We will run into the following terms when you are working with GDPR in the system and specifically if you are dealing with the personal data reports:
•GDPR agreement – Deal between you and the system owner about how your personal data is to be handled
•Personal data category – A way to group data that in some way have similar properties.
•Personal data set – The fields in a Personal data category
•Sensitivity level – How sensitive a certain personal data is regarded to be. Compare for instance Social security number with First name = High for the first and Low for the second.
•Field for personal identifier (PID) – One or more fields that identify you as an user.
•Automatic decision making – Read more on this EU-page.
•Time interval retrieval/deletion time – At what point in time is the data normally retrieved and what is the plan for its deletion.
•Legal basis for data processing – If there is special reasons to handle the data in a special way, referral to the legal background must be made. For instance, the book keeping regulation can keep you from approving deletion of some personal data.
•Data storage locations – Where is the data stored.
•Data collected through - How has the data come in the possession of the system owner.