GDPR Preparing for Compliance
What is personal data
Under GDPR, personal data is any information relating to an identified or identifiable natural person. For example, name, ID number, location, IP address and even biometric data.
What are the data categories?
There are two main data categories under GDPR: The first is ‘personal data’, which is any information relating to an identifiable person. The second is ‘sensitive personal data’ which reveals racial or ethnic origin, sexuality, political opinion, religious of philosophical beliefs, genetic or biometric data, trade union membership, or health/ medical data.
What are the lawful reasons for processing?
There are several conditions provided under GDPR which provide a lawful basis for processing data. They are:
- Contractual obligation
- Legal obligation
- Vital interest
- Public interest
- Legitimate interest