[Note: The author of this article is not a lawyer and this article should not be considered legal advice. Please consult a privacy specialist.]
The basic newsThe GDPR covers all personal data your company stores on data subjects in the EU – whether or not your company has nexus in the EU. Personal data is defined as data that can be used to identify a person. It’s similar to the concept of personally identifiable information (PII) that we have in the US, but it is broader. PII typically includes actual identifying elements like your name, social security number, and birthday, focusing mainly on the data required to fake your identity with a lender. Personal data includes what the US calls PII, plus any data that can be used to identify you in any way, which includes things as basic as an email address, online personality (e.g. twitter handle), or even the IP address where you transmitted a message from.
No comments:
Post a Comment