No matter where your business is on its GDPR journey, it pays to refresh your compliance knowledge from time to time – particularly considering the ongoing frequency of data breaches.

Four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%). Source: Cyber Security Breaches Survey 2021

So, let’s get to it.

Personal Data Identifiers


The GDPR applies to personal data; meaning any information relating to an individual who can be directly, or indirectly, identified by reference to an identifier. Categories may include information relating to:

  • Identity
  • Physical Appearance
  • Demographic
  • Social Status
  • Education & Work
  • Social Networks
  • Knowledge & Preferences
  • Financial Details
  • Spending Habits
  • Online Activity
  • Special Category Data

>> To view the full infographic, download a PDF > Personal Data Identifiers

The infographic shows examples of the variety and scope of identifiers that are subject to GDPR.
Please note: this list of Personal Data should not be taken as limited to the categories and examples shown below.