10 terms
The entity that determines the purposes and means of processing personal data.
An entity that processes personal data on behalf of a data controller.
The identified or identifiable person whose personal data is being processed.
The principle that only the minimum amount of personal data necessary should be collected and processed.
The right to receive your personal data in a structured, machine-readable format and transfer it to another service.
A security incident that leads to the unauthorized access, disclosure, or loss of personal data.
Data Protection Impact Assessment — a risk assessment required before high-risk data processing activities.
Data Protection Officer — an independent expert responsible for monitoring an organisation's data protection compliance.
The policies and practices governing how long personal data is stored before being deleted or anonymized.
A legally binding contract between a data controller and a data processor that governs how personal data is handled.