|
| Ti | = | Definitions |
|
| 1.Ti | = | Data. |
|
| 1.sec | = | “Data” means information recorded in any form or medium. |
|
| 2.Ti | = | Personal Data |
|
| 2.0.sec | = | “Personal data” means any data that is identified or identifiable to a specific living individual. |
|
| 2.1.sec | = | Data is “identified” when it is directly linked to a natural person, or when there is a high probability that it could be linked to a specific person. When data is identified, it is personal data under the Data Privacy Principles and is subject to all relevant Principles. |
|
| 2.2.sec | = | Data is “identifiable” when there is a moderate probability that it could be linked to a specific person by the intended recipient(s) or by others reasonably foreseeable to have access to the data. When data is identifiable, it is personal data under the Data Privacy Principles and is subject to some of the Principles but exempt from others. |
|
| 2.3.sec | = | Data is “nonidentifiable” when there is a low probability that it could be linked to a specific person. Such data is not personal data under these Data Privacy Principles. |
|
| 2.4.sec | = | Data controllers and data processors are under a continuing obligation to engage in reasonable measures to review their activities for circumstances that may have altered the ability to identify a specific person. If a data controller or data processor finds that information previously classified as nonidentifiable is actually identified or identifiable, it is obligated to change its handling of this information so as to comply with these Principles. |
|
| 2. | = | [G/Z/ol/s4] |
|
| 3.Ti | = | Data Subject |
|
| 3.sec | = | A “data subject” is a natural person to whom the personal data relates. |
|
| 4.Ti | = | Personal-Data Activities |
|
| 4.0.sec | = | A “personal-data activity” is any of the activities: |
|
| 4.1.sec | = | “Collection” means the acquisition of personal data either directly from the individual or from other sources, including a third party. |
|
| 4.2.sec | = | “Access” means the retrieval or viewing of personal data by the person who initially collected it, or by another person. |
|
| 4.3.sec | = | “Retention” means the maintenance or storage of personal data. |
|
| 4.4.sec | = | “Use” means the processing of personal data or the making of decisions based in whole or in part on that personal data. |
|
| 4.5.sec | = | “Sharing” means providing others with personal data or with access to personal data. |
|
| 4.6.sec | = | “Destruction” means disposing of, or deleting, personal data in a manner that makes it permanently incomprehensible. |
|
| 4. | = | [G/Z/ol/s6] |
|
| 5.Ti | = | Data Controller |
|
| 5.sec | = | A “data controller” is any person, organization, or agent thereof that engages in any covered personal-data activity and that determines the purposes of such activity. |
|
| 6.Ti | = | Data Processor |
|
| 6.sec | = | A “data processor” is any person, organization, or agent thereof that engages in any covered personal-data activity on behalf of a data controller or another data processor. |
|
| = | [G/Z/ol-a/6] |
|
|
/Docs//S/Sandbox/ALI-DataPrivacy/Def/0.md