Concepts
“Personal data” – any information relating to an identified or identifiable natural person (“data subject”); identifiable natural person is an identifiable person, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier, or by one or more specific attributes to the physical, physiological, genetic, mental, intellectual, economic, cultural or social identity of that individual, as well as any other information that is determined by the applicable law as personal data;
“Processing” – means any operation or set of operations performed with personal data or a set of personal data by automatic or other means such as collection, recording, organizing, structuring, storing, adapting or modifying, extracting, consulting, using, disclosing by transmission, disseminating or otherwise making the data accessible, arranging or combining, limiting, deleting or destroying them;
“Controller” – any natural or legal person, public authority, agency or other entity that alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by EU or Member State law, the controller or the specific criteria for determining it may be laid down in Union or Member State law;
“Data subject” – any living natural person who is the subject of personal data stored by the Controller.
“Data subject’s consent” – any freely expressed, specific, informed and unambiguous indication of the data subject’s will, by means of a statement or clear affirmative action expressing his / her consent to the processing of personal data related to him/her;
“Child” – The General Regulation defines a child as anyone under the age of 16, although it may be reduced to 13 by the law of a Member State. The processing of personal data of a child is legal only if the parent or guardian has consented. The controller makes reasonable efforts to verify in such cases that the holder of parental responsibility for the child has given or is authorized to give his or her consent.
“Recipient” – a natural or legal person, public authority, agency or other entity to whom personal data are disclosed, whether a third party or not. At the same time, public authorities which may receive personal data in the context of a specific investigation in accordance with Union or Member State law are not considered as ‘recipients’; the processing of such data by the designated public authorities complies with the applicable data protection rules for the purposes of processing;
“Third Party” – any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct control of the controller or the processor, have the right to process the personal data.