TermWhat is means
Data SubjectA living individual. We’ll just say ‘you’, ‘your’ or ‘individuals’ in this Notice
Data ControllerThe person or entity that decides what, how and why to Process Personal Data. We’ll use ‘we’ ‘our’ and ‘us,’ since we’re the Data Controller
Data ProcessorThe person or entity that Processes Personal Data on behalf of a Data Controller according to their instructions
Data Protection Law (DP Law)The General Data Protection Regulation (GDPR), the UK Data Protection Act 2018 (DPA 2018), the Privacy and Electronic Communications Regulation 2003 (UK PECR), and other data protection legislation, as amended from time to time
Joint ControllerA person or entity that decides what, how and why to Process Personal Data jointly with another Data Controller
Process or ProcessingAnything we do to Personal Data throughout its lifecycle: generating, scraping, collecting, sharing, storing, accessing, deleting, recording, organising – whether manually or using automation
Personal DataAny information relating to an identifiable individual, even if we don’t know their name. That means that any data that, alone or with other information, can be used to figure out who an individual is or to target or impact an individual – like location, IP address, ID number, image or voice, or identifiable cookies – is likely to be Personal Data. Even Personal Data that’s been ‘pseudonymised’ (i.e. identifiers have been stripped away but the pseudonym could be reverse-engineered or linked back to the individual) is Personal Data.
Unless data is truly anonymous, assume it’s Personal Data
Special DataSpecial categories of more sensitive Personal Data that requires a higher level of protection, such as information about a person’s health or sexual orientation. Special Data is subject to more stringent safeguards, and we’re only allowed to Process it in certain cases