Comment on page
A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
An entity (a person, public authority, agency, etc.) that determines the purposes and means of the processing of personal data. For example, when a business uses Google Workspace for internal communication and collaboration, that business will be the data controller, and Google is the data processor.
Example: Appfarm would be the data controller if we outsourced payroll to a third party. In this case, they would be the data processor.
A legal contract outlining the responsibilities and obligations of a data controller and a data processor when processing personal data. It establishes the terms and conditions governing the processing of personal data on behalf of the data controller by a third-party data processor.
An entity that processes personal data on behalf of the controller. It’s the data controller who sets the rules, and the data processor plays by those rules.
Example: Appfarm is the data processor for our SaaS customers. In this case, the client is the data collector.
An individual designated by an organization to oversee and ensure the organization's compliance with data protection laws and regulations, particularly GDPR.
An individual who is identifiable based on the personal data that is being processed.
A third-party entity engaged by a data processor to perform specific data processing activities on behalf of a data controller. A data sub-processor assists the primary data processor in carrying out certain tasks related to personal data.
Example: Appfarm is the data sub-processor for our customers who develop web solutions for their own clients. In this case, the customer is the data processor, and the customer’s client is the data collector.
European Union regulation on information privacy in the European Union and the European Economic Area.
Information relating to an identified or identifiable natural person (data subject). This encompasses all information that can be used to identify an individual. For example, first and last name, address, email address, location data, IP address, etc.
Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. For example, collection, recording, structuring, storage, alteration, use, etc.
A type of personal information that is more highly protected by laws due to its more vulnerable nature. For example, political affiliation, racial or ethnic origin, religious beliefs, biometric data such as fingerprints, sexual orientation, etc.