Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
A
ACTA
Adequacy Decision
Anonymization
Article 29 Working Party
Article 93 Committee Procedure
Automated Individual Decision
BCRs
Breach Notification
Convention 108 (Council of Europe)
Council Working Party on Data Protection
Data Controller
Data Minimization
Data Mining
Data Portability
Data Processor
Data Protection Authority
Data Protection Day
Data Protection Directive 95/46/EC
Data Protection Officer
Data Protection Principles
Data Retention
Data Sovereignty
Data Subject
Data Transfer
DPA
DPIA
DPO
E-privacy Directive 2009/136/EC
EDPB
EDPS
Encrypted Data
EU PNR Directive
EU-US and Swiss Privacy Shield
Eurodac
European Conference
Genetic Data
Grounds For Processing
ICO
International Conference
Joint Supervisory Authorities
Large-Scale IT Systems
Member State
Parental Consent
Personal Data Breach
Personal Data Filing System
PETs
Privacy By Design
Privacy Impact Assessment
Privacy Notice
Privacy Sheild
Processor Agreement
Regulation (EC) No 45/2001
Regulation (EU) 2018/1725
Restriction on Processing
Right of Information
Right of Rectification
Right To Access
Right To Be Forgotten
Right to Object
Safe Harbor Principle
SIS
Special Categories of Personal Data
Standard Contractual Clauses
Subject Access Request
Supervisory Authority
Third Party
Traffic Data
User-Managed Access
Visa Information System
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
Convention 108 (Council of Europe)
Convention 108 is the first binding international instrument which aims at protecting individuals against abuses which may be a result of the collection and processing of personal data and which is regulated at the same time across international borders.
Data Protection Principles
Everyone who uses personal data must abide by strict rules called ‘data protection principles’. They must ensure the information is: used fairly, transparently, and. lawfully used for specified, explicit purposes in a way that is relevant, adequate, and limited to only what is necessary.
Traffic Data
Traffic Data can be defined as: “any data processed with the purpose of the conveyance of a communication using an electronic communications network or for the billing with respect to that communication and includes data relating to the duration, routing, or time of a communication.”
Visa Information System
VIS is a central database with facial images and fingerprints (biometrics) of individuals applying for a limited-stay visa within the Schengen Area. Member States’ consular offices use these systems around the world and enable authorities to exchange visa information for limited-term stays in the Schengen countries.
Grounds For Processing
As set out in Article 6 of the GDPR, the lawful grounds for processing personal data are: – Compliance with a legal obligation – Consent of an individual – Protecting the vital interests of a person – Performance of a contract; – Necessary for organizations to implement required changes in the public interest
Standard Contractual Clauses
Standard Contractual Clauses govern the exchange of personal information between non-EU and EU countries. As per the General Data Protection Regulation, as a ground for data transfers between the EU and third countries, contractual clauses ensure appropriate data protection safeguards can be used.