84,211
edits
Amwelladmin (talk | contribs) (Created page with "{{a|gdpr|}}Personal data is defined in UK GDPR as {{quote| “... any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or...") |
Amwelladmin (talk | contribs) No edit summary |
||
Line 1: | Line 1: | ||
{{a|gdpr|}}Personal data is defined in UK GDPR as | {{a|gdpr|}}Personal data is defined in UK [[General Data Protection Regulation|GDPR]] as | ||
{{quote| | {{quote| | ||
Line 6: | Line 6: | ||
This we think means that the referent needs to be able to sheet back, in your hands, to a ''specific'' individual. So a permanent or at any rate public identification number (a passport, NI or driver’s licence number) would; a car licence plate would not (the registered owner may not be the driver); a randomly generated unique identifier designed specifically to mask an individual’s identity when being processed would not be, as long as the controller did not have any means — even if separately segregated — or decrypting or reverse engineering that individuals’ details. | This we think means that the referent needs to be able to sheet back, in your hands, to a ''specific'' individual. So a permanent or at any rate public identification number (a passport, NI or driver’s licence number) would; a car licence plate would not (the registered owner may not be the driver); a randomly generated unique identifier designed specifically to mask an individual’s identity when being processed would not be, as long as the controller did not have any means — even if separately segregated — or decrypting or reverse engineering that individuals’ details. | ||
In that latter case — where you hold encrypted data in one place and a key elsewhere — you have [[pseudonymised information]], and you are still in the cross-hairs for GDPR. | In that latter case — where you hold encrypted data in one place and a key elsewhere — you have [[pseudonymised information]], and you are still in the cross-hairs for [[GDPR]]. | ||
{{sa}} | {{sa}} | ||
*[[Pseudonymised information]] | *[[Pseudonymised information]] |