4 min read

Writen by Adam

Posted on: January 15, 2021

Key GDPR terms you need to know

GDPR, the General Data Protect Regulation, is an incredibly large piece of legislation. Reading it, and understanding it, can take hours upon hours of study. However, understanding GDPR Rin its entirety is vital to avoid data breaches and hefty fines.

You may often see words such as processing or subject access requests and be unsure how these relate to data. We have put together a useful list of the most commonly used phrases to help you understand GDPR and data protection authorities better and to ensure your data is safe and secure.

  • Processing – Any action performed on individual personal data or data sets. Examples of this are but not limited too; adaptation, changing, gathering, recording, organisation, structuring, storage, retrieval, consultation, use, transmission, dissemination, restriction, erasure or destruction.
  • Data Subject – Data that pertains to an individual. This can be any person as they are easily and clearly identifiable from the data in question.
  • Personal Data– Any information related to an individual or ‘Data Subject’, that can be used to identify the person. Examples of this could be; phone number, name, address or banking information.
  • Subject Access Requests – When Data Subjects request to receive a copy of data you have about them.
  • Data Controller – Decides the reason for personal data to be processed and how to process it. This role can be performed by an individual or team dependant on the amount of personal data you intend to process.
  • Data Processor – Third parties that process data on behalf of the Data Controller, includes IT services.
  • Data Protection Officer – Responsible for data protection and GDPR compliance within your business. DPO’s are not always necessary, however, you will need one if: your business is a public authority; you engage in large amounts of systematic monitoring of individuals; you carry out large-scale processing of special categories of data; or process data relating to criminal convictions and offences.
  • Cross-Border Processing– Processing data in a single establishment in the Union, but that affects data subjects from more than one Member State. Or, the processing of personal data when the controller or processor is in more than one Member State and the processing takes place in more than one Member State.
  • Consent – Freely given, unambiguous and informed indication of the data subject’s wishes by a statement of affirmative action and agreement to the processing of their personal data.
  • Personal data breach – A security breach that results in an accidental or illegal loss, alteration, unauthorised disclosure of, destruction, or access to, personal data that has been processed, sent or stored.
  • ICO– Stands for Information Commissioners Office. The ICO is the UK’s independent body set up to uphold information rights. Uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. Use to report personal data breaches, apply for grants and stay up to date with current legislation.
  • DPA – The Data Protection Act (2018). The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). Read more on the Government Website.

Whilst there are many more important terms left to learn, this list provides a good introduction to the key terms you’ll encounter when working with GDPR law and data.

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.

Contact Us

Recent blogs

ISO 27001 Controls: A Comprehensive Step-by-Step Guide

Organisations in today's world filled with technology require a good information security setup and

Comparing Information Security Frameworks and Data Protection Frameworks

With cyber threats evolving at an unprecedented rate and regulations tightening globally, understan

EU AI Act Summary: Key Compliance Insights for Businesses

The EU AI Act is a pioneering attempt to regulate AI systems, striving for a balance between foster

Get Your Account Now

Setup in just a few minutes. Enter your company details and choose the services you need.

Create Account

Get In Touch

Not sure which option to choose? Call, email, chat to us

Contact Us

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.

Full Name is required!

Business Email is required!

Company is required!

Please accept the Terms and Conditions and Privacy Policy