General Data Protection Regulation: The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)
is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
Data Controller: The entity that determines the purposes, conditions and means of the processing of personal data
Data Protection Officer (DPO): An expert on data privacy who works independently to ensure that an entity is adhering to the policies and procedures set forth in the GDPR
Data Subject: a natural person whose personal data is processed by a controller or processor
Personal Data: any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person
Processing: any operation performed on personal data, whether automated or manual, including collection, use, recording, etc.
Data Backup: data copied to a second location, solely for safekeeping of that data
Data Encryption: the process of encoding data with an algorithm so that it is unintelligible and secure without the key. Used to protect data during transmission or while stored
Data Encryption Key: an alphanumeric series of characters that enables data to be encrypted and decrypted