A handy glossary of terms in relation to Data Protection is set out below;
|Data||Generally any information held either on our computer systems or in physical format. |
It also includes information held on email system and held in electronic personal or shared folders.
|Personal data||Any one of the below listed types of information from which a living individual can be identified.|
Examples of personal data include:
email addresses,passport numbers,
dates of birth,
National Insurance numbers,
bank account details,
tax identification numbers,
photographs of an individual,
comments or opinions about an individual or intentions relating to an
individual (including remarks made within emails).
Information about a corporate entity or a deceased individual will not, in itself,
be personal data, although it could constitute personal data about another identifiable living individual.
Personal data will not just relate to clients and staff, it also relates to other parties involved in a matter.
|Special categories of personal data refer to information which requires a further level of protection.|
Special categories of personal data include information about an individual’s:
Physical or mental health
Racial or ethnic origin
Trade union membership
In addition, special categories of personal data include genetic data (e.g. biological samples)
and biometric data (such as data used for facial or fingerprint recognition software).
|Personal data |
|Personal data relating to criminal convictions and offences refers to information pertaining to:|
the commission or allegation of an offence
any proceedings for an offence
|Processing||This will include everything that the firm does with the personal data including receipt, |
collection, storing, amending, disclosure and destruction.
|Purpose||The purpose for which the processing is carried out is the intended use for the information.|
|Data subject||The individual to whom information relates.|
|Controller||The person or organisation that determines the purpose(s) for which and the |
manner in which the personal data will be processed.
|Processor||Someone who processes data on behalf of the Controller (excluding employees), |
for example service providers that work has been outsourced to.
Additional reading can be found on the Information Commissioners’ websites:
U.K. Information Commissioner here.
Isle of Man Information Commissioner here