A handy glossary of terms in relation to Data Protection is set out below;
Data
Generally any information held either on our computer systems or in physical format.
It also includes information held on email system and held in electronic personal or shared folders.
Personal Data
Any one of the below listed types of information from which a living individual can be identified.
Examples of personal data include:
names,
addresses,
email addresses,passport numbers,
dates of birth,
National Insurance numbers,
bank account details,
tax identification numbers,
reference numbers,
photographs of an individual,
call recordings,
physical descriptions,
IP addresses,
location information,
user IDs,
online identifiers,
factual information,
comments or opinions about an individual or intentions relating to an
individual (including remarks made within emails).
Information about a corporate entity or a deceased individual will not, in itself,
be personal data, although it could constitute personal data about another identifiable living individual.
Personal data will not just relate to clients and staff, it also relates to other parties involved in a matter.
Special categories of personal data
Special categories of personal data refer to information which requires a further level of protection.
Special categories of personal data include information about an individual’s:
Physical or mental health
Racial or ethnic origin
Political opinions
Religious beliefs
Trade union membership
Sexual life
In addition, special categories of personal data include genetic data (e.g. biological samples)
and biometric data (such as data used for facial or fingerprint recognition software).
Personal data relating to criminal convictions and offences
Personal data relating to criminal convictions and offences refers to information pertaining to:
the commission or allegation of an offence
any proceedings for an offence
Processing
This will include everything that the firm does with the personal data including receipt, collection, storing, amending, disclosure and destruction.
Purpose
The purpose for which the processing is carried out is the intended use for the information.
Data subject
The individual to whom information relates.
Controller
The person or organisation that determines the purpose(s) for which and the manner in which the personal data will be processed.
Processor
Someone who processes data on behalf of the Controller (excluding employees), for example service providers that work has been outsourced to.