GLOSSARY

A handy glossary of terms in relation to Data Protection is set out below;

DataGenerally any information held either on our computer systems or in physical format.
It also includes information held on email system and held in electronic personal or shared folders.
Personal dataAny one of the below listed types of information from which a living individual can be identified.

Examples of personal data include:

names,
addresses,
email addresses,passport numbers,
dates of birth,
National Insurance numbers,
bank account details,
tax identification numbers,
reference numbers,
photographs of an individual,
call recordings,
physical descriptions,
IP addresses,
location information,
user IDs,
online identifiers,
factual information,
comments or opinions about an individual or intentions relating to an
individual (including remarks made within emails).

Information about a corporate entity or a deceased individual will not, in itself,
be personal data, although it could constitute personal data about another identifiable living individual.

Personal data will not just relate to clients and staff, it also relates to other parties involved in a matter.
Special
categories of
personal data
Special categories of personal data refer to information which requires a further level of protection.

Special categories of personal data include information about an individual’s:
Physical or mental health
Racial or ethnic origin
Political opinions
Religious beliefs
Trade union membership
Sexual life

In addition, special categories of personal data include genetic data (e.g. biological samples)
and biometric data (such as data used for facial or fingerprint recognition software).
Personal data
relating to
criminal
convictions
and offences
Personal data relating to criminal convictions and offences refers to information pertaining to:

the commission or allegation of an offence
any proceedings for an offence
ProcessingThis will include everything that the firm does with the personal data including receipt,
collection, storing, amending, disclosure and destruction. 
PurposeThe purpose for which the processing is carried out is the intended use for the information. 
Data subjectThe individual to whom information relates. 
ControllerThe person or organisation that determines the purpose(s) for which and the
manner in which the personal data will be processed.
ProcessorSomeone who processes data on behalf of the Controller (excluding employees),
for example service providers that work has been outsourced to. 

Additional reading

Additional reading can be found on the Information Commissioners’ websites:

U.K. Information Commissioner here.

Isle of Man Information Commissioner here