ABSTRACT
Chapter 6 is designed to help organisations analyse the data they hold. It discusses what the various types of personal data that an organisation may process are. Providing a useful “honeycomb” for easier understanding. The chapter goes on to describe how data can be used to identify a person, what GDPR means by identified and how this should be managed within an organisation. This will help the reader to identify what categories of personal data their organisation holds and how they process that personal data. The chapter provides hints so that the reader can recognise whether the data they hold directly or indirectly identifies the Data Subject (and includes information on online identifiers). Case study examples are used to highlight different areas where content may be about or linked to an individual, such as opinions. The chapter then discusses processing, special categories of information, the prohibition of processing this information and the exceptions to this prohibition. The chapter concludes by discussing personal data in the case study setting and provides a blank personal data “honeycomb” for the reader to fill out for their organisation.
