Well kind of. If it is possible to connect something easily to your person, than that is private information too. For example your license plate or vin would be personal info too. Your advertiser id is seen as private info too.
Some information that is not directly linked to you is also private information. This includes stuff like healthcare or banking information
i didn’t want to make the topic more confusing by including that kind of information as well…
for the average user it’s probably enough to know roughly what is covered.
technically, if you have a database with a direct connection between username and real name, then that would also be covered and would fall under “sensitive data”.
ANYTHING that directly correlates your real identity to any data is personal data.
(the rest I’m guessing you’ll already know, but for everyone else:)
for example: a UUID correlated with your fingerprint in a database would also fall under it.
even though it’s not your name (and kinda difficult to make an identification just by fingerprint if your prints aren’t otherwise in a system). just because it CAN be used to directly identify a natural person.
the primary intent of the GDPR is not really to protect people online (although it does that too, that’s secondary), but rather to protect sensitive information about people, especially in a state administration context. so: healthcare, employment, religion, and so on…
it also happens protects those things online!
but mostly it’s about preventing institutional abuse, state violence, unnecessary surveillance, discrimination, harassment, etc.
there’s reeeeally good reasons for the term “sensitive data”! ;)
Well kind of. If it is possible to connect something easily to your person, than that is private information too. For example your license plate or vin would be personal info too. Your advertiser id is seen as private info too.
Some information that is not directly linked to you is also private information. This includes stuff like healthcare or banking information
yes, that is also true!
i didn’t want to make the topic more confusing by including that kind of information as well…
for the average user it’s probably enough to know roughly what is covered.
technically, if you have a database with a direct connection between username and real name, then that would also be covered and would fall under “sensitive data”.
ANYTHING that directly correlates your real identity to any data is personal data.
(the rest I’m guessing you’ll already know, but for everyone else:)
for example: a UUID correlated with your fingerprint in a database would also fall under it.
even though it’s not your name (and kinda difficult to make an identification just by fingerprint if your prints aren’t otherwise in a system). just because it CAN be used to directly identify a natural person.
the primary intent of the GDPR is not really to protect people online (although it does that too, that’s secondary), but rather to protect sensitive information about people, especially in a state administration context. so: healthcare, employment, religion, and so on…
it also happens protects those things online!
but mostly it’s about preventing institutional abuse, state violence, unnecessary surveillance, discrimination, harassment, etc.
there’s reeeeally good reasons for the term “sensitive data”! ;)