Personal data is data which relates to a living individual and which can be used to identify that individual. This includes names, dates of birth, addresses (postal and email), phone numbers, and even online identifiers, such as an IP address.
Sensitive personal data is information about a person’s:
- racial or ethnic origin
- religious beliefs and political opinions
- trade union membership
- physical or mental health or condition
- sex life, or
- genetic or biometric data.
The GDPR introduces new requirements as to how personal data should be gathered, processed and kept safe and secure, whether you store it in electronic files or manual filing systems. There are stricter provisions as to how sensitive personal data should be dealt with.
Our team can guide you through the different requirements for both types of data, and tell you whether you need to update your current practices.
