0330 055 2678 | Client Portal |

0330 055 2678 | Client Portal |

GDPR glossary

The General Data Protection Regulation shares many terms with the Data Protection Act. This is a layman’s guide to the most commonly used terms.

We also have a general key things you need to know guide

Consent
Permission to collect, store and use personal data.
Data Controller
The person who “owns” the data who determines the purposes for which, and the manner in which any personal data are, or are to be, processed.
Data Portability
The ability to move data from organisation to organisation, or across nation states.
DPA
Data Protection Act: the regulation that the GDPR replaces.
Data Processor
Any person who processes data on behalf of the Data Controller.
Data Protection Officer
Person responsible for the oversight of organisational data protection strategy and implementation to ensure compliance with the GDPR.
Data Subject
The person to whom a data set relates (for example, you or me).
GDPR
General Data Protection Regulations: the new regulations governing the way we collect, store, use and destroy data.
ICO
Information Commissioner’s Office: the body responsible for upholding GDPR.
Personal Data
Anything clearly seen as personal, including name, address, phone number but also including IP addresses, cookie identifiers and UDID (Unique device Identifiers). Expressions of opinion about an individual also count as Personal Data, so you need to be careful what you say about colleagues or clients in emails.
Right to be Forgotten
The right to request the complete deletion of all personal data.
Subject Access Request
A request that an individual can make to find out the data that an organisation has relating to them.