Compliance dictionary

Learn main compliance and Legal Tech terms

Cookie compliance

Terms related to cookie consent, cookie Pop-up, Cookie Policy.

Wordpress cookie plugin

WordPress cookie plugin is software integration that can be added to your WordPress webpage and manage your cookie settings.

Website tracking

Website tracking refers to the monitoring of users’ actions on a website.

Tracking cookies

Tracking cookies are small text files created to track user’s movements and interactions on a web browser.

Cookie policy

A document where a company gives their users information about cookies.

Cookie checker

A cookie checker is a tool used to scan websites and identify cookies in use.

Cookie banner

A cookie banner is a widget on a website that informs users of how cookies are used and asks the visitors if they can accept usage of cookies.

Cookie

A cookie is a file that is placed on a person’s computer or other IT equipment.

Auto blocking

The term auto-blocking refers to the action of blocking cookies automatically.

Audit Trail

A series of electronic files or paper that show a chronological record or set of records

Website compliance

Terms related to website compliance, Privacy policy, Terms of service, Email marketing.

Email marketing consent form

Form that gathers email marketing consent.

Email marketing consent

Permission from a subscriber to send marketing email campaigns.

Privacy banner

A widget on a website that informs users of their privacy choices.

Privacy policy

A privacy policy is a document that discloses all of the ways a party gathers, uses, discloses, and manages a customer or client's data.

Privacy center & GDPR

GDPR related terms

Personal data

Personal data is defined as all information that can be used to identify a person. This is an important aspect when dealing with data and complying with GDPR.

Right to information

It gives people a right to be informed about the collection and use of their personal data.

Right to be forgotten

It gives people a right to be forgotten, i.e. have their personal data erased.

Right to Data Portability

It's a right for people to get their personal data from e.g. a social media platform and upload it on another platform.

Regulation

In the EU, a regulation is a law that becomes legally binding throughout the date that it comes into effect.

Opt-out

It means a company gives people the ability to choose not to receive email marketing.

Opt-in

It means that a person needs to opt in, i.e. actively say yes to receive email marketing, e.g. by ticking off the consent box.

Explicit consent

Explicit consent is a consent that must be a specific, informed and unambiguous expression of the person’s wishes and affirmed in a clear statement.

EU privacy laws

EU Privacy Laws are a set of legally binding rules set by the European Union.

Directive

In the EU, a directive is a minimums law that must be incorporated into national law by every EU country individually.

CCPA

The California Consumer Privacy Act. It describes privacy rights and consumer protection for Californian residents.

Privacy Hub

Terms related to our Vendor Management Hub.

Data Transfers

A data transfer occurs when personal data leaves the EU or is being made available outside the EU.

Vendor Management Systems (VMSs)

Vendor Management Systems (VMSs) is software designed to make operations and management of vendors easier and more efficient.

Schrems II

Schrems II refers to a European Court of Justice case verdict. The case concerns a lawsuit brought to the Court by the Irish Data Protection Authority. The case is based on a complaint from the Austrian citizen, Maximillian Schrems.

Article 28

Article 28 of the GDPR focuses on a written contract between two parties in cases when a data controller uses a data processor to process personal data on their behalf.

Article 30

Records of processing activities in accordance with the GDPR.

Data processing agreement

A data processing agreement, or a so-called DPA, is a legal contract between a company and its vendors in regard to processing and transferring of personal data.

Privacy Hub

Privacy Hub is an all-in-one platform where companies can find information about vendors and their vendors’ GDPR efforts.

GDPR Roles

Terms related to GDPR roles, processors, controllers, DPO etc.

Supervisory authority

A supervisory authority is a public authority in charge of supervising the application of GDPR. Each EU Member State has a supervisory authority.

GDPR representative

Companies that do not have offices in the EU/EEA still have to comply with GDPR. In this case, they need to appoint a GDPR representative.

DPO

Data Protection Officer is a designated employee, who is in charge of collecting and processing information about data subjects according to privacy laws and regulations.

Data subject

A data subject is a person who can be identified, either directly e.g. name, email, address, or indirectly e.g. by reference to an identifier, ID number, etc.

Vendor

A vendor, also known as a processor or subprocessor, is a business entity that offers a service.

Data subprocessor

A data subprocessor is an entity handling data on behalf of another company, where this other company itself is a data processor.

Data Processor

The data processor processes personal data on behalf of a data controller.

Joint controllers

In cases where the vendor processes personal data for their own purposes, the vendor is also considered to be a joint controller.

Data Controller

The company that stores, collects and/or processes data about people and who determines the purposes of the data processing.

GDPR Roles

GDPR roles include data processor, data subprocessor, data controller, DPO, supervisory authority, GDPR representative and joint controllers.