Anonymized data

Anonymized data is a type of data that has been processed to remove any personally identifiable information (PII) or personal data. Such data is often used in research, analytics, and other data-driven activities, as well as for compliance with privacy regulations.

According to GDPR, anonymized data has been altered in such a way that it can’t be used to identify a specific person. Since anonymized data can’t be restored, it isn’t considered personal data under GDPR. This means it is exempt from GDPR.

Some examples of compliant data anonymization methods include:

• Randomization:
  
  
  
  
  
  
  
  • Noise addition – Where personal identifiers are expressed imprecisely, for instance: height: 180 cm → height: 320 cm
  
  
  
  
  
  
  • Substitution – Where personal identifiers are shuffled within a table or replaced with random values, for instance: ZIP: 10120 → ZIP: postcode
  
  
  
  
  
  
  
  
• Generalization:
  
  
  
  
  
  
  
  • Aggregation – Where personal identifiers are generalized into a range or group, for instance: age: 30 → age: 20-35
  
  
  
  
  
  
  
  

Removing any identifiable information from a dataset allows for meaningful analysis without compromising the privacy of individuals.

Examples of use cases for anonymized data include:

• Measuring the effectiveness of marketing campaigns.
• Analyzing the behavior of website or mobile app users.
• Analyzing trends and patterns.

Further reading:

• Anonymous tracking: How to do useful analytics without personal data
• The ultimate guide to data anonymization in analytics
• The most important benefits of data pseudonymization and anonymization under GDPR
• What is PII, non-PII, and personal data?