The terminology used in the Altova GDPR Compliance Database is first explained in a descriptive text that shows the meaning of key terms in context. The key terms are shown in bold. These descriptive paragraphs are followed by a list of term definitions.
Personal data (also called data for short) is collected by an organization or some such similar entity. Such an entity is known as a data controller—because it is solely responsible for controlling the data that it collects. A data controller is typically a commercial company. The collected data is stored physically in a data storage entity (such as a file or a database), and is used by the organization for specific purposes. For each of these purposes, the data is processed differently (usually via a computer application). Each processing method is known as a processing activity.
A data controller might sell or pass some of the data it collects to an external entity. The following scenarios are possible:
•If the data is sold to the external entity, then the external entity itself becomes a data controller of the data it bought and is responsible for the data it now has in its possession.
•If the external entity uses a processing activity to process the data for the data controller—that is, the processing activity is outsourced—then the external entity is known as a data processor. In this case, a contract between the two parties must specify how the data will be processed and the level of responsibility undertaken by the data processor. However, overall responsibility for the data in such cases lies with the data controller.
•If the external entity does not process the data, it is known as a data receiver. The data controller is responsible for data it passes to a data receiver.
In order to monitor the (personal) data that it collects, an organization might set up a GDPR system, such as the Altova GDPR Compliance Database, which uses information about the personal data that the organization collects, such as the type of personal data, the source of the personal data, etc. Such information about personal data is known as GDPR metadata (or metadata for short). Metadata includes: (i) information about the organizational structure of the data controller, (ii) information about the data that is collected, and (iii) information about the processing activities that process the personal data. The Altova GDPR Compliance Database provides a system for organizing and presenting GDPR metadata, thus enabling a data controller to have a continuous and thorough overview of the personal data that it has collected.
Data refers to the personal data collected by a data controller. Metadata refers to information about the personal data (such as the source of the personal data, departments of the organization that process personal data, etc).
An entity (company, organization, person, etc) that collects or buys personal data for business, research, or other use. A data controller is responsible for protecting the data it has collected or bought, and it should maintain a system that provides an overview of all the data it has collected and stored.
An entity (company, organization, person, etc) that receives data from a data controller and processes it for the data controller. Typically, a data processor is a sub-contractor of a data controller, and receives data in order to provide some service to the data controller.
An entity (company, organization, person, etc) that receives data from a data controller, but does not process it for the data controller.
A data protection officer is a data professional who is designated as the person responsible for ensuring that the GDPR is correctly applied and that personal data held by the organization is protected. Data protection officers are especially a requirement when the data processing involves regular monitoring of data, or large amounts of data, or sensitive data.
A department in an organization, which, in the GDPR context, processes personal data..
Department roles are used to describe who has access to data of a specific data category. Assigning a department role rather than a specific person to a data category provides the system with a long-term resilience that is not affected by personnel changes. For example: an Accounts department might have the following roles: (i) Accounting Manager, (ii) Accountant, while an IT department might have these roles: (i) IT Manager, (ii) Helpdesk Engineer, (iii) Security Engineer, (iv) Backup Engineer. These department roles are then used to specify access to the data categories.
GDPR requires that a specific person be responsible for a specific processing activity. This relationship (between person and processing activity) is defined by associating the person with a department role. The department role is linked via a data category to the processing activity. So: Person --> Department Role --> Data Category --> Processing Activity.
An application or set of procedures that processes personal data for a specific purpose. For example, an application that sends promotional mailers to a company's newsletter recipients; it processes data of the newsletter recipients.
A physical storage system where personal data records are held. Typically, this would be a database or a file.
A data classification is defined by you. It is a criterion that describes some aspect of the collected data. Each data classification has its own set of allowed values. For example, one classification might indicate the relationship to the person who is the subject of the data, with possible values being employee, customer, partner, etc; another classification might be the type of consent obtained for collecting the subject's data, with possible values explicit (with contract), explicit (outside contract), parental, etc. Data classifications are defined for the entire system.
You can define a data category at as broad or narrow a level as you like. For example, you can define one single customer-contact category to cover a customer's name, address, telephone number, and email address. Alternatively, this data can be described through four data categories (name, address, telephone, email), or six data categories (name, street, city, country, telephone, email). The definition of every data category consists of multiple data classifications, where each classification is given a value. The advantage of having fewer data categories is that the overall number of data classifications you will have to define will also be fewer. The disadvantage of having fewer categories is that the data might be not be adequately described.
How a processing activity uses a data category is defined through data usage classifications (not the same as data classifications, which are described above). A single data category might be used by more than one processing activity, with each processing activity using the data category in a specific way. The procedure works as follows: (i) A number of data usage classifications are configured at system level, for each of which a set of allowed values are defined; (ii) When a data category is selected for a processing activity, the data category is defined by selecting one or more allowed values for each of the system's data usage classifications. For example, a data usage classification named Data Transfer might be configured to specify where the data of a data category will be processed: (i) within the organization's physical premises (a value of, say, Internal processing), or (ii) sent to an external processor (a value of, say, External processing). When the data category of a processing activity is defined, the appropriate value of the Data Transfer data usage classification is specified for this data category when it is used by that processing activity.
If a data classification is added to a data category, or if an existing classification of a category is modified, then approval of the addition/modification can be requested by the person making the change. An authorized person can then approve the change. Since data categories are crucial for monitoring the data-protection requirements of the data held in the system, the approval process helps to centralize control and to keep track of changes to an important component of the system.