GDPR Preparing for Compliance

Before you begin to use the GDPR Data Mapper we recommend you attempt to fully understand several key areas:

What is personal data

Under GDPR, personal data is any information relating to an identified or identifiable natural person. For example, name, ID number, location, IP address and even biometric data.

What are the data categories?

There are two main data categories under GDPR: The first is ‘personal data’, which is any information relating to an identifiable person. The second is ‘sensitive personal data’ which reveals racial or ethnic origin, sexuality, political opinion, religious of philosophical beliefs, genetic or biometric data, trade union membership, or health/ medical data.

What are the lawful reasons for processing?

There are several conditions provided under GDPR which provide a lawful basis for processing data. They are:

  • Consent
  • Contractual obligation
  • Legal obligation
  • Vital interest
  • Public interest
  • Legitimate interest