Learn main compliance and Legal Tech terms
WordPress cookie plugin is software integration that can be added to your WordPress webpage and manage your cookie settings.
Tracking cookies are small text files created to track user’s movements and interactions on a web browser.
A cookie banner is a widget on a website that informs users of how cookies are used and asks the visitors if they can accept usage of cookies.
GDPR related terms
Personal data is defined as all information that can be used to identify a person. This is an important aspect when dealing with data and complying with GDPR.
It gives people a right to be informed about the collection and use of their personal data.
It's a right for people to get their personal data from e.g. a social media platform and upload it on another platform.
In the EU, a regulation is a law that becomes legally binding throughout the date that it comes into effect.
It means that a person needs to opt in, i.e. actively say yes to receive email marketing, e.g. by ticking off the consent box.
Explicit consent is a consent that must be a specific, informed and unambiguous expression of the person’s wishes and affirmed in a clear statement.
In the EU, a directive is a minimums law that must be incorporated into national law by every EU country individually.
Terms related to our Vendor Management Hub.
A data transfer occurs when personal data leaves the EU or is being made available outside the EU.
Vendor Management Systems (VMSs) is software designed to make operations and management of vendors easier and more efficient.
Schrems II refers to a European Court of Justice case verdict. The case concerns a lawsuit brought to the Court by the Irish Data Protection Authority. The case is based on a complaint from the Austrian citizen, Maximillian Schrems.
Article 28 of the GDPR focuses on a written contract between two parties in cases when a data controller uses a data processor to process personal data on their behalf.
A data processing agreement, or a so-called DPA, is a legal contract between a company and its vendors in regard to processing and transferring of personal data.
Terms related to GDPR roles, processors, controllers, DPO etc.
A supervisory authority is a public authority in charge of supervising the application of GDPR. Each EU Member State has a supervisory authority.
Companies that do not have offices in the EU/EEA still have to comply with GDPR. In this case, they need to appoint a GDPR representative.
Data Protection Officer is a designated employee, who is in charge of collecting and processing information about data subjects according to privacy laws and regulations.
A data subject is a person who can be identified, either directly e.g. name, email, address, or indirectly e.g. by reference to an identifier, ID number, etc.
A vendor, also known as a processor or subprocessor, is a business entity that offers a service.
A data subprocessor is an entity handling data on behalf of another company, where this other company itself is a data processor.
In cases where the vendor processes personal data for their own purposes, the vendor is also considered to be a joint controller.
The company that stores, collects and/or processes data about people and who determines the purposes of the data processing.