What is the difference between personal data and privacy-sensitive information?

The GDPR is a hot topic. Due to all messages in the media, many myths circulate about this topic. A frequently-heard comment is: but it is related to privacy, and so it is forbidden under the GDPR anyway, right? To understand correctly what the law requires and what are the reasons for that, you should know what personal data are and how this differs from privacy-sensitive information. We will explain this to you in this blog.


The GDPR is about personal data - What are they?

According to the Dutch Personal Data Protection Act of 2016, personal data means ‘any information relating to an identified or identifiable natural person’. This means that the information is directly about a person, or can be traced back to this person. Think of a person’s name, (email) address, telephone number, passport photo or fingerprints. It must be information of a natural person, so information about deceased persons or organisations does not count as personal data.
There are special personal data as well. These are data that are particularly sensitive, processing them can seriously affect someone’s privacy. These data are additionally protected by law. Examples of this are data regarding someone’s health, race, religion, criminal record, sexual life or membership of a trade union. The Citizen Service Number is a special personal data as well, since it is a unique number that can be traced back to a person.


What about privacy - Which data are considered privacy-sensitive?


But what are privacy-sensitive data? These can be personal data, but there are many more types of information that are considered privacy-sensitive. For example, information on organisations. This information is not about an identifiable natural person, but it is valuable indeed, and you do not want to share it with the whole world. After all, privacy is about ‘deciding yourself who will get which information about you’. And what about sales records or take-over plans: when they fall into the wrong hands, this can be damaging to a company. Even something as simple as a confirmation of a hospital appointment need not be seen by everyone. So you must be very careful with both personal data and privacy-sensitive data.


Privacy and the GDPR - It is all about awareness


The GDPR only deals with personal data. Organisation are now compelled to protect these data demonstrably well and to have control over the protection. However, this does not mean that organisations should solely focus on the protection of personal data. The GDPR has precisely been prepared to raise awareness concerning sensitive data. A lot of information that is not categorised as personal data, should not fall into strange hands either, and therefore must be handled with care. It is crucial that the organisation’s employees have a broad sense of privacy awareness. Do they know the difference between personal data and privacy-sensitive data, and can they recognise such data? Do they know how to protect these data best? Our e-book gives you tips on how to help your employees become aware of safe data-processing.

Download the ebook

RELATED
Sending_or_receiving_credit_card_data_via_email_while staying_PCI_compliant

Sending or receiving credit card data via email while staying PCI compliant

To prevent cardholders’ information from falling into the wrong hands, the Payment Card Industry Data Security Standard (PCI DSS) was established to hold organizations to a common standard for securing cardholder information against unauthorized exposure and exploitation. […]

Read more
We_are_happy_to_introduc _ou _new_VP_of_sales_Chris_Brown_ZIVVER_eng_blog_update

We are happy to introduce our new VP of Global Sales: Chris Brown

"ZIVVER is entering new markets at high speed. We intend to lead in those markets. With Chris, we bring in a senior leader who has done this before multiple times. We love that he is not ‘just’ about sales. Chris has a deep, hands-on understanding of the problems our customers face and of the market space and a very inspirational and credible leader for our fast […]

Read more
We_are_happy_to_introduc _ou _new_VP_of_sales_Chris_Brown_ZIVVER_eng_blog_update

We are happy to introduce our new VP of Global Sales: Chris Brown

"ZIVVER is entering new markets at high speed. We intend to lead in those markets. With Chris, we bring in a senior leader who has done this before multiple times. We love that he is not ‘just’ about sales. Chris has a deep, hands-on understanding of the problems our customers face and of the market space and a very inspirational and credible leader for our fast […]

Read more
Cloud_based_office_support tools_that_are_U.S._rooted_fail GDPR_complianc_ZIVVER_Eng_blog

Cloud-based office support tools that are U.S. rooted, fail GDPR compliance

It is estimated that the U.S.A. supplies 80% of the global cloud computing services. And nearly all most-used cloud-based solutions for email and word processing are from the US. This causes a big issue for European companies using these vendors since they are not GDPR compliant. This is the conclusion of a research performed by the Swedish National Public Procurement […]

Read more
Cloud_based_office_support tools_that_are_U.S._rooted_fail GDPR_complianc_ZIVVER_Eng_blog

Cloud-based office support tools that are U.S. rooted, fail GDPR compliance

It is estimated that the U.S.A. supplies 80% of the global cloud computing services. And nearly all most-used cloud-based solutions for email and word processing are from the US. This causes a big issue for European companies using these vendors since they are not GDPR compliant. This is the conclusion of a research performed by the Swedish National Public Procurement […]

Read more
Idans welcome blog (2)

We are happy to announce our Chief Technology Officer: Idan York.

Idan will be responsible for vision outlining and implementation of technological strategies that align with ZIVVER’s expansion objectives. […]

Read more