is considered processing whether these operations occur by automated or manual means. Processing includes the following activities: collecting, recording, organising, using, structuring, storing, adapting, retrieving, consulting, destroying and more.
Third Party
A legal body or authority other than the data subject, controller or processor who is authorised to process personal data under the authority of the data controller or processor. For example, a solicitor acting on behalf of a customer (Data Subject).
Personal Data
Any direct or indirect information relating to an identified person that could be used as a means of identifying them. This includes their name, email address, location data or an online identifier, photograph etc.
11
Chapters
99
GDPR Articles
173
# of Recitals