Data which a customer intentionally and proactively shares with a brand. This may include preference centre data, purchase intentions, personal context, and how the individual want the band to recognise (them)
A term to describe technology solutions that solve privacy problems
General Data Protection Regulation, a comprehensive data protection law in the European Union (EU) that aims to protect the privacy and personal data of EU citizens.
Measures and practices designed to safeguard personal data from unauthorized access, use, or disclosure, ensuring privacy and compliance with applicable regulations.
Information that relates to an identified or identifiable individual, such as name, address, email, or IP address.
Explicit and informed agreement given by an individual for the processing of their personal data, as required by GDPR.
An individual who is the subject of personal data and has rights and protections under the GDPR.
An entity or organization that determines the purposes and means of processing personal data, responsible for complying with GDPR requirements.
A third party or organization that processes personal data on behalf of a data controller, following the instructions provided by the controller.
A security incident resulting in the unauthorized access, disclosure, or destruction of personal data.
Right to Erasure
Also known as the "right to be forgotten," it grants individuals the right to request the deletion or removal of their personal data from data controllers.
Right to Access
The right of individuals to obtain confirmation from a data controller regarding the processing of their personal data and access to that data.
Right to Rectification
The right of individuals to request the correction or amendment of inaccurate or incomplete personal data.