What is personal data?

What is personal data?
News

Video explanation

The right price for your data

We are used to using the internet on a daily basis. When surfing on the internet we have to be careful about the personal data collected by the sites to protect our privacy.

All you need to know about personal data

Personal data is any information concerning an identified or identifiable natural person. This personal data makes it possible to identify the natural person:

  • Directly, with the person’s first and last name
  • Indirectly with a telephone number or licence plate number, an identifier such as a social security number, a postal or e-mail address, but also a voice or image such as a photo of the data subject

    The identification of a natural person can be carried out :

    • From a single piece of data, such as the family name for example
    • From the cross-referencing of a set of personal data such as address and date of birth

    What is sensitive data ?

    Sensitive data is a special category of personal data that uniquely identifies a natural person. It can be :

    • Ethnicity
    • Political views
    • Religious and philosophical convictions
    • Trade union membership
    • Health-related data
    • Sexual orientation
    • The processing of genetic and biometric data

      In other words, sensitive data is any data that makes it possible to arrive at a “value” judgement about a person.

      The General Data Protection Regulation prohibit the collection of sensitive data. However, there are some exceptions allowing the collection and processing of such information:

      • The data subject has given clear and explicit written consent
      • These sensitive data are necessary for medical purposes or for research in the field of health.
      • Sensitive data concerns members or adherents of a non-profit organization such as a political, religious, philosophical or trade union association. Sensitive data collected by the association must not be communicated outside this organization without the consent of the persons concerned.
      • Their use is justified by the public interest and authorized by the CNIL.

      How do you protect your personal data ?

      Cybercriminals may use your personal data to:

      • Create accounts to commit fraud
      • Use your data to access health services
      • Make fraudulent payments
      • Use your data for extortion and blackmail

        To avoid attacks by cybercriminals, it is essential to protect your data. To secure your personal data you can :

        • Install the latest software updates
        • Create strong and different passwords for each site
        • Encrypt your data
        • Back up your data to avoid losing everything in case of hacking
        • Be careful what you publish on your social networks

        Rules to be respected when collecting personal data

        In order to collect personal data the data controller must comply with the rules of the GDPR, which are as follows:

        • Purpose: the data controller may only record and use information on natural persons for a specific, legal and legitimate purpose.
        • Proportionality and relevance: the data collected must be strictly necessary for the purpose.
        • Limited retention period: a precise retention period must be set, depending on the type of information recorded and the purpose of the file. It is possible to anonymize the data once the retention period has elapsed in order to use it for statistical purpose.
        • Security and confidentiality: the data controller must guarantee the security and confidentiality of the information it holds on natural persons; it must also ensure that only authorized persons have access to this information.

        When collecting data, the company must specify to the data subject the purpose for which the data is being collected and how long it will be kept.

        Share the article

        Similar articles

        CYBERCRIMINALITY: Should we give in to blackmail?
        News

        CYBERCRIMINALITY: Should we give in to blackmail?

        Hackers who hold personal data that can harm internal and external customers
        Read more
        How do I know if my data collection complies with the GDPR PIA?
        News

        How do I know if my data collection complies with the GDPR PIA?

        It is mandatory to conduct a PIA when the processing of the data may give rise to a high risk for the rights and freedoms of the data subjects of the collection
        Read more