Anonymized data

Anonymized data is a type of data that has been processed to remove any personally identifiable information (PII) or personal data. Such data is often used in research, analytics, and other data-driven activities, as well as for compliance with privacy regulations.

According to GDPR, anonymized data has been altered in such a way that it can’t be used to identify a specific person. Since anonymized data can’t be restored, it isn’t considered personal data under GDPR. This means it is exempt from GDPR.

Some examples of compliant data anonymization methods include:

  • Randomization:
    • Noise addition – Where personal identifiers are expressed imprecisely, for instance: height: 180 cm → height: 320 cm
    • Substitution – Where personal identifiers are shuffled within a table or replaced with random values, for instance: ZIP: 10120 → ZIP: postcode
  • Generalization:
    • Aggregation – Where personal identifiers are generalized into a range or group, for instance: age: 30 → age: 20-35

Removing any identifiable information from a dataset allows for meaningful analysis without compromising the privacy of individuals.

Examples of use cases for anonymized data include:

  • Measuring the effectiveness of marketing campaigns.
  • Analyzing the behavior of website or mobile app users.
  • Analyzing trends and patterns.

Further reading: