Definition: Processing of personal data in such a manner that the personal data can no longer be attributed to a specific individual without the use of additional information, provided that such addit...

Definition: Process of turning data into a form that does not identify individuals and where identification is not likely to take place. (The process is irreversible so the data is likely removed from...

Definition: Any natural or legal person, public authority, agency or another body that processes personal data on behalf of the Businesses. Commentary:

Definition: Current, former, and prospective individual consumers contracted to receive products or services. Commentary:

Definition: A data protection officer (DPO) is an enterprise security leadership role required by consumer protection regulation. Commentary:

Definition: Jurisdictions that were deemed to provide an adequate level of protection to personal data by the European Commission. These include Andorra, Argentina, Canada, Faeroe Islands, Guernsey, I...

Definition: A DPIA is an assessment of the impact of envisaged processing operations on the protection of personal data. Commentary: Under the GDPR, a DPIA must be carried out where a type of processi...

Definition: Any information relating to a data subject. Commentary:

Definition: EU General Data Protection Regulation, or Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. Commentary:

Definition: Employees mean current, former and prospective staff including full or part-time workers, interim or casual workers, salaried workers, consultants, contractors or temporary workers whether...