This Privacy Notice informs you about the different personal and sensitive data types that fall under the General Data Protection Regulation (GDPR). The GDPR is a regulation designed to protect the processing of personal data and uphold the fundamental rights and freedoms of individuals in the European Union (EU) and the European Economic Area (EEA).
Personal Data (Article 4):
According to the GDPR, personal data refers to any information that relates to a natural person who can be identified directly or indirectly. This individual is a “data subject.” It can be distinguished by different criteria, including their name, identification number, location data, online identifier, or particular qualities related to their physical, physiological, genetic, mental, economic, cultural, or social identity.
“Genetic Data” refers to personal data about a person’s inherited or acquired genetic characteristics. This type of data provides unique insights into the physiology or health of the individual and results from analyzing biological samples taken from the person.
“Biometric Data” refers to personal data resulting from specific technical processes that relate to a natural person’s physical, physiological, or behavioral characteristics. These characteristics enable or confirm the unique identification of the individual, such as facial images or dactyloscopy (fingerprint) data.
“Data Concerning Health” encompasses personal data connected to a person’s physical or mental health. It includes information about health status and the provision of healthcare services that reveal insights into an individual’s health condition.
Special Categories of Personal Data (Article 9):
The GDPR recognizes special categories of personal data, previously referred to as sensitive personal data. These categories include data that reveal:
- Racial or Ethnic Origin
- Political Opinions
- Religious or Philosophical Beliefs
- Trade Union Membership
- Genetic Data
- Biometric Data (for uniquely identifying an individual)
- Data Concerning Health
- Data Concerning a Natural Person’s Sex Life or Sexual Orientation
- Personal data might consist of multiple pieces of information, such as a combination of job title and workplace, which could identify an individual together.
- Pseudonymized data still falls under the scope of personal data if it can be feasibly reversed, allowing for the re-identification of individuals by possessing the necessary information.
- The GDPR’s data protection principles apply to information about identified or identifiable natural persons. Anonymous information that does not relate to or identify an individual falls outside the scope of this Regulation.