Our data glossary: key terms explained

    Hear terms like 'data', 'GDPR' and 'cookies' all the time, but don't know exactly what they mean? We get it.

    Hear terms like 'data', 'GDPR' and 'cookies' all the time, but don't know exactly what they mean? We get it.

    So, we've put together a list for you, that you can always refer back to. We'll keep adding to it as we get asked more questions, too!

    ⚠️ For more detail about these definitions, click on the terms themselves, we've normally got an article on it

    Key data definitions:

    Personal data

    Legally, 'personal data' is any information that allows a living person to be directly, or indirectly, identified.

    So, any information that’s specific to a person’s physical, physiological, genetic, mental, economic, cultural or social identity can be classed as personal data. Defining what doesn't count as personal data is a little harder, as it all comes down to context.

    Special category data

    ‘Special category data’ is personal data that’s been classed as ‘sensitive’. This is because if it's used to identify a person, it can significantly risk their fundamental rights and freedoms.

    Subject access request

    A Subject Access Request or ‘SAR’ is a written request that you can send to any organisation in order to see what personal data they hold on you. To find out how, check out our blog.

    request your personal data


    A computer cookie, also known as an HTTP cookie, is a packet of data that stores small pieces of information about your online activity. They're created as you interact with websites online, and stored in your browser. You can find out how to delete them here.

    GDPR (General Data Protection Regulation)

    GDPR came into effect on May 25th, 2018. It’s an EU (European Union) law, but it affects businesses worldwide to different extents.

    In essence, it gives individuals more rights and control over their own personal data, and limits what companies can do with it. You can read about your rights here.

    The Data Protection Act (2018)

    The Data Protection Act is the UK's tailored version of the EU's General Data Protection Regulation. The law aims to empower individuals to take control of their personal data and protect their rights. It also limits what organisations can legally do with personal data.

    The Information Commissioner's Office

    The 'ICO' was set up in 2018, as the UK's independent authority to 'uphold information rights in the public interest'. Basically, to make sure that personal data isn't being misused, and fining or warning companies who don't abide by the law.

    Data breach class actions

    Essentially, a class action is a lawsuit filed or defended by an individual on behalf of a wider group.

    In the case of a data breach, the class action would claim compensation for a group of people negatively affected by the misuse of their personal data.

    This list is for you, and will be added to, so please do get in touch or tweet us with any requests!

    Take control of your data today

    Related Articles