- DPO's Blog
Our data glossary: key terms explained
By eleanor blackwood
Mon 6 July 2020
Hear terms like 'data', 'GDPR' and 'cookies' all the time, but don't know exactly what they mean? We get it.
So, we've put together a list for you, that you can always refer back to. We'll keep adding to it as we get asked more questions, too!
⚠️ For more detail about these definitions, click on the terms themselves, we've normally got an article on it
Key data definitions:
Legally, 'personal data' is any information that allows a living person to be directly, or indirectly, identified.
So, any information that’s specific to a person’s physical, physiological, genetic, mental, economic, cultural or social identity can be classed as personal data. Defining what doesn't count as personal data is a little harder, as it all comes down to context.
‘Special category data’ is personal data that’s been classed as ‘sensitive’. This is because if it's used to identify a person, it can significantly risk their fundamental rights and freedoms.
A Subject Access Request or ‘SAR’ is a written request that you can send to any organisation in order to see what personal data they hold on you. To find out how, check out our blog.
A computer cookie, also known as an HTTP cookie, is a packet of data that stores small pieces of information about your online activity. They're created as you interact with websites online, and stored in your browser. You can find out how to delete them here.
GDPR came into effect on May 25th, 2018. It’s an EU (European Union) law, but it affects businesses worldwide to different extents.
In essence, it gives individuals more rights and control over their own personal data, and limits what companies can do with it. You can read about your rights here.
The Data Protection Act is the UK's tailored version of the EU's General Data Protection Regulation. The law aims to empower individuals to take control of their personal data and protect their rights. It also limits what organisations can legally do with personal data.
The 'ICO' was set up in 2018, as the UK's independent authority to 'uphold information rights in the public interest'. Basically, to make sure that personal data isn't being misused, and fining or warning companies who don't abide by the law.
Essentially, a class action is a lawsuit filed or defended by an individual on behalf of a wider group.
In the case of a data breach, the class action would claim compensation for a group of people negatively affected by the misuse of their personal data.
This list is for you, and will be added to, so please do get in touch or tweet us with any requests!