Key definitions under data protection law

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Key definitions under data protection law
  • Scope of this Practice Note
  • Background to the EU GDPR and UK GDPR
  • Key definitions under the EU GDPR and UK GDPR
  • Personal data
  • Anonymous data
  • Pseudonymous data
  • Special categories of personal data
  • Personal data relating to criminal convictions and offences or related security measures
  • Data subject
  • More...

Key definitions under data protection law

This Practice Note provides further guidance on key definitions used in the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (the EU GDPR) and/or the United Kingdom General Data Protection Regulation, Retained Regulation (EU) 2016/679 (the UK GDPR).

For high-level introductions to UK and EEA data protection laws, see Practice Notes: Data protection law—new starter guide and Introduction to the EU GDPR and UK GDPR. The Data protection toolkit collates further general guidance on those regimes and is a recommended starting point for research.

Scope of this Practice Note

Given the extensive data flows between the EEA and UK, equivalent EEA data protection laws will remain of particular interest to UK practitioners. In relation to the subject matter of this Practice Note, there is great similarity between:

  1. the EU GDPR (which was applicable under UK laws until the end of the Brexit implementation period at 11 pm UK time on 31 December 2020 and remains applicable in the EEA), and

  2. the UK GDPR (applicable under UK laws from the end of the Brexit implementation period and largely based on the EU GDPR)

Therefore, this Practice Note addresses equivalent requirements under both the UK GDPR and EU GDPR to assist UK practitioners who may need to consider the position under either. It refers to both as ‘GDPR regimes’ for convenience where there is no

Popular documents