How-to: GDPR gets personal and sensitive
Starting with first principles, if the EU wants to protect personal and sensitive data, then how exactly are we to define 'personal' and 'sensitive'?
What is 'personal data'?
Personal data is defined as any piece of personal information that can be used to identify an
individual, either directly or indirectly. This includes information such as an individual’s:
- Telephone Number
- Email address
- Date of birth
- Health information
- Location data
- Online identifiers such as IP addresses or cookies
What is 'sensitive data'?The GDPR defines ‘sensitive personal data’ as data which reveals an individual's:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade Union membership
- Genetic or biometric details, where processed to uniquely identify an individual
- Health details.
Now we know what it is, what does GDPR allow us to do with it? Follow on. RC