Key Terms
- personal data
- Any information relating to an identified or identifiable natural person ('data subject'), including identifiers such as a name, identification number, location data, online identifier, or factors specific to the physical, genetic, or social identity of that person [Art. 4(1)].
- processing
- Any operation or set of operations performed on personal data, whether by automated means or not, such as collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction [Art. 4(2)].
- controller
- The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data [Art. 4(7)].
- processor
- A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller, bound by documented instructions [Art. 4(8)].
- personal data breach
- A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored, or otherwise processed [Art. 4(12)].
- pseudonymisation
- Processing of personal data so that it can no longer be attributed to a specific data subject without using additional information, which must be kept separately under technical and organisational measures [Art. 4(5)].
- supervisory authority
- An independent public authority established by a Member State to monitor the application of the GDPR, in order to protect the fundamental rights and freedoms of natural persons in relation to processing [Art. 4(21), Art. 51].
Frequently Asked Questions
What is the difference between a controller and a processor?
When must a Data Protection Officer be appointed?
What qualifies as a personal data breach?
Does the GDPR apply to companies outside the EU?
What are the requirements for valid consent under the GDPR?
What are special categories of personal data?
When is a Data Protection Impact Assessment required?
Assessment Factors & Checklist
PremiumQuestions for Your Lawyer
PremiumConclusion & Summary
PremiumDetailed analysis with source links.
Schalten Sie die KI-Analyse frei — mit markierten Fundstellen und direkten Links zu EUR-Lex. 7 Tage kostenlos testen.
Keine Kreditkarte heute. Kündigung jederzeit.