02.04 – Definition of Terms

  • Personal Data – A name, identification number, location data, and/or online identifier, including one or more specific factors such as physical, physiological, genetic, mental, economic, cultural or social identifiers relating to a natural person directly or indirectly.
  • Data Subject – Any living individual or natural person from whom personal data is collected.
  • Consent – Any specific, informed, and unambiguous indication of the data subject’s wishes that is freely given by a statement or by a clear affirmative action, which signifies agreement to the processing of his/her personal data.
  • Third Party – A natural or legal person, public authority, agency, vendor, contractor, or entity other than the data subject, who, under <<organisation name>>’s authority, is authorised to process personal data.
  • Data Administrator – Any persons or organisation that processes data.
  • Data Controller – Any person who either alone, jointly with other persons or in common with other persons or as a statutory body, determines the purposes for and the manner in which personal data is processed or is to be processed.
  • Processing Types – Any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Data Protection Impact Assessment – A tool and process for assessing the protection impacts on data subjects in processing their personal data and for identifying remedial actions as necessary in order to avoid or minimize such.
  • Data Protection Officer – A <<organisation name>> staff in the Information Technology department who supervises, monitors and reports matters related to data protection and privacy in compliance with this Policy.
  • Data Encryption – It is the process of converting data or information into a code to prevent unauthorised access by human and/or computer systems. Data encryption can be used during data storage or transmission and is typically used in conjunction with authentication services to ensure that keys are only provided to, or used by, authorized users.
  • Personal Data Breach – A breach of data security leading to the accidental or unlawful/illegitimate access, destruction, loss, alteration, unauthorized disclosure of personal data that is being transferred, stored or otherwise processed.