Personal and sensitive data


This module allows the learner to know how to identify non-personal data, personal data, sensitive data and for what purpose. For each type of data corresponds to a protection defined by the European Regulation, with particular rigour for sensitive data.

This module consists of a 3-minute motion design followed by a quiz to validate the learners' knowledge.


  • Identifying non-personal data
  • Identifying personal data
  • Identifying sensitive data
  • Know the protection measures for each type of data

A lot of data is processed by companies and organisations.

It is important to know how to recognize them.

For each type of data corresponds to a protection defined by the European Regulation.

The data can be non-personal, personal or sensitive.

Non-personal data is data that does not need special protection. For example: the welcome email or the address of a company, a car model sold in thousands of copies...

Personal data is governed by the data protection principles of the GDPR.

Personal data is any information relating to an identified or identifiable person.

A person is identifiable when he or she can be identified directly or indirectly.

Directly with a name, a photo, or a video for example, or indirectly by cross-referencing several pieces of data with each other: date of birth, telephone number, bank account number, customer identifier, license plate, geolocation, postal address, IP address, cookies, consumer habits...

And among these personal data, some are said to be special, sensitive: physical or mental health, membership of a trade union, political or religious opinions, ethnic origin, genetic data, biometrics, etc.

Their processing is very strictly regulated by the European Regulation. It requires the explicit consent of the person or the safeguarding of his or her vital interests.

For these data reveal our history, our private life. They are intimate and belong to us.